CVE-2019-12816

Modules.cpp in ZNC before 1.7.4-rc1 allows remote authenticated non-admin users to escalate privileges and execute arbitrary code by loading a module with a crafted name.

References

Affected packages

Git / github.com/znc/znc

Affected ranges

Type: GIT
Repo: https://github.com/znc/znc
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

8de9e376ce531fe7f3c8b0aa4876d15b479b7311

Affected versions

znc-0.*

znc-0.023

znc-0.025

znc-0.027

znc-0.028

znc-0.029

znc-0.030

znc-0.033

znc-0.034

znc-0.035

znc-0.036

znc-0.037

znc-0.038

znc-0.039

znc-0.040

znc-0.041

znc-0.043

znc-0.044

znc-0.045

znc-0.047

znc-0.050

znc-0.052

znc-0.054

znc-0.054-rc1

znc-0.054-rc2

znc-0.054-rc3

znc-0.056

znc-0.058

znc-0.060

znc-0.062

znc-0.064

znc-0.066

znc-0.068

znc-0.070

znc-0.072

znc-0.094

znc-0.096

znc-0.098

znc-0.200

znc-1.*

znc-1.0

znc-1.2

znc-1.6.0

znc-1.6.1

znc-1.6.1-rc1

znc-1.6.2

znc-1.6.2-rc1

znc-1.6.3

znc-1.6.3-rc1

znc-1.6.3-rc2

znc-1.6.4

znc-1.6.4-rc1

znc-1.6.4-rc2

znc-1.6.4-rc3

znc-1.6.5

znc-1.6.5-rc1

znc-1.7.0

znc-1.7.1

znc-1.7.1-rc1

znc-1.7.2

znc-1.7.2-rc1

znc-1.7.3

znc-1.7.3-rc1

Database specific

vanir_signatures

[
    {
        "deprecated": false,
        "source": "https://github.com/znc/znc/commit/8de9e376ce531fe7f3c8b0aa4876d15b479b7311",
        "digest": {
            "line_hashes": [
                "174486753964754430516916736730871383050",
                "29275778477837198611450992203257197893",
                "307319530049013881402330522505066602242",
                "82494158934045587906733452887499443976",
                "160053286842728736588820086884220847764",
                "287617424539222821611460032335993242581",
                "209833765287222228824183705683832732667",
                "95297945510039220468508204114214847500",
                "236450068995647934809680474209327232539",
                "95912614378945415831535891127074118283",
                "219679646820246493502379246107279975593",
                "300337625527040063029589176392118851540",
                "204297166171023547714016822031300809515",
                "73956343658827535355290124036992016914",
                "18051496777745318297934926575655174890",
                "239034098034606290967669952118796928569",
                "295334044853165642485678087140871457774",
                "45729926670722493656673669137202336290",
                "571798546533859822310861521896058965",
                "211380172655941171035773268297891516276",
                "331984331098265596437389312867452663890",
                "259182456096102161138887388896962333935",
                "278816252438430496865286650787102721943",
                "225602893450083304814145166244640416013",
                "154036182678273576774730331226380439075",
                "252388954425318239832020560689011993945",
                "274893726036052713575377647643003236381"
            ],
            "threshold": 0.9
        },
        "signature_type": "Line",
        "id": "CVE-2019-12816-1290c1b3",
        "target": {
            "file": "src/Modules.cpp"
        },
        "signature_version": "v1"
    },
    {
        "deprecated": false,
        "source": "https://github.com/znc/znc/commit/8de9e376ce531fe7f3c8b0aa4876d15b479b7311",
        "digest": {
            "length": 1917.0,
            "function_hash": "95122950786339445404760154917654623114"
        },
        "signature_type": "Function",
        "id": "CVE-2019-12816-3fbc7f94",
        "target": {
            "function": "CModules::LoadModule",
            "file": "src/Modules.cpp"
        },
        "signature_version": "v1"
    },
    {
        "deprecated": false,
        "source": "https://github.com/znc/znc/commit/8de9e376ce531fe7f3c8b0aa4876d15b479b7311",
        "digest": {
            "length": 288.0,
            "function_hash": "323292578912875305148883135426334201462"
        },
        "signature_type": "Function",
        "id": "CVE-2019-12816-48abef31",
        "target": {
            "function": "CModules::GetModPathInfo",
            "file": "src/Modules.cpp"
        },
        "signature_version": "v1"
    },
    {
        "deprecated": false,
        "source": "https://github.com/znc/znc/commit/8de9e376ce531fe7f3c8b0aa4876d15b479b7311",
        "digest": {
            "line_hashes": [
                "195477839036768438441414840661911920399",
                "210936151725103424132817371752203593323",
                "101777677667273448383554422736045543017",
                "302797354415093651132654681454522280047"
            ],
            "threshold": 0.9
        },
        "signature_type": "Line",
        "id": "CVE-2019-12816-54fbb26a",
        "target": {
            "file": "include/znc/Modules.h"
        },
        "signature_version": "v1"
    },
    {
        "deprecated": false,
        "source": "https://github.com/znc/znc/commit/8de9e376ce531fe7f3c8b0aa4876d15b479b7311",
        "digest": {
            "length": 397.0,
            "function_hash": "76020489109695436136136009632747957875"
        },
        "signature_type": "Function",
        "id": "CVE-2019-12816-b44be469",
        "target": {
            "function": "CModules::GetModInfo",
            "file": "src/Modules.cpp"
        },
        "signature_version": "v1"
    },
    {
        "deprecated": false,
        "source": "https://github.com/znc/znc/commit/8de9e376ce531fe7f3c8b0aa4876d15b479b7311",
        "digest": {
            "length": 1924.0,
            "function_hash": "29121335711093038551819019924020777549"
        },
        "signature_type": "Function",
        "id": "CVE-2019-12816-d5a0c88d",
        "target": {
            "function": "CModules::OpenModule",
            "file": "src/Modules.cpp"
        },
        "signature_version": "v1"
    }
]