oval:org.mitre.oval:def:13146

Definition Id: oval:org.mitre.oval:def:13146

Oval ID:	oval:org.mitre.oval:def:13146
Title:	DSA-1735-1 znc -- missing input sanitisation
Description:	It was discovered that znc, an IRC proxy/bouncer, does not properly sanitise input contained in configuration change requests to the webadmin interface. This allows authenticated users to elevate their privileges and indirectly execute arbitrary commands. For the old stable distribution, this problem has been fixed in version 0.045-3+etch2. For the stable distribution, this problem has been fixed in version 0.058-2+lenny1. For the unstable distribution, this problem has been fixed in version 0.066-1. We recommend that you upgrade your znc packages.
Family:	unix	Class:	patch
Reference(s):	DSA-1735-1 CVE-2009-0759	Version:	5
Platform(s):	Debian GNU/Linux 4.0	Product(s):	znc
Definition Synopsis:
Debian GNU/Linux 4.0 is installed. Supported architectures section Installed architecture is s390 AND Installed architecture is amd64 AND Installed architecture is sparc AND Installed architecture is powerpc AND Installed architecture is i386 AND Installed architecture is mips AND Installed architecture is ia64 AND Installed architecture is alpha AND Installed architecture is mipsel AND Installed architecture is hppa AND znc DPKG is earlier than 0.045-3+etch2

Definition Id: oval:org.mitre.oval:def:6461

Oval ID:	oval:org.mitre.oval:def:6461
Title:	Debian GNU/Linux 4.0 is installed.
Description:	Debian GNU/Linux 4.0 (etch) is installed
Family:	unix	Class:	inventory
Reference(s):	cpe:/o:debian:debian_gnu/linux:4.0	Version:	9
Platform(s):	Debian GNU/Linux 4.0	Product(s):
Definition Synopsis:
Debian GNU/Linux 4.0 is installed
Referenced By:
oval:org.mitre.oval:def:13146