Howeyc

**Name of the Vulnerable Software and Affected Versions** ZNC versions 0.200 through 0.202 **Description** The issue allows remote attackers to cause a denial of service, resulting in a crash, by sending a crafted DCC RESUME request. This is due to a problem in the CBounceDCCMod::OnPrivCTCP function in the bouncedcc module. **Recommendations** For ZNC versions 0.200 through 0.202, consider disabling the CBounceDCCMod::OnPrivCTCP function as a temporary workaround until a patch is available. Restrict access to the bouncedcc module to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.