MidnightBSD

Advisories for quassel-irc

CVE-2010-3443 MEDIUM

ctcphandler.cpp in Quassel before 0.6.3 and 0.7.x before 0.7.1 allows remote attackers to cause a denial of service (unresponsive IRC) via multiple Client-To-Client Protocol (CTCP) requests in a PRIVMSG message.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-399,

Products Affected

Vendor Product Version
quassel-irc quassel_irc 0.3.0.2
quassel-irc quassel_irc 0.4.1
canonical ubuntu_linux 9.04
quassel-irc quassel_irc 0.5.0
quassel-irc quassel_irc 0.4.2
canonical ubuntu_linux 10.04
quassel-irc quassel_irc 0.4.0
quassel-irc quassel_irc 0.4.3
quassel-irc quassel_irc 0.6.1
quassel-irc quassel_irc 0.3.1
quassel-irc quassel_irc 0.7.0
quassel-irc quassel_irc *
canonical ubuntu_linux 9.10
quassel-irc quassel_irc 0.3.0.1
quassel-irc quassel_irc 0.1.0
quassel-irc quassel_irc 0.3.0
quassel-irc quassel_irc 0.3.0.3
CVE-2011-3354 MEDIUM

The CtcpParser::packedReply method in core/ctcpparser.cpp in Quassel before 0.7.3 allows remote attackers to cause a denial of service (crash) via a crafted Client-To-Client Protocol (CTCP) request, as demonstrated in the wild in September 2011.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-399,

Products Affected

Vendor Product Version
quassel-irc quassel *
quassel-irc quassel 0.5.0
quassel-irc quassel 0.4.2
quassel-irc quassel 0.7.1
quassel-irc quassel 0.7.0
quassel-irc quassel 0.6.1
quassel-irc quassel 0.3.0
quassel-irc quassel 0.3.1
quassel-irc quassel 0.4.0
quassel-irc quassel 0.6.0
quassel-irc quassel 0.4.1
quassel-irc quassel 0.5.1
quassel-irc quassel 0.4.3
quassel-irc quassel 0.5.2
CVE-2013-4422 MEDIUM

SQL injection vulnerability in Quassel IRC before 0.9.1, when Qt 4.8.5 or later and PostgreSQL 8.2 or later are used, allows remote attackers to execute arbitrary SQL commands via a \ (backslash) in a message.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-89,

Products Affected

Vendor Product Version
quassel-irc quassel_irc 0.3.0.2
quassel-irc quassel_irc 0.8.0
quassel-irc quassel_irc 0.4.1
quassel-irc quassel_irc 0.5.0
quassel-irc quassel_irc 0.4.2
quassel-irc quassel_irc 0.7.3
quassel-irc quassel_irc 0.7.4
quassel-irc quassel_irc 0.4.0
quassel-irc quassel_irc 0.4.3
quassel-irc quassel_irc 0.6.1
quassel-irc quassel_irc 0.3.1
quassel-irc quassel_irc 0.7.0
quassel-irc quassel_irc *
quassel-irc quassel_irc 0.6.2
quassel-irc quassel_irc 0.3.0.1
quassel-irc quassel_irc 0.6.3
quassel-irc quassel_irc 0.7.1
quassel-irc quassel_irc 0.1.0
quassel-irc quassel_irc 0.3.0
quassel-irc quassel_irc 0.7.2
quassel-irc quassel_irc 0.3.0.3
CVE-2013-6404 MEDIUM

Quassel core (server daemon) in Quassel IRC before 0.9.2 does not properly verify the user ID when accessing user backlogs, which allows remote authenticated users to read other users' backlogs via the bufferid in (1) 16/select_buffer_by_id.sql, (2) 16/select_buffer_by_id.sql, and (3) 16/select_buffer_by_id.sql in core/SQL/PostgreSQL/.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
quassel-irc quassel_irc 0.9.0
quassel-irc quassel_irc *
CVE-2014-8483 MEDIUM

The blowfishECB function in core/cipher.cpp in Quassel IRC 0.10.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a malformed string.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
canonical ubuntu_linux 12.04
opensuse opensuse 12.3
debian debian_linux 7.0
opensuse opensuse 13.2
opensuse opensuse 13.1
quassel-irc quassel_irc 0.10.0
CVE-2015-2778 MEDIUM

Quassel before 0.12-rc1 uses an incorrect data-type size when splitting a message, which allows remote attackers to cause a denial of service (crash) via a long CTCP query containing only multibyte characters.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-399,

Products Affected

Vendor Product Version
quassel-irc quassel *
CVE-2015-2779 MEDIUM

Stack consumption vulnerability in the message splitting functionality in Quassel before 0.12-rc1 allows remote attackers to cause a denial of service (uncontrolled recursion) via a crafted massage.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-399,

Products Affected

Vendor Product Version
quassel-irc quassel *
CVE-2015-3427 HIGH

Quassel before 0.12.2 does not properly re-initialize the database session when the PostgreSQL database is restarted, which allows remote attackers to conduct SQL injection attacks via a \ (backslash) in a message. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-4422.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
quassel-irc quassel *
debian debian_linux 8.0
CVE-2015-8547 MEDIUM

The CoreUserInputHandler::doMode function in core/coreuserinputhandler.cpp in Quassel 0.10.0 allows remote attackers to cause a denial of service (application crash) via the "/op *" command in a query.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-17,

Products Affected

Vendor Product Version
quassel-irc quassel *
opensuse leap 42.1
opensuse opensuse 13.2
opensuse opensuse 13.1
CVE-2016-4414 MEDIUM

The onReadyRead function in core/coreauthhandler.cpp in Quassel before 0.12.4 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via invalid handshake data.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
quassel-irc quassel *
fedoraproject fedora 24
opensuse leap 42.1
opensuse opensuse 13.2
fedoraproject fedora 23
fedoraproject fedora 22
CVE-2018-1000178 HIGH

A heap corruption of type CWE-120 exists in quassel version 0.12.4 in quasselcore in void DataStreamPeer::processMessage(const QByteArray &msg) datastreampeer.cpp line 62 that allows an attacker to execute code remotely.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
debian debian_linux 7.0
debian debian_linux 8.0
debian debian_linux 9.0
quassel-irc quassel 0.12.4
CVE-2018-1000179 MEDIUM

A NULL Pointer Dereference of CWE-476 exists in quassel version 0.12.4 in the quasselcore void CoreAuthHandler::handle(const Login &msg) coreauthhandler.cpp line 235 that allows an attacker to cause a denial of service.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-476,

Products Affected

Vendor Product Version
debian debian_linux 8.0
debian debian_linux 9.0
quassel-irc quassel 0.12.4
CVE-2021-34825 MEDIUM

Quassel through 0.13.1, when --require-ssl is enabled, launches without SSL or TLS support if a usable X.509 certificate is not found on the local system.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-319,

Products Affected

Vendor Product Version
quassel-irc quassel *
fedoraproject fedora 34
fedoraproject fedora 33