Search

Find a vulnerability

Search criteria

    18 vulnerabilities found for quassel by quassel-irc

    CVE-2021-34825 (GCVE-0-2021-34825)

    Vulnerability from nvd – Published: 2021-06-17 13:25 – Updated: 2024-08-04 00:26
    VLAI
    Summary
    Quassel through 0.13.1, when --require-ssl is enabled, launches without SSL or TLS support if a usable X.509 certificate is not found on the local system.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://github.com/quassel/quassel/pull/581 x_refsource_MISC
    https://lists.fedoraproject.org/archives/list/pac… vendor-advisoryx_refsource_FEDORA
    https://lists.fedoraproject.org/archives/list/pac… vendor-advisoryx_refsource_FEDORA
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T00:26:53.990Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://github.com/quassel/quassel/pull/581"
              },
              {
                "name": "FEDORA-2021-2e2ba6d39f",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JOFTSGJUJHCA3KGQBO6OZXWU7JFKVHMJ/"
              },
              {
                "name": "FEDORA-2021-75cec6e6da",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7ZFWRN5P2WG23MWMVAEVV3YBHGFJHDSW/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Quassel through 0.13.1, when --require-ssl is enabled, launches without SSL or TLS support if a usable X.509 certificate is not found on the local system."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-06-30T04:06:17.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/quassel/quassel/pull/581"
            },
            {
              "name": "FEDORA-2021-2e2ba6d39f",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JOFTSGJUJHCA3KGQBO6OZXWU7JFKVHMJ/"
            },
            {
              "name": "FEDORA-2021-75cec6e6da",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7ZFWRN5P2WG23MWMVAEVV3YBHGFJHDSW/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2021-34825",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Quassel through 0.13.1, when --require-ssl is enabled, launches without SSL or TLS support if a usable X.509 certificate is not found on the local system."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://github.com/quassel/quassel/pull/581",
                  "refsource": "MISC",
                  "url": "https://github.com/quassel/quassel/pull/581"
                },
                {
                  "name": "FEDORA-2021-2e2ba6d39f",
                  "refsource": "FEDORA",
                  "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JOFTSGJUJHCA3KGQBO6OZXWU7JFKVHMJ/"
                },
                {
                  "name": "FEDORA-2021-75cec6e6da",
                  "refsource": "FEDORA",
                  "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7ZFWRN5P2WG23MWMVAEVV3YBHGFJHDSW/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2021-34825",
        "datePublished": "2021-06-17T13:25:39.000Z",
        "dateReserved": "2021-06-17T00:00:00.000Z",
        "dateUpdated": "2024-08-04T00:26:53.990Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-1000179 (GCVE-0-2018-1000179)

    Vulnerability from nvd – Published: 2018-05-08 15:00 – Updated: 2024-08-05 12:33
    VLAI
    Summary
    A NULL Pointer Dereference of CWE-476 exists in quassel version 0.12.4 in the quasselcore void CoreAuthHandler::handle(const Login &msg) coreauthhandler.cpp line 235 that allows an attacker to cause a denial of service.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://www.debian.org/security/2018/dsa-4189 vendor-advisoryx_refsource_DEBIAN
    https://security.gentoo.org/glsa/201806-04 vendor-advisoryx_refsource_GENTOO
    https://github.com/quassel/quassel/blob/master/sr… x_refsource_CONFIRM
    https://usn.ubuntu.com/4594-1/ vendor-advisoryx_refsource_UBUNTU
    Date Public
    2018-04-23 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T12:33:49.457Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "DSA-4189",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "https://www.debian.org/security/2018/dsa-4189"
              },
              {
                "name": "GLSA-201806-04",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "https://security.gentoo.org/glsa/201806-04"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://github.com/quassel/quassel/blob/master/src/core/coreauthhandler.cpp#L236"
              },
              {
                "name": "USN-4594-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "https://usn.ubuntu.com/4594-1/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "dateAssigned": "2018-04-30T00:00:00.000Z",
          "datePublic": "2018-04-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A NULL Pointer Dereference of CWE-476 exists in quassel version 0.12.4 in the quasselcore void CoreAuthHandler::handle(const Login \u0026msg) coreauthhandler.cpp line 235 that allows an attacker to cause a denial of service."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-10-26T21:06:31.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "DSA-4189",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "https://www.debian.org/security/2018/dsa-4189"
            },
            {
              "name": "GLSA-201806-04",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "https://security.gentoo.org/glsa/201806-04"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/quassel/quassel/blob/master/src/core/coreauthhandler.cpp#L236"
            },
            {
              "name": "USN-4594-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "https://usn.ubuntu.com/4594-1/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "DATE_ASSIGNED": "2018-04-30T20:15:49.358309",
              "DATE_REQUESTED": "2018-04-23T00:00:00",
              "ID": "CVE-2018-1000179",
              "REQUESTER": "nongiach@gmail.com",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A NULL Pointer Dereference of CWE-476 exists in quassel version 0.12.4 in the quasselcore void CoreAuthHandler::handle(const Login \u0026msg) coreauthhandler.cpp line 235 that allows an attacker to cause a denial of service."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "DSA-4189",
                  "refsource": "DEBIAN",
                  "url": "https://www.debian.org/security/2018/dsa-4189"
                },
                {
                  "name": "GLSA-201806-04",
                  "refsource": "GENTOO",
                  "url": "https://security.gentoo.org/glsa/201806-04"
                },
                {
                  "name": "https://github.com/quassel/quassel/blob/master/src/core/coreauthhandler.cpp#L236",
                  "refsource": "CONFIRM",
                  "url": "https://github.com/quassel/quassel/blob/master/src/core/coreauthhandler.cpp#L236"
                },
                {
                  "name": "USN-4594-1",
                  "refsource": "UBUNTU",
                  "url": "https://usn.ubuntu.com/4594-1/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2018-1000179",
        "datePublished": "2018-05-08T15:00:00.000Z",
        "dateReserved": "2018-04-23T00:00:00.000Z",
        "dateUpdated": "2024-08-05T12:33:49.457Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-1000178 (GCVE-0-2018-1000178)

    Vulnerability from nvd – Published: 2018-05-08 15:00 – Updated: 2024-08-05 12:33
    VLAI
    Summary
    A heap corruption of type CWE-120 exists in quassel version 0.12.4 in quasselcore in void DataStreamPeer::processMessage(const QByteArray &msg) datastreampeer.cpp line 62 that allows an attacker to execute code remotely.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://www.debian.org/security/2018/dsa-4189 vendor-advisoryx_refsource_DEBIAN
    https://lists.debian.org/debian-lts-announce/2018… mailing-listx_refsource_MLIST
    https://github.com/quassel/quassel/blob/master/sr… x_refsource_CONFIRM
    https://security.gentoo.org/glsa/201806-04 vendor-advisoryx_refsource_GENTOO
    https://i.imgur.com/JJ4QcNq.png x_refsource_MISC
    https://usn.ubuntu.com/4594-1/ vendor-advisoryx_refsource_UBUNTU
    Date Public
    2018-04-23 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T12:33:49.367Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "DSA-4189",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "https://www.debian.org/security/2018/dsa-4189"
              },
              {
                "name": "[debian-lts-announce] 20180504 [SECURITY] [DLA 1370-1] quassel security update",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00001.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://github.com/quassel/quassel/blob/master/src/common/protocols/datastream/datastreampeer.cpp#L62"
              },
              {
                "name": "GLSA-201806-04",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "https://security.gentoo.org/glsa/201806-04"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://i.imgur.com/JJ4QcNq.png"
              },
              {
                "name": "USN-4594-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "https://usn.ubuntu.com/4594-1/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "dateAssigned": "2018-04-30T00:00:00.000Z",
          "datePublic": "2018-04-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A heap corruption of type CWE-120 exists in quassel version 0.12.4 in quasselcore in void DataStreamPeer::processMessage(const QByteArray \u0026msg) datastreampeer.cpp line 62 that allows an attacker to execute code remotely."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-10-26T21:06:31.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "DSA-4189",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "https://www.debian.org/security/2018/dsa-4189"
            },
            {
              "name": "[debian-lts-announce] 20180504 [SECURITY] [DLA 1370-1] quassel security update",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00001.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/quassel/quassel/blob/master/src/common/protocols/datastream/datastreampeer.cpp#L62"
            },
            {
              "name": "GLSA-201806-04",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "https://security.gentoo.org/glsa/201806-04"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://i.imgur.com/JJ4QcNq.png"
            },
            {
              "name": "USN-4594-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "https://usn.ubuntu.com/4594-1/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "DATE_ASSIGNED": "2018-04-30T20:15:49.357909",
              "DATE_REQUESTED": "2018-04-23T00:00:00",
              "ID": "CVE-2018-1000178",
              "REQUESTER": "nongiach@gmail.com",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A heap corruption of type CWE-120 exists in quassel version 0.12.4 in quasselcore in void DataStreamPeer::processMessage(const QByteArray \u0026msg) datastreampeer.cpp line 62 that allows an attacker to execute code remotely."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "DSA-4189",
                  "refsource": "DEBIAN",
                  "url": "https://www.debian.org/security/2018/dsa-4189"
                },
                {
                  "name": "[debian-lts-announce] 20180504 [SECURITY] [DLA 1370-1] quassel security update",
                  "refsource": "MLIST",
                  "url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00001.html"
                },
                {
                  "name": "https://github.com/quassel/quassel/blob/master/src/common/protocols/datastream/datastreampeer.cpp#L62",
                  "refsource": "CONFIRM",
                  "url": "https://github.com/quassel/quassel/blob/master/src/common/protocols/datastream/datastreampeer.cpp#L62"
                },
                {
                  "name": "GLSA-201806-04",
                  "refsource": "GENTOO",
                  "url": "https://security.gentoo.org/glsa/201806-04"
                },
                {
                  "name": "https://i.imgur.com/JJ4QcNq.png",
                  "refsource": "MISC",
                  "url": "https://i.imgur.com/JJ4QcNq.png"
                },
                {
                  "name": "USN-4594-1",
                  "refsource": "UBUNTU",
                  "url": "https://usn.ubuntu.com/4594-1/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2018-1000178",
        "datePublished": "2018-05-08T15:00:00.000Z",
        "dateReserved": "2018-04-23T00:00:00.000Z",
        "dateUpdated": "2024-08-05T12:33:49.367Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-4414 (GCVE-0-2016-4414)

    Vulnerability from nvd – Published: 2016-06-13 19:00 – Updated: 2024-08-06 00:25
    VLAI
    Summary
    The onReadyRead function in core/coreauthhandler.cpp in Quassel before 0.12.4 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via invalid handshake data.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2016-04-24 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T00:25:14.590Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "[oss-security] 20160430 Re: CVE request - Quassel IRC denial of service",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2016/04/30/4"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://github.com/quassel/quassel/commit/e678873"
              },
              {
                "name": "openSUSE-SU-2016:1314",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00063.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://quassel-irc.org/node/129"
              },
              {
                "name": "FEDORA-2016-bf916bcc04",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183746.html"
              },
              {
                "name": "[oss-security] 20160430 CVE request - Quassel IRC denial of service",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2016/04/30/2"
              },
              {
                "name": "FEDORA-2016-42f30d76a0",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183571.html"
              },
              {
                "name": "FEDORA-2016-0431acaa78",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183585.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2016-04-24T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The onReadyRead function in core/coreauthhandler.cpp in Quassel before 0.12.4 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via invalid handshake data."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2016-06-13T18:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "[oss-security] 20160430 Re: CVE request - Quassel IRC denial of service",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2016/04/30/4"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/quassel/quassel/commit/e678873"
            },
            {
              "name": "openSUSE-SU-2016:1314",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00063.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://quassel-irc.org/node/129"
            },
            {
              "name": "FEDORA-2016-bf916bcc04",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183746.html"
            },
            {
              "name": "[oss-security] 20160430 CVE request - Quassel IRC denial of service",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2016/04/30/2"
            },
            {
              "name": "FEDORA-2016-42f30d76a0",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183571.html"
            },
            {
              "name": "FEDORA-2016-0431acaa78",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183585.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2016-4414",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The onReadyRead function in core/coreauthhandler.cpp in Quassel before 0.12.4 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via invalid handshake data."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "[oss-security] 20160430 Re: CVE request - Quassel IRC denial of service",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2016/04/30/4"
                },
                {
                  "name": "https://github.com/quassel/quassel/commit/e678873",
                  "refsource": "CONFIRM",
                  "url": "https://github.com/quassel/quassel/commit/e678873"
                },
                {
                  "name": "openSUSE-SU-2016:1314",
                  "refsource": "SUSE",
                  "url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00063.html"
                },
                {
                  "name": "http://quassel-irc.org/node/129",
                  "refsource": "CONFIRM",
                  "url": "http://quassel-irc.org/node/129"
                },
                {
                  "name": "FEDORA-2016-bf916bcc04",
                  "refsource": "FEDORA",
                  "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183746.html"
                },
                {
                  "name": "[oss-security] 20160430 CVE request - Quassel IRC denial of service",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2016/04/30/2"
                },
                {
                  "name": "FEDORA-2016-42f30d76a0",
                  "refsource": "FEDORA",
                  "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183571.html"
                },
                {
                  "name": "FEDORA-2016-0431acaa78",
                  "refsource": "FEDORA",
                  "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183585.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2016-4414",
        "datePublished": "2016-06-13T19:00:00.000Z",
        "dateReserved": "2016-04-30T00:00:00.000Z",
        "dateUpdated": "2024-08-06T00:25:14.590Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2015-8547 (GCVE-0-2015-8547)

    Vulnerability from nvd – Published: 2016-01-08 19:00 – Updated: 2024-08-06 08:20
    VLAI
    Summary
    The CoreUserInputHandler::doMode function in core/coreuserinputhandler.cpp in Quassel 0.10.0 allows remote attackers to cause a denial of service (application crash) via the "/op *" command in a query.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2015-12-12 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T08:20:43.506Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "openSUSE-SU-2015:2345",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00099.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://github.com/quassel/quassel/pull/153"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://github.com/quassel/quassel/commit/b8edbda019eeb99da8663193e224efc9d1265dc7"
              },
              {
                "name": "FEDORA-2016-3bc3d7f66e",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174976.html"
              },
              {
                "name": "FEDORA-2016-7f0b1e47ac",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174938.html"
              },
              {
                "name": "[oss-security] 20151212 CVE request: Remote DoS in Quassel",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2015/12/12/1"
              },
              {
                "name": "[oss-security] 20151212 Re: CVE request: Remote DoS in Quassel",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2015/12/13/1"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2015-12-12T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The CoreUserInputHandler::doMode function in core/coreuserinputhandler.cpp in Quassel 0.10.0 allows remote attackers to cause a denial of service (application crash) via the \"/op *\" command in a query."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2016-12-05T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "openSUSE-SU-2015:2345",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00099.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/quassel/quassel/pull/153"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/quassel/quassel/commit/b8edbda019eeb99da8663193e224efc9d1265dc7"
            },
            {
              "name": "FEDORA-2016-3bc3d7f66e",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174976.html"
            },
            {
              "name": "FEDORA-2016-7f0b1e47ac",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174938.html"
            },
            {
              "name": "[oss-security] 20151212 CVE request: Remote DoS in Quassel",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2015/12/12/1"
            },
            {
              "name": "[oss-security] 20151212 Re: CVE request: Remote DoS in Quassel",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2015/12/13/1"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2015-8547",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The CoreUserInputHandler::doMode function in core/coreuserinputhandler.cpp in Quassel 0.10.0 allows remote attackers to cause a denial of service (application crash) via the \"/op *\" command in a query."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "openSUSE-SU-2015:2345",
                  "refsource": "SUSE",
                  "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00099.html"
                },
                {
                  "name": "https://github.com/quassel/quassel/pull/153",
                  "refsource": "CONFIRM",
                  "url": "https://github.com/quassel/quassel/pull/153"
                },
                {
                  "name": "https://github.com/quassel/quassel/commit/b8edbda019eeb99da8663193e224efc9d1265dc7",
                  "refsource": "CONFIRM",
                  "url": "https://github.com/quassel/quassel/commit/b8edbda019eeb99da8663193e224efc9d1265dc7"
                },
                {
                  "name": "FEDORA-2016-3bc3d7f66e",
                  "refsource": "FEDORA",
                  "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174976.html"
                },
                {
                  "name": "FEDORA-2016-7f0b1e47ac",
                  "refsource": "FEDORA",
                  "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174938.html"
                },
                {
                  "name": "[oss-security] 20151212 CVE request: Remote DoS in Quassel",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2015/12/12/1"
                },
                {
                  "name": "[oss-security] 20151212 Re: CVE request: Remote DoS in Quassel",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2015/12/13/1"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2015-8547",
        "datePublished": "2016-01-08T19:00:00.000Z",
        "dateReserved": "2015-12-12T00:00:00.000Z",
        "dateUpdated": "2024-08-06T08:20:43.506Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2015-3427 (GCVE-0-2015-3427)

    Vulnerability from nvd – Published: 2015-05-14 14:00 – Updated: 2024-08-06 05:47
    VLAI
    Summary
    Quassel before 0.12.2 does not properly re-initialize the database session when the PostgreSQL database is restarted, which allows remote attackers to conduct SQL injection attacks via a \ (backslash) in a message. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-4422.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.quassel-irc.org/node/127 x_refsource_CONFIRM
    http://www.debian.org/security/2015/dsa-3258 vendor-advisoryx_refsource_DEBIAN
    http://www.securityfocus.com/bid/74339 vdb-entryx_refsource_BID
    Date Public
    2015-05-12 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T05:47:57.675Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.quassel-irc.org/node/127"
              },
              {
                "name": "DSA-3258",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2015/dsa-3258"
              },
              {
                "name": "74339",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/74339"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2015-05-12T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Quassel before 0.12.2 does not properly re-initialize the database session when the PostgreSQL database is restarted, which allows remote attackers to conduct SQL injection attacks via a \\ (backslash) in a message.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-4422."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2016-12-02T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.quassel-irc.org/node/127"
            },
            {
              "name": "DSA-3258",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2015/dsa-3258"
            },
            {
              "name": "74339",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/74339"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2015-3427",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Quassel before 0.12.2 does not properly re-initialize the database session when the PostgreSQL database is restarted, which allows remote attackers to conduct SQL injection attacks via a \\ (backslash) in a message.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-4422."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.quassel-irc.org/node/127",
                  "refsource": "CONFIRM",
                  "url": "http://www.quassel-irc.org/node/127"
                },
                {
                  "name": "DSA-3258",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2015/dsa-3258"
                },
                {
                  "name": "74339",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/74339"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2015-3427",
        "datePublished": "2015-05-14T14:00:00.000Z",
        "dateReserved": "2015-04-27T00:00:00.000Z",
        "dateUpdated": "2024-08-06T05:47:57.675Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2015-2779 (GCVE-0-2015-2779)

    Vulnerability from nvd – Published: 2015-04-10 14:00 – Updated: 2024-08-06 05:24
    VLAI
    Summary
    Stack consumption vulnerability in the message splitting functionality in Quassel before 0.12-rc1 allows remote attackers to cause a denial of service (uncontrolled recursion) via a crafted massage.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2015-02-21 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T05:24:38.903Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://github.com/quassel/quassel/commit/b5e38970ffd55e2dd9f706ce75af9a8d7730b1b8"
              },
              {
                "name": "[oss-security] 20150320 CVE request: denial of service in Quassel",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2015/03/20/12"
              },
              {
                "name": "74048",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/74048"
              },
              {
                "name": "openSUSE-SU-2015:0687",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-updates/2015-04/msg00018.html"
              },
              {
                "name": "[oss-security] 20150327 Re: CVE request: denial of service in Quassel",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2015/03/27/11"
              },
              {
                "name": "FEDORA-2015-4689",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163054.html"
              },
              {
                "name": "[oss-security] 20150328 Re: CVE request: denial of service in Quassel",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2015/03/28/3"
              },
              {
                "name": "FEDORA-2015-4531",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158666.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2015-02-21T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Stack consumption vulnerability in the message splitting functionality in Quassel before 0.12-rc1 allows remote attackers to cause a denial of service (uncontrolled recursion) via a crafted massage."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2016-11-30T18:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/quassel/quassel/commit/b5e38970ffd55e2dd9f706ce75af9a8d7730b1b8"
            },
            {
              "name": "[oss-security] 20150320 CVE request: denial of service in Quassel",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2015/03/20/12"
            },
            {
              "name": "74048",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/74048"
            },
            {
              "name": "openSUSE-SU-2015:0687",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-updates/2015-04/msg00018.html"
            },
            {
              "name": "[oss-security] 20150327 Re: CVE request: denial of service in Quassel",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2015/03/27/11"
            },
            {
              "name": "FEDORA-2015-4689",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163054.html"
            },
            {
              "name": "[oss-security] 20150328 Re: CVE request: denial of service in Quassel",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2015/03/28/3"
            },
            {
              "name": "FEDORA-2015-4531",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158666.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2015-2779",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Stack consumption vulnerability in the message splitting functionality in Quassel before 0.12-rc1 allows remote attackers to cause a denial of service (uncontrolled recursion) via a crafted massage."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://github.com/quassel/quassel/commit/b5e38970ffd55e2dd9f706ce75af9a8d7730b1b8",
                  "refsource": "CONFIRM",
                  "url": "https://github.com/quassel/quassel/commit/b5e38970ffd55e2dd9f706ce75af9a8d7730b1b8"
                },
                {
                  "name": "[oss-security] 20150320 CVE request: denial of service in Quassel",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2015/03/20/12"
                },
                {
                  "name": "74048",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/74048"
                },
                {
                  "name": "openSUSE-SU-2015:0687",
                  "refsource": "SUSE",
                  "url": "http://lists.opensuse.org/opensuse-updates/2015-04/msg00018.html"
                },
                {
                  "name": "[oss-security] 20150327 Re: CVE request: denial of service in Quassel",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2015/03/27/11"
                },
                {
                  "name": "FEDORA-2015-4689",
                  "refsource": "FEDORA",
                  "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163054.html"
                },
                {
                  "name": "[oss-security] 20150328 Re: CVE request: denial of service in Quassel",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2015/03/28/3"
                },
                {
                  "name": "FEDORA-2015-4531",
                  "refsource": "FEDORA",
                  "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158666.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2015-2779",
        "datePublished": "2015-04-10T14:00:00.000Z",
        "dateReserved": "2015-03-27T00:00:00.000Z",
        "dateUpdated": "2024-08-06T05:24:38.903Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2015-2778 (GCVE-0-2015-2778)

    Vulnerability from nvd – Published: 2015-04-10 14:00 – Updated: 2024-08-06 05:24
    VLAI
    Summary
    Quassel before 0.12-rc1 uses an incorrect data-type size when splitting a message, which allows remote attackers to cause a denial of service (crash) via a long CTCP query containing only multibyte characters.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2015-02-21 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T05:24:38.933Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://github.com/quassel/quassel/commit/b5e38970ffd55e2dd9f706ce75af9a8d7730b1b8"
              },
              {
                "name": "[oss-security] 20150320 CVE request: denial of service in Quassel",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2015/03/20/12"
              },
              {
                "name": "openSUSE-SU-2015:0687",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-updates/2015-04/msg00018.html"
              },
              {
                "name": "[oss-security] 20150327 Re: CVE request: denial of service in Quassel",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2015/03/27/11"
              },
              {
                "name": "[oss-security] 20150328 Re: CVE request: denial of service in Quassel",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2015/03/28/3"
              },
              {
                "name": "73305",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/73305"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2015-02-21T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Quassel before 0.12-rc1 uses an incorrect data-type size when splitting a message, which allows remote attackers to cause a denial of service (crash) via a long CTCP query containing only multibyte characters."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2016-11-30T18:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/quassel/quassel/commit/b5e38970ffd55e2dd9f706ce75af9a8d7730b1b8"
            },
            {
              "name": "[oss-security] 20150320 CVE request: denial of service in Quassel",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2015/03/20/12"
            },
            {
              "name": "openSUSE-SU-2015:0687",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-updates/2015-04/msg00018.html"
            },
            {
              "name": "[oss-security] 20150327 Re: CVE request: denial of service in Quassel",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2015/03/27/11"
            },
            {
              "name": "[oss-security] 20150328 Re: CVE request: denial of service in Quassel",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2015/03/28/3"
            },
            {
              "name": "73305",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/73305"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2015-2778",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Quassel before 0.12-rc1 uses an incorrect data-type size when splitting a message, which allows remote attackers to cause a denial of service (crash) via a long CTCP query containing only multibyte characters."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://github.com/quassel/quassel/commit/b5e38970ffd55e2dd9f706ce75af9a8d7730b1b8",
                  "refsource": "CONFIRM",
                  "url": "https://github.com/quassel/quassel/commit/b5e38970ffd55e2dd9f706ce75af9a8d7730b1b8"
                },
                {
                  "name": "[oss-security] 20150320 CVE request: denial of service in Quassel",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2015/03/20/12"
                },
                {
                  "name": "openSUSE-SU-2015:0687",
                  "refsource": "SUSE",
                  "url": "http://lists.opensuse.org/opensuse-updates/2015-04/msg00018.html"
                },
                {
                  "name": "[oss-security] 20150327 Re: CVE request: denial of service in Quassel",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2015/03/27/11"
                },
                {
                  "name": "[oss-security] 20150328 Re: CVE request: denial of service in Quassel",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2015/03/28/3"
                },
                {
                  "name": "73305",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/73305"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2015-2778",
        "datePublished": "2015-04-10T14:00:00.000Z",
        "dateReserved": "2015-03-27T00:00:00.000Z",
        "dateUpdated": "2024-08-06T05:24:38.933Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2011-3354 (GCVE-0-2011-3354)

    Vulnerability from nvd – Published: 2011-10-04 10:00 – Updated: 2024-08-06 23:29
    VLAI
    Summary
    The CtcpParser::packedReply method in core/ctcpparser.cpp in Quassel before 0.7.3 allows remote attackers to cause a denial of service (crash) via a crafted Client-To-Client Protocol (CTCP) request, as demonstrated in the wild in September 2011.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://osvdb.org/75351 vdb-entryx_refsource_OSVDB
    http://secunia.com/advisories/45970 third-party-advisoryx_refsource_SECUNIA
    http://www.ubuntu.com/usn/USN-1200-1 vendor-advisoryx_refsource_UBUNTU
    http://bugs.quassel-irc.org/projects/quassel-irc/… x_refsource_CONFIRM
    http://www.securityfocus.com/bid/49526 vdb-entryx_refsource_BID
    https://bugs.gentoo.org/show_bug.cgi?id=382313 x_refsource_CONFIRM
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.openwall.com/lists/oss-security/2011/09/09/7 mailing-listx_refsource_MLIST
    http://www.openwall.com/lists/oss-security/2011/09/08/7 mailing-listx_refsource_MLIST
    Date Public
    2011-09-08 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T23:29:56.836Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "75351",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/75351"
              },
              {
                "name": "45970",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/45970"
              },
              {
                "name": "USN-1200-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "http://www.ubuntu.com/usn/USN-1200-1"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://bugs.quassel-irc.org/projects/quassel-irc/repository/revisions/da215fcb9cd3096a3e223c87577d5d4ab8f8518b/diff/src/core/ctcpparser.cpp"
              },
              {
                "name": "49526",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/49526"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugs.gentoo.org/show_bug.cgi?id=382313"
              },
              {
                "name": "quasselirc-ctcp-dos(69682)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69682"
              },
              {
                "name": "[oss-security] 20110909 Re: CVE request: Quassel \u003c 0.7.3 CTCP request core DoS",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2011/09/09/7"
              },
              {
                "name": "[oss-security] 20110908 CVE request: Quassel \u003c 0.7.3 CTCP request core DoS",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2011/09/08/7"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2011-09-08T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The CtcpParser::packedReply method in core/ctcpparser.cpp in Quassel before 0.7.3 allows remote attackers to cause a denial of service (crash) via a crafted Client-To-Client Protocol (CTCP) request, as demonstrated in the wild in September 2011."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-28T12:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "75351",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/75351"
            },
            {
              "name": "45970",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/45970"
            },
            {
              "name": "USN-1200-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "http://www.ubuntu.com/usn/USN-1200-1"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://bugs.quassel-irc.org/projects/quassel-irc/repository/revisions/da215fcb9cd3096a3e223c87577d5d4ab8f8518b/diff/src/core/ctcpparser.cpp"
            },
            {
              "name": "49526",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/49526"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugs.gentoo.org/show_bug.cgi?id=382313"
            },
            {
              "name": "quasselirc-ctcp-dos(69682)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69682"
            },
            {
              "name": "[oss-security] 20110909 Re: CVE request: Quassel \u003c 0.7.3 CTCP request core DoS",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2011/09/09/7"
            },
            {
              "name": "[oss-security] 20110908 CVE request: Quassel \u003c 0.7.3 CTCP request core DoS",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2011/09/08/7"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2011-3354",
        "datePublished": "2011-10-04T10:00:00.000Z",
        "dateReserved": "2011-08-30T00:00:00.000Z",
        "dateUpdated": "2024-08-06T23:29:56.836Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-34825 (GCVE-0-2021-34825)

    Vulnerability from cvelistv5 – Published: 2021-06-17 13:25 – Updated: 2024-08-04 00:26
    VLAI
    Summary
    Quassel through 0.13.1, when --require-ssl is enabled, launches without SSL or TLS support if a usable X.509 certificate is not found on the local system.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://github.com/quassel/quassel/pull/581 x_refsource_MISC
    https://lists.fedoraproject.org/archives/list/pac… vendor-advisoryx_refsource_FEDORA
    https://lists.fedoraproject.org/archives/list/pac… vendor-advisoryx_refsource_FEDORA
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T00:26:53.990Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://github.com/quassel/quassel/pull/581"
              },
              {
                "name": "FEDORA-2021-2e2ba6d39f",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JOFTSGJUJHCA3KGQBO6OZXWU7JFKVHMJ/"
              },
              {
                "name": "FEDORA-2021-75cec6e6da",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7ZFWRN5P2WG23MWMVAEVV3YBHGFJHDSW/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Quassel through 0.13.1, when --require-ssl is enabled, launches without SSL or TLS support if a usable X.509 certificate is not found on the local system."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-06-30T04:06:17.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/quassel/quassel/pull/581"
            },
            {
              "name": "FEDORA-2021-2e2ba6d39f",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JOFTSGJUJHCA3KGQBO6OZXWU7JFKVHMJ/"
            },
            {
              "name": "FEDORA-2021-75cec6e6da",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7ZFWRN5P2WG23MWMVAEVV3YBHGFJHDSW/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2021-34825",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Quassel through 0.13.1, when --require-ssl is enabled, launches without SSL or TLS support if a usable X.509 certificate is not found on the local system."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://github.com/quassel/quassel/pull/581",
                  "refsource": "MISC",
                  "url": "https://github.com/quassel/quassel/pull/581"
                },
                {
                  "name": "FEDORA-2021-2e2ba6d39f",
                  "refsource": "FEDORA",
                  "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JOFTSGJUJHCA3KGQBO6OZXWU7JFKVHMJ/"
                },
                {
                  "name": "FEDORA-2021-75cec6e6da",
                  "refsource": "FEDORA",
                  "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7ZFWRN5P2WG23MWMVAEVV3YBHGFJHDSW/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2021-34825",
        "datePublished": "2021-06-17T13:25:39.000Z",
        "dateReserved": "2021-06-17T00:00:00.000Z",
        "dateUpdated": "2024-08-04T00:26:53.990Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-1000178 (GCVE-0-2018-1000178)

    Vulnerability from cvelistv5 – Published: 2018-05-08 15:00 – Updated: 2024-08-05 12:33
    VLAI
    Summary
    A heap corruption of type CWE-120 exists in quassel version 0.12.4 in quasselcore in void DataStreamPeer::processMessage(const QByteArray &msg) datastreampeer.cpp line 62 that allows an attacker to execute code remotely.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://www.debian.org/security/2018/dsa-4189 vendor-advisoryx_refsource_DEBIAN
    https://lists.debian.org/debian-lts-announce/2018… mailing-listx_refsource_MLIST
    https://github.com/quassel/quassel/blob/master/sr… x_refsource_CONFIRM
    https://security.gentoo.org/glsa/201806-04 vendor-advisoryx_refsource_GENTOO
    https://i.imgur.com/JJ4QcNq.png x_refsource_MISC
    https://usn.ubuntu.com/4594-1/ vendor-advisoryx_refsource_UBUNTU
    Date Public
    2018-04-23 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T12:33:49.367Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "DSA-4189",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "https://www.debian.org/security/2018/dsa-4189"
              },
              {
                "name": "[debian-lts-announce] 20180504 [SECURITY] [DLA 1370-1] quassel security update",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00001.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://github.com/quassel/quassel/blob/master/src/common/protocols/datastream/datastreampeer.cpp#L62"
              },
              {
                "name": "GLSA-201806-04",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "https://security.gentoo.org/glsa/201806-04"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://i.imgur.com/JJ4QcNq.png"
              },
              {
                "name": "USN-4594-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "https://usn.ubuntu.com/4594-1/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "dateAssigned": "2018-04-30T00:00:00.000Z",
          "datePublic": "2018-04-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A heap corruption of type CWE-120 exists in quassel version 0.12.4 in quasselcore in void DataStreamPeer::processMessage(const QByteArray \u0026msg) datastreampeer.cpp line 62 that allows an attacker to execute code remotely."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-10-26T21:06:31.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "DSA-4189",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "https://www.debian.org/security/2018/dsa-4189"
            },
            {
              "name": "[debian-lts-announce] 20180504 [SECURITY] [DLA 1370-1] quassel security update",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00001.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/quassel/quassel/blob/master/src/common/protocols/datastream/datastreampeer.cpp#L62"
            },
            {
              "name": "GLSA-201806-04",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "https://security.gentoo.org/glsa/201806-04"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://i.imgur.com/JJ4QcNq.png"
            },
            {
              "name": "USN-4594-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "https://usn.ubuntu.com/4594-1/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "DATE_ASSIGNED": "2018-04-30T20:15:49.357909",
              "DATE_REQUESTED": "2018-04-23T00:00:00",
              "ID": "CVE-2018-1000178",
              "REQUESTER": "nongiach@gmail.com",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A heap corruption of type CWE-120 exists in quassel version 0.12.4 in quasselcore in void DataStreamPeer::processMessage(const QByteArray \u0026msg) datastreampeer.cpp line 62 that allows an attacker to execute code remotely."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "DSA-4189",
                  "refsource": "DEBIAN",
                  "url": "https://www.debian.org/security/2018/dsa-4189"
                },
                {
                  "name": "[debian-lts-announce] 20180504 [SECURITY] [DLA 1370-1] quassel security update",
                  "refsource": "MLIST",
                  "url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00001.html"
                },
                {
                  "name": "https://github.com/quassel/quassel/blob/master/src/common/protocols/datastream/datastreampeer.cpp#L62",
                  "refsource": "CONFIRM",
                  "url": "https://github.com/quassel/quassel/blob/master/src/common/protocols/datastream/datastreampeer.cpp#L62"
                },
                {
                  "name": "GLSA-201806-04",
                  "refsource": "GENTOO",
                  "url": "https://security.gentoo.org/glsa/201806-04"
                },
                {
                  "name": "https://i.imgur.com/JJ4QcNq.png",
                  "refsource": "MISC",
                  "url": "https://i.imgur.com/JJ4QcNq.png"
                },
                {
                  "name": "USN-4594-1",
                  "refsource": "UBUNTU",
                  "url": "https://usn.ubuntu.com/4594-1/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2018-1000178",
        "datePublished": "2018-05-08T15:00:00.000Z",
        "dateReserved": "2018-04-23T00:00:00.000Z",
        "dateUpdated": "2024-08-05T12:33:49.367Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-1000179 (GCVE-0-2018-1000179)

    Vulnerability from cvelistv5 – Published: 2018-05-08 15:00 – Updated: 2024-08-05 12:33
    VLAI
    Summary
    A NULL Pointer Dereference of CWE-476 exists in quassel version 0.12.4 in the quasselcore void CoreAuthHandler::handle(const Login &msg) coreauthhandler.cpp line 235 that allows an attacker to cause a denial of service.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://www.debian.org/security/2018/dsa-4189 vendor-advisoryx_refsource_DEBIAN
    https://security.gentoo.org/glsa/201806-04 vendor-advisoryx_refsource_GENTOO
    https://github.com/quassel/quassel/blob/master/sr… x_refsource_CONFIRM
    https://usn.ubuntu.com/4594-1/ vendor-advisoryx_refsource_UBUNTU
    Date Public
    2018-04-23 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T12:33:49.457Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "DSA-4189",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "https://www.debian.org/security/2018/dsa-4189"
              },
              {
                "name": "GLSA-201806-04",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "https://security.gentoo.org/glsa/201806-04"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://github.com/quassel/quassel/blob/master/src/core/coreauthhandler.cpp#L236"
              },
              {
                "name": "USN-4594-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "https://usn.ubuntu.com/4594-1/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "dateAssigned": "2018-04-30T00:00:00.000Z",
          "datePublic": "2018-04-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A NULL Pointer Dereference of CWE-476 exists in quassel version 0.12.4 in the quasselcore void CoreAuthHandler::handle(const Login \u0026msg) coreauthhandler.cpp line 235 that allows an attacker to cause a denial of service."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-10-26T21:06:31.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "DSA-4189",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "https://www.debian.org/security/2018/dsa-4189"
            },
            {
              "name": "GLSA-201806-04",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "https://security.gentoo.org/glsa/201806-04"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/quassel/quassel/blob/master/src/core/coreauthhandler.cpp#L236"
            },
            {
              "name": "USN-4594-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "https://usn.ubuntu.com/4594-1/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "DATE_ASSIGNED": "2018-04-30T20:15:49.358309",
              "DATE_REQUESTED": "2018-04-23T00:00:00",
              "ID": "CVE-2018-1000179",
              "REQUESTER": "nongiach@gmail.com",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A NULL Pointer Dereference of CWE-476 exists in quassel version 0.12.4 in the quasselcore void CoreAuthHandler::handle(const Login \u0026msg) coreauthhandler.cpp line 235 that allows an attacker to cause a denial of service."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "DSA-4189",
                  "refsource": "DEBIAN",
                  "url": "https://www.debian.org/security/2018/dsa-4189"
                },
                {
                  "name": "GLSA-201806-04",
                  "refsource": "GENTOO",
                  "url": "https://security.gentoo.org/glsa/201806-04"
                },
                {
                  "name": "https://github.com/quassel/quassel/blob/master/src/core/coreauthhandler.cpp#L236",
                  "refsource": "CONFIRM",
                  "url": "https://github.com/quassel/quassel/blob/master/src/core/coreauthhandler.cpp#L236"
                },
                {
                  "name": "USN-4594-1",
                  "refsource": "UBUNTU",
                  "url": "https://usn.ubuntu.com/4594-1/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2018-1000179",
        "datePublished": "2018-05-08T15:00:00.000Z",
        "dateReserved": "2018-04-23T00:00:00.000Z",
        "dateUpdated": "2024-08-05T12:33:49.457Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-4414 (GCVE-0-2016-4414)

    Vulnerability from cvelistv5 – Published: 2016-06-13 19:00 – Updated: 2024-08-06 00:25
    VLAI
    Summary
    The onReadyRead function in core/coreauthhandler.cpp in Quassel before 0.12.4 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via invalid handshake data.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2016-04-24 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T00:25:14.590Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "[oss-security] 20160430 Re: CVE request - Quassel IRC denial of service",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2016/04/30/4"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://github.com/quassel/quassel/commit/e678873"
              },
              {
                "name": "openSUSE-SU-2016:1314",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00063.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://quassel-irc.org/node/129"
              },
              {
                "name": "FEDORA-2016-bf916bcc04",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183746.html"
              },
              {
                "name": "[oss-security] 20160430 CVE request - Quassel IRC denial of service",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2016/04/30/2"
              },
              {
                "name": "FEDORA-2016-42f30d76a0",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183571.html"
              },
              {
                "name": "FEDORA-2016-0431acaa78",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183585.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2016-04-24T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The onReadyRead function in core/coreauthhandler.cpp in Quassel before 0.12.4 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via invalid handshake data."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2016-06-13T18:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "[oss-security] 20160430 Re: CVE request - Quassel IRC denial of service",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2016/04/30/4"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/quassel/quassel/commit/e678873"
            },
            {
              "name": "openSUSE-SU-2016:1314",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00063.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://quassel-irc.org/node/129"
            },
            {
              "name": "FEDORA-2016-bf916bcc04",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183746.html"
            },
            {
              "name": "[oss-security] 20160430 CVE request - Quassel IRC denial of service",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2016/04/30/2"
            },
            {
              "name": "FEDORA-2016-42f30d76a0",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183571.html"
            },
            {
              "name": "FEDORA-2016-0431acaa78",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183585.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2016-4414",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The onReadyRead function in core/coreauthhandler.cpp in Quassel before 0.12.4 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via invalid handshake data."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "[oss-security] 20160430 Re: CVE request - Quassel IRC denial of service",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2016/04/30/4"
                },
                {
                  "name": "https://github.com/quassel/quassel/commit/e678873",
                  "refsource": "CONFIRM",
                  "url": "https://github.com/quassel/quassel/commit/e678873"
                },
                {
                  "name": "openSUSE-SU-2016:1314",
                  "refsource": "SUSE",
                  "url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00063.html"
                },
                {
                  "name": "http://quassel-irc.org/node/129",
                  "refsource": "CONFIRM",
                  "url": "http://quassel-irc.org/node/129"
                },
                {
                  "name": "FEDORA-2016-bf916bcc04",
                  "refsource": "FEDORA",
                  "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183746.html"
                },
                {
                  "name": "[oss-security] 20160430 CVE request - Quassel IRC denial of service",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2016/04/30/2"
                },
                {
                  "name": "FEDORA-2016-42f30d76a0",
                  "refsource": "FEDORA",
                  "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183571.html"
                },
                {
                  "name": "FEDORA-2016-0431acaa78",
                  "refsource": "FEDORA",
                  "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183585.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2016-4414",
        "datePublished": "2016-06-13T19:00:00.000Z",
        "dateReserved": "2016-04-30T00:00:00.000Z",
        "dateUpdated": "2024-08-06T00:25:14.590Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2015-8547 (GCVE-0-2015-8547)

    Vulnerability from cvelistv5 – Published: 2016-01-08 19:00 – Updated: 2024-08-06 08:20
    VLAI
    Summary
    The CoreUserInputHandler::doMode function in core/coreuserinputhandler.cpp in Quassel 0.10.0 allows remote attackers to cause a denial of service (application crash) via the "/op *" command in a query.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2015-12-12 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T08:20:43.506Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "openSUSE-SU-2015:2345",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00099.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://github.com/quassel/quassel/pull/153"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://github.com/quassel/quassel/commit/b8edbda019eeb99da8663193e224efc9d1265dc7"
              },
              {
                "name": "FEDORA-2016-3bc3d7f66e",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174976.html"
              },
              {
                "name": "FEDORA-2016-7f0b1e47ac",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174938.html"
              },
              {
                "name": "[oss-security] 20151212 CVE request: Remote DoS in Quassel",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2015/12/12/1"
              },
              {
                "name": "[oss-security] 20151212 Re: CVE request: Remote DoS in Quassel",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2015/12/13/1"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2015-12-12T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The CoreUserInputHandler::doMode function in core/coreuserinputhandler.cpp in Quassel 0.10.0 allows remote attackers to cause a denial of service (application crash) via the \"/op *\" command in a query."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2016-12-05T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "openSUSE-SU-2015:2345",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00099.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/quassel/quassel/pull/153"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/quassel/quassel/commit/b8edbda019eeb99da8663193e224efc9d1265dc7"
            },
            {
              "name": "FEDORA-2016-3bc3d7f66e",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174976.html"
            },
            {
              "name": "FEDORA-2016-7f0b1e47ac",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174938.html"
            },
            {
              "name": "[oss-security] 20151212 CVE request: Remote DoS in Quassel",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2015/12/12/1"
            },
            {
              "name": "[oss-security] 20151212 Re: CVE request: Remote DoS in Quassel",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2015/12/13/1"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2015-8547",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The CoreUserInputHandler::doMode function in core/coreuserinputhandler.cpp in Quassel 0.10.0 allows remote attackers to cause a denial of service (application crash) via the \"/op *\" command in a query."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "openSUSE-SU-2015:2345",
                  "refsource": "SUSE",
                  "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00099.html"
                },
                {
                  "name": "https://github.com/quassel/quassel/pull/153",
                  "refsource": "CONFIRM",
                  "url": "https://github.com/quassel/quassel/pull/153"
                },
                {
                  "name": "https://github.com/quassel/quassel/commit/b8edbda019eeb99da8663193e224efc9d1265dc7",
                  "refsource": "CONFIRM",
                  "url": "https://github.com/quassel/quassel/commit/b8edbda019eeb99da8663193e224efc9d1265dc7"
                },
                {
                  "name": "FEDORA-2016-3bc3d7f66e",
                  "refsource": "FEDORA",
                  "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174976.html"
                },
                {
                  "name": "FEDORA-2016-7f0b1e47ac",
                  "refsource": "FEDORA",
                  "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174938.html"
                },
                {
                  "name": "[oss-security] 20151212 CVE request: Remote DoS in Quassel",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2015/12/12/1"
                },
                {
                  "name": "[oss-security] 20151212 Re: CVE request: Remote DoS in Quassel",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2015/12/13/1"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2015-8547",
        "datePublished": "2016-01-08T19:00:00.000Z",
        "dateReserved": "2015-12-12T00:00:00.000Z",
        "dateUpdated": "2024-08-06T08:20:43.506Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2015-3427 (GCVE-0-2015-3427)

    Vulnerability from cvelistv5 – Published: 2015-05-14 14:00 – Updated: 2024-08-06 05:47
    VLAI
    Summary
    Quassel before 0.12.2 does not properly re-initialize the database session when the PostgreSQL database is restarted, which allows remote attackers to conduct SQL injection attacks via a \ (backslash) in a message. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-4422.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.quassel-irc.org/node/127 x_refsource_CONFIRM
    http://www.debian.org/security/2015/dsa-3258 vendor-advisoryx_refsource_DEBIAN
    http://www.securityfocus.com/bid/74339 vdb-entryx_refsource_BID
    Date Public
    2015-05-12 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T05:47:57.675Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.quassel-irc.org/node/127"
              },
              {
                "name": "DSA-3258",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2015/dsa-3258"
              },
              {
                "name": "74339",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/74339"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2015-05-12T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Quassel before 0.12.2 does not properly re-initialize the database session when the PostgreSQL database is restarted, which allows remote attackers to conduct SQL injection attacks via a \\ (backslash) in a message.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-4422."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2016-12-02T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.quassel-irc.org/node/127"
            },
            {
              "name": "DSA-3258",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2015/dsa-3258"
            },
            {
              "name": "74339",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/74339"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2015-3427",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Quassel before 0.12.2 does not properly re-initialize the database session when the PostgreSQL database is restarted, which allows remote attackers to conduct SQL injection attacks via a \\ (backslash) in a message.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-4422."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.quassel-irc.org/node/127",
                  "refsource": "CONFIRM",
                  "url": "http://www.quassel-irc.org/node/127"
                },
                {
                  "name": "DSA-3258",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2015/dsa-3258"
                },
                {
                  "name": "74339",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/74339"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2015-3427",
        "datePublished": "2015-05-14T14:00:00.000Z",
        "dateReserved": "2015-04-27T00:00:00.000Z",
        "dateUpdated": "2024-08-06T05:47:57.675Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2015-2778 (GCVE-0-2015-2778)

    Vulnerability from cvelistv5 – Published: 2015-04-10 14:00 – Updated: 2024-08-06 05:24
    VLAI
    Summary
    Quassel before 0.12-rc1 uses an incorrect data-type size when splitting a message, which allows remote attackers to cause a denial of service (crash) via a long CTCP query containing only multibyte characters.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2015-02-21 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T05:24:38.933Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://github.com/quassel/quassel/commit/b5e38970ffd55e2dd9f706ce75af9a8d7730b1b8"
              },
              {
                "name": "[oss-security] 20150320 CVE request: denial of service in Quassel",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2015/03/20/12"
              },
              {
                "name": "openSUSE-SU-2015:0687",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-updates/2015-04/msg00018.html"
              },
              {
                "name": "[oss-security] 20150327 Re: CVE request: denial of service in Quassel",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2015/03/27/11"
              },
              {
                "name": "[oss-security] 20150328 Re: CVE request: denial of service in Quassel",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2015/03/28/3"
              },
              {
                "name": "73305",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/73305"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2015-02-21T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Quassel before 0.12-rc1 uses an incorrect data-type size when splitting a message, which allows remote attackers to cause a denial of service (crash) via a long CTCP query containing only multibyte characters."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2016-11-30T18:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/quassel/quassel/commit/b5e38970ffd55e2dd9f706ce75af9a8d7730b1b8"
            },
            {
              "name": "[oss-security] 20150320 CVE request: denial of service in Quassel",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2015/03/20/12"
            },
            {
              "name": "openSUSE-SU-2015:0687",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-updates/2015-04/msg00018.html"
            },
            {
              "name": "[oss-security] 20150327 Re: CVE request: denial of service in Quassel",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2015/03/27/11"
            },
            {
              "name": "[oss-security] 20150328 Re: CVE request: denial of service in Quassel",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2015/03/28/3"
            },
            {
              "name": "73305",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/73305"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2015-2778",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Quassel before 0.12-rc1 uses an incorrect data-type size when splitting a message, which allows remote attackers to cause a denial of service (crash) via a long CTCP query containing only multibyte characters."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://github.com/quassel/quassel/commit/b5e38970ffd55e2dd9f706ce75af9a8d7730b1b8",
                  "refsource": "CONFIRM",
                  "url": "https://github.com/quassel/quassel/commit/b5e38970ffd55e2dd9f706ce75af9a8d7730b1b8"
                },
                {
                  "name": "[oss-security] 20150320 CVE request: denial of service in Quassel",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2015/03/20/12"
                },
                {
                  "name": "openSUSE-SU-2015:0687",
                  "refsource": "SUSE",
                  "url": "http://lists.opensuse.org/opensuse-updates/2015-04/msg00018.html"
                },
                {
                  "name": "[oss-security] 20150327 Re: CVE request: denial of service in Quassel",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2015/03/27/11"
                },
                {
                  "name": "[oss-security] 20150328 Re: CVE request: denial of service in Quassel",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2015/03/28/3"
                },
                {
                  "name": "73305",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/73305"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2015-2778",
        "datePublished": "2015-04-10T14:00:00.000Z",
        "dateReserved": "2015-03-27T00:00:00.000Z",
        "dateUpdated": "2024-08-06T05:24:38.933Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2015-2779 (GCVE-0-2015-2779)

    Vulnerability from cvelistv5 – Published: 2015-04-10 14:00 – Updated: 2024-08-06 05:24
    VLAI
    Summary
    Stack consumption vulnerability in the message splitting functionality in Quassel before 0.12-rc1 allows remote attackers to cause a denial of service (uncontrolled recursion) via a crafted massage.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2015-02-21 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T05:24:38.903Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://github.com/quassel/quassel/commit/b5e38970ffd55e2dd9f706ce75af9a8d7730b1b8"
              },
              {
                "name": "[oss-security] 20150320 CVE request: denial of service in Quassel",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2015/03/20/12"
              },
              {
                "name": "74048",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/74048"
              },
              {
                "name": "openSUSE-SU-2015:0687",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-updates/2015-04/msg00018.html"
              },
              {
                "name": "[oss-security] 20150327 Re: CVE request: denial of service in Quassel",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2015/03/27/11"
              },
              {
                "name": "FEDORA-2015-4689",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163054.html"
              },
              {
                "name": "[oss-security] 20150328 Re: CVE request: denial of service in Quassel",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2015/03/28/3"
              },
              {
                "name": "FEDORA-2015-4531",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158666.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2015-02-21T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Stack consumption vulnerability in the message splitting functionality in Quassel before 0.12-rc1 allows remote attackers to cause a denial of service (uncontrolled recursion) via a crafted massage."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2016-11-30T18:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/quassel/quassel/commit/b5e38970ffd55e2dd9f706ce75af9a8d7730b1b8"
            },
            {
              "name": "[oss-security] 20150320 CVE request: denial of service in Quassel",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2015/03/20/12"
            },
            {
              "name": "74048",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/74048"
            },
            {
              "name": "openSUSE-SU-2015:0687",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-updates/2015-04/msg00018.html"
            },
            {
              "name": "[oss-security] 20150327 Re: CVE request: denial of service in Quassel",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2015/03/27/11"
            },
            {
              "name": "FEDORA-2015-4689",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163054.html"
            },
            {
              "name": "[oss-security] 20150328 Re: CVE request: denial of service in Quassel",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2015/03/28/3"
            },
            {
              "name": "FEDORA-2015-4531",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158666.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2015-2779",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Stack consumption vulnerability in the message splitting functionality in Quassel before 0.12-rc1 allows remote attackers to cause a denial of service (uncontrolled recursion) via a crafted massage."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://github.com/quassel/quassel/commit/b5e38970ffd55e2dd9f706ce75af9a8d7730b1b8",
                  "refsource": "CONFIRM",
                  "url": "https://github.com/quassel/quassel/commit/b5e38970ffd55e2dd9f706ce75af9a8d7730b1b8"
                },
                {
                  "name": "[oss-security] 20150320 CVE request: denial of service in Quassel",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2015/03/20/12"
                },
                {
                  "name": "74048",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/74048"
                },
                {
                  "name": "openSUSE-SU-2015:0687",
                  "refsource": "SUSE",
                  "url": "http://lists.opensuse.org/opensuse-updates/2015-04/msg00018.html"
                },
                {
                  "name": "[oss-security] 20150327 Re: CVE request: denial of service in Quassel",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2015/03/27/11"
                },
                {
                  "name": "FEDORA-2015-4689",
                  "refsource": "FEDORA",
                  "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163054.html"
                },
                {
                  "name": "[oss-security] 20150328 Re: CVE request: denial of service in Quassel",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2015/03/28/3"
                },
                {
                  "name": "FEDORA-2015-4531",
                  "refsource": "FEDORA",
                  "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158666.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2015-2779",
        "datePublished": "2015-04-10T14:00:00.000Z",
        "dateReserved": "2015-03-27T00:00:00.000Z",
        "dateUpdated": "2024-08-06T05:24:38.903Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2011-3354 (GCVE-0-2011-3354)

    Vulnerability from cvelistv5 – Published: 2011-10-04 10:00 – Updated: 2024-08-06 23:29
    VLAI
    Summary
    The CtcpParser::packedReply method in core/ctcpparser.cpp in Quassel before 0.7.3 allows remote attackers to cause a denial of service (crash) via a crafted Client-To-Client Protocol (CTCP) request, as demonstrated in the wild in September 2011.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://osvdb.org/75351 vdb-entryx_refsource_OSVDB
    http://secunia.com/advisories/45970 third-party-advisoryx_refsource_SECUNIA
    http://www.ubuntu.com/usn/USN-1200-1 vendor-advisoryx_refsource_UBUNTU
    http://bugs.quassel-irc.org/projects/quassel-irc/… x_refsource_CONFIRM
    http://www.securityfocus.com/bid/49526 vdb-entryx_refsource_BID
    https://bugs.gentoo.org/show_bug.cgi?id=382313 x_refsource_CONFIRM
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.openwall.com/lists/oss-security/2011/09/09/7 mailing-listx_refsource_MLIST
    http://www.openwall.com/lists/oss-security/2011/09/08/7 mailing-listx_refsource_MLIST
    Date Public
    2011-09-08 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T23:29:56.836Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "75351",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/75351"
              },
              {
                "name": "45970",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/45970"
              },
              {
                "name": "USN-1200-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "http://www.ubuntu.com/usn/USN-1200-1"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://bugs.quassel-irc.org/projects/quassel-irc/repository/revisions/da215fcb9cd3096a3e223c87577d5d4ab8f8518b/diff/src/core/ctcpparser.cpp"
              },
              {
                "name": "49526",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/49526"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugs.gentoo.org/show_bug.cgi?id=382313"
              },
              {
                "name": "quasselirc-ctcp-dos(69682)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69682"
              },
              {
                "name": "[oss-security] 20110909 Re: CVE request: Quassel \u003c 0.7.3 CTCP request core DoS",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2011/09/09/7"
              },
              {
                "name": "[oss-security] 20110908 CVE request: Quassel \u003c 0.7.3 CTCP request core DoS",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2011/09/08/7"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2011-09-08T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The CtcpParser::packedReply method in core/ctcpparser.cpp in Quassel before 0.7.3 allows remote attackers to cause a denial of service (crash) via a crafted Client-To-Client Protocol (CTCP) request, as demonstrated in the wild in September 2011."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-28T12:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "75351",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/75351"
            },
            {
              "name": "45970",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/45970"
            },
            {
              "name": "USN-1200-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "http://www.ubuntu.com/usn/USN-1200-1"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://bugs.quassel-irc.org/projects/quassel-irc/repository/revisions/da215fcb9cd3096a3e223c87577d5d4ab8f8518b/diff/src/core/ctcpparser.cpp"
            },
            {
              "name": "49526",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/49526"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugs.gentoo.org/show_bug.cgi?id=382313"
            },
            {
              "name": "quasselirc-ctcp-dos(69682)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69682"
            },
            {
              "name": "[oss-security] 20110909 Re: CVE request: Quassel \u003c 0.7.3 CTCP request core DoS",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2011/09/09/7"
            },
            {
              "name": "[oss-security] 20110908 CVE request: Quassel \u003c 0.7.3 CTCP request core DoS",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2011/09/08/7"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2011-3354",
        "datePublished": "2011-10-04T10:00:00.000Z",
        "dateReserved": "2011-08-30T00:00:00.000Z",
        "dateUpdated": "2024-08-06T23:29:56.836Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }