ID CVE-2015-2778Type cveReporter NVDModified 2016-12-02T22:06:15
Description
Quassel before 0.12-rc1 uses an incorrect data-type size when splitting a message, which allows remote attackers to cause a denial of service (crash) via a long CTCP query containing only multibyte characters.
{"title": "CVE-2015-2778", "reporter": "NVD", "enchantments": {"score": {"vector": "NONE", "value": 5.0}, "vulnersScore": 5.0}, "published": "2015-04-10T11:00:04", "cvelist": ["CVE-2015-2778"], "viewCount": 2, "objectVersion": "1.2", "type": "cve", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-2778", "bulletinFamily": "NVD", "hashmap": [{"hash": "6d3f4796275bb54c21a33b82f399cc6d", "key": "assessment"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "2977fc8009d576b90d52c94e2b664f4f", "key": "cpe"}, {"hash": "f0f4674146673314c4c81d2ecd4ade29", "key": "cvelist"}, {"hash": "84813b1457b92d6ba1174abffbb83a2f", "key": "cvss"}, {"hash": "4b6d785c2c82176d64545995aa9f48cc", "key": "description"}, {"hash": "61799e6c0fe38009d8a7415ff0dd8dc4", "key": "href"}, {"hash": "6dfbc0edf87dea1ecb337548e77c8d9a", "key": "modified"}, {"hash": "56765472680401499c79732468ba4340", "key": "objectVersion"}, {"hash": "381068a5f59c067b4bfcee7dd9b32403", "key": "published"}, {"hash": "ff3ee8f223bc141fded970faa1bd7d47", "key": "references"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "reporter"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "scanner"}, {"hash": "519ab847ce20e8111c22055415ce89e8", "key": "title"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}], "history": [{"bulletin": {"reporter": "NVD", "published": "2015-04-10T11:00:04", "cvelist": ["CVE-2015-2778"], "title": "CVE-2015-2778", "objectVersion": "1.2", "type": "cve", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-2778", "bulletinFamily": "NVD", "id": "CVE-2015-2778", "history": [], "scanner": [], "cpe": ["cpe:/a:quassel-irc:quassel:0.11.0"], "modified": "2015-04-10T17:01:57", "hash": "16f402c3e82173295b5da8f66ae884bfd5600eab3d63a88beb9ac62ecb0c2866", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "viewCount": 0, "edition": 1, "assessment": {"name": "", "href": "", "system": ""}, "references": ["https://github.com/quassel/quassel/commit/b5e38970ffd55e2dd9f706ce75af9a8d7730b1b8", "http://www.openwall.com/lists/oss-security/2015/03/20/12", "http://www.openwall.com/lists/oss-security/2015/03/28/3", "http://lists.opensuse.org/opensuse-updates/2015-04/msg00018.html", "http://www.openwall.com/lists/oss-security/2015/03/27/11"], "hashmap": [{"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "scanner"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "reporter"}, {"hash": "519ab847ce20e8111c22055415ce89e8", "key": "title"}, {"hash": "4b6d785c2c82176d64545995aa9f48cc", "key": "description"}, {"hash": "2977fc8009d576b90d52c94e2b664f4f", "key": "cpe"}, {"hash": "56765472680401499c79732468ba4340", "key": "objectVersion"}, {"hash": "6d3f4796275bb54c21a33b82f399cc6d", "key": "assessment"}, {"hash": "f0f4674146673314c4c81d2ecd4ade29", "key": "cvelist"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "e406f459167740d2de74a26643bc2ee1", "key": "modified"}, {"hash": "61799e6c0fe38009d8a7415ff0dd8dc4", "key": "href"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "84813b1457b92d6ba1174abffbb83a2f", "key": "cvss"}, {"hash": "381068a5f59c067b4bfcee7dd9b32403", "key": "published"}, {"hash": "92625b28d44af10a08571c1b90200851", "key": "references"}], "lastseen": "2016-09-03T22:24:17", "description": "Quassel before 0.12-rc1 uses an incorrect data-type size when splitting a message, which allows remote attackers to cause a denial of service (crash) via a long CTCP query containing only multibyte characters."}, "differentElements": ["references", "modified"], "edition": 1, "lastseen": "2016-09-03T22:24:17"}], "scanner": [], "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "modified": "2016-12-02T22:06:15", "hash": "0c91bbf1f2b33871d22bcf18eb9e48602107681d89e3a3651d3fefa68dda6b37", "cpe": ["cpe:/a:quassel-irc:quassel:0.11.0"], "edition": 2, "description": "Quassel before 0.12-rc1 uses an incorrect data-type size when splitting a message, which allows remote attackers to cause a denial of service (crash) via a long CTCP query containing only multibyte characters.", "references": ["https://github.com/quassel/quassel/commit/b5e38970ffd55e2dd9f706ce75af9a8d7730b1b8", "http://www.openwall.com/lists/oss-security/2015/03/20/12", "http://www.openwall.com/lists/oss-security/2015/03/28/3", "http://lists.opensuse.org/opensuse-updates/2015-04/msg00018.html", "http://www.openwall.com/lists/oss-security/2015/03/27/11", "http://www.securityfocus.com/bid/73305"], "id": "CVE-2015-2778", "lastseen": "2017-04-18T15:56:34", "assessment": {"name": "", "href": "", "system": ""}}
{"nessus": [{"lastseen": "2018-09-02T00:09:16", "references": ["https://bugzilla.opensuse.org/show_bug.cgi?id=924930", "https://bugzilla.opensuse.org/show_bug.cgi?id=924933"], "pluginID": "82652", "description": "The IRC client quassel was updated to fix two security issues.\n\nThe following vulnerabilities were fixed :\n\n - quassel could crash when receiving an overlength CTCP query containing only multibyte characters (bnc#924930 CVE-2015-2778)\n\n - quassel could incorrectly split a message in the middle of a multibyte character, leading to DoS (bnc#924933 CVE-2015-2779)", "edition": 4, "reporter": "Tenable", "published": "2015-04-09T00:00:00", "title": "openSUSE Security Update : quassel (openSUSE-2015-294)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-2779", "CVE-2015-2778"], "modified": "2015-04-13T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:quassel-core-debuginfo", "p-cpe:/a:novell:opensuse:quassel-mono", "p-cpe:/a:novell:opensuse:quassel-core", "p-cpe:/a:novell:opensuse:quassel-mono-debuginfo", "p-cpe:/a:novell:opensuse:quassel-base", "p-cpe:/a:novell:opensuse:quassel-client-debuginfo", "p-cpe:/a:novell:opensuse:quassel-client", "cpe:/o:novell:opensuse:13.2", "p-cpe:/a:novell:opensuse:quassel-debugsource", "cpe:/o:novell:opensuse:13.1"], "id": "OPENSUSE-2015-294.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=82652", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2015-294.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(82652);\n script_version(\"$Revision: 1.2 $\");\n script_cvs_date(\"$Date: 2015/04/13 14:33:57 $\");\n\n script_cve_id(\"CVE-2015-2778\", \"CVE-2015-2779\");\n\n script_name(english:\"openSUSE Security Update : quassel (openSUSE-2015-294)\");\n script_summary(english:\"Check for the openSUSE-2015-294 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The IRC client quassel was updated to fix two security issues.\n\nThe following vulnerabilities were fixed :\n\n - quassel could crash when receiving an overlength CTCP\n query containing only multibyte characters (bnc#924930\n CVE-2015-2778)\n\n - quassel could incorrectly split a message in the middle\n of a multibyte character, leading to DoS (bnc#924933\n CVE-2015-2779)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=924930\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=924933\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected quassel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:quassel-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:quassel-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:quassel-client-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:quassel-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:quassel-core-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:quassel-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:quassel-mono\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:quassel-mono-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/04/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/04/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE13\\.1|SUSE13\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"13.1 / 13.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE13.1\", reference:\"quassel-base-0.9.2-19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"quassel-client-0.9.2-19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"quassel-client-debuginfo-0.9.2-19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"quassel-core-0.9.2-19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"quassel-core-debuginfo-0.9.2-19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"quassel-debugsource-0.9.2-19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"quassel-mono-0.9.2-19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"quassel-mono-debuginfo-0.9.2-19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"quassel-base-0.10.0-3.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"quassel-client-0.10.0-3.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"quassel-client-debuginfo-0.10.0-3.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"quassel-core-0.10.0-3.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"quassel-core-debuginfo-0.10.0-3.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"quassel-debugsource-0.10.0-3.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"quassel-mono-0.10.0-3.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"quassel-mono-debuginfo-0.10.0-3.7.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"quassel-base / quassel-client / quassel-client-debuginfo / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}]}
