Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2015-3427HistoryMay 14, 2015 - 2:59 p.m.
CVE-2015-3427
2015-05-1414:59:00
Debian Security Bug Tracker
security-tracker.debian.org
9
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
43.9%
Quassel before 0.12.2 does not properly re-initialize the database session when the PostgreSQL database is restarted, which allows remote attackers to conduct SQL injection attacks via a \ (backslash) in a message. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-4422.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | quassel | < 1:0.10.0-2.4 | quassel_1:0.10.0-2.4_all.deb |
| Debian | 11 | all | quassel | < 1:0.10.0-2.4 | quassel_1:0.10.0-2.4_all.deb |
| Debian | 10 | all | quassel | < 1:0.10.0-2.4 | quassel_1:0.10.0-2.4_all.deb |
| Debian | 999 | all | quassel | < 1:0.10.0-2.4 | quassel_1:0.10.0-2.4_all.deb |
| Debian | 13 | all | quassel | < 1:0.10.0-2.4 | quassel_1:0.10.0-2.4_all.deb |
Related
securityvulns
securityvulns
quassel SQL injection
2015-05-12 00:00:00
[SECURITY] [DSA 3258-1] quassel security update
2015-05-12 00:00:00
nessus
nessus
FreeBSD : Quassel IRC -- SQL injection vulnerability (49d9c28c-fbad-11e4-b0fb-00269ee29e57)
2015-05-18 00:00:00
Debian DSA-3258-1 : quassel - security update
2015-05-13 00:00:00
openSUSE Security Update : quassel (openSUSE-2015-376)
2015-05-26 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-3258-1)
2015-05-11 00:00:00
Debian Security Advisory DSA 3258-1 (quassel - security update)
2015-05-12 00:00:00
Fedora Update for quassel FEDORA-2014-1734
2014-03-04 00:00:00
cve
cve
CVE-2015-3427
2015-05-14 14:59:00
CVE-2013-4422
2013-10-23 16:54:00
ubuntucve
ubuntucve
CVE-2015-3427
2015-05-14 00:00:00
CVE-2013-4422
2013-10-23 00:00:00
debian
debian
[SECURITY] [DSA 3258-1] quassel security update
2015-05-12 19:41:07
prion
prion
Sql injection
2015-05-14 14:59:00
Sql injection
2013-10-23 16:54:00
freebsd
freebsd
Quassel IRC -- SQL injection vulnerability
2015-04-23 00:00:00
Quassel IRC -- SQL injection vulnerability
2013-10-07 00:00:00
mageia
mageia
Updated quassel packages fix CVE-2013-4422
2013-10-17 23:49:10
Updated quassel packages fix CVE-2015-3427
2015-05-01 00:57:25
fedora
fedora
[SECURITY] Fedora 20 Update: quassel-0.9.2-1.fc20
2014-02-26 13:46:09
[SECURITY] Fedora 19 Update: quassel-0.9.2-1.fc19
2014-02-26 14:03:33
osv
osv
quassel - security update
2015-05-12 00:00:00
debiancve
debiancve
CVE-2013-4422
2013-10-23 16:54:00
gentoo
gentoo
Quassel: Multiple Vulnerabilities
2013-11-07 00:00:00
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
43.9%
Related for DEBIANCVE:CVE-2015-3427