Lucene search
Gentoo FoundationMGASA-2015-0175HistoryMay 01, 2015 - 12:57 a.m.
Updated quassel packages fix CVE-2015-3427
2015-05-0100:57:25
Gentoo Foundation
advisories.mageia.org
3
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
43.9%
Updated quassel packages fix security vulnerability: Quassel is vulnerable to SQL injection through its use of Qt’s postgres driver. If the PostgreSQL server is restarted or the connection is lost at any point, other IRC users may be able to trick the Quassel core into executing SQL queries upon reconnection (CVE-2015-3427).
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Mageia | 4 | noarch | quassel | < 0.9.2-1.3 | quassel-0.9.2-1.3.mga4 |
Related
openvas
openvas
Mageia: Security Advisory (MGASA-2015-0175)
2022-01-28 00:00:00
Debian Security Advisory DSA 3258-1 (quassel - security update)
2015-05-12 00:00:00
Debian: Security Advisory (DSA-3258-1)
2015-05-11 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 3258-1] quassel security update
2015-05-12 00:00:00
quassel SQL injection
2015-05-12 00:00:00
ubuntucve
ubuntucve
CVE-2015-3427
2015-05-14 00:00:00
debian
debian
[SECURITY] [DSA 3258-1] quassel security update
2015-05-12 19:41:07
nessus
nessus
Debian DSA-3258-1 : quassel - security update
2015-05-13 00:00:00
openSUSE Security Update : quassel (openSUSE-2015-376)
2015-05-26 00:00:00
prion
prion
Sql injection
2015-05-14 14:59:00
debiancve
debiancve
CVE-2015-3427
2015-05-14 14:59:00
freebsd
freebsd
Quassel IRC -- SQL injection vulnerability
2015-04-23 00:00:00
cve
cve
CVE-2015-3427
2015-05-14 14:59:00
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
43.9%
Related for MGASA-2015-0175