5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
6.3 Medium
AI Score
Confidence
High
0.034 Low
EPSS
Percentile
91.5%
The blowfishECB function in core/cipher.cpp in Quassel IRC 0.10.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a malformed string.
bugs.quassel-irc.org/issues/1314
lists.opensuse.org/opensuse-updates/2014-11/msg00028.html
lists.opensuse.org/opensuse-updates/2014-11/msg00046.html
lists.opensuse.org/opensuse-updates/2015-03/msg00068.html
secunia.com/advisories/61932
secunia.com/advisories/62035
secunia.com/advisories/62261
www.debian.org/security/2014/dsa-3063
www.debian.org/security/2014/dsa-3068
www.ubuntu.com/usn/USN-2401-1
github.com/quassel/quassel/commit/8b5ecd226f9208af3074b33d3b7cf5e14f55b138