[email protected]NVD:CVE-2014-8483

HistoryNov 06, 2014 - 3:55 p.m.

CVE-2014-8483

2014-11-0615:55:09

CWE-125

[email protected]

web.nvd.nist.gov

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

6.3 Medium

AI Score

Confidence

High

0.034 Low

EPSS

Percentile

91.5%

JSON

The blowfishECB function in core/cipher.cpp in Quassel IRC 0.10.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a malformed string.

Affected configurations

NVD

Node

canonicalubuntu_linuxMatch12.04lts

Node

debiandebian_linuxMatch7.0

Node

quassel-ircquassel_ircMatch0.10.0

Node

opensuseopensuseMatch12.3

opensuseopensuseMatch13.1

opensuseopensuseMatch13.2

References

bugs.quassel-irc.org/issues/1314

lists.opensuse.org/opensuse-updates/2014-11/msg00028.html

lists.opensuse.org/opensuse-updates/2014-11/msg00046.html

lists.opensuse.org/opensuse-updates/2015-03/msg00068.html

secunia.com/advisories/61932

secunia.com/advisories/62035

secunia.com/advisories/62261

www.debian.org/security/2014/dsa-3063

www.debian.org/security/2014/dsa-3068

www.ubuntu.com/usn/USN-2401-1

github.com/quassel/quassel/commit/8b5ecd226f9208af3074b33d3b7cf5e14f55b138

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

6.3 Medium

AI Score

Confidence

High

0.034 Low

EPSS

Percentile

91.5%

JSON

Related for NVD:CVE-2014-8483

nessus11 openvas10 debian3 debiancve1 mageia2 osv2 cve1 fedora3 securityvulns4 freebsd1 ubuntucve1 prion1 archlinux1 ubuntu1 cvelist1