Lucene search

K

PRIOn knowledge basePRION:CVE-2011-3354

HistoryOct 04, 2011 - 10:55 a.m.

Design/Logic Flaw

2011-10-0410:55:00

PRIOn knowledge base

www.prio-n.com

3

6.8 Medium

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.038 Low

EPSS

Percentile

91.6%

The CtcpParser::packedReply method in core/ctcpparser.cpp in Quassel before 0.7.3 allows remote attackers to cause a denial of service (crash) via a crafted Client-To-Client Protocol (CTCP) request, as demonstrated in the wild in September 2011.

CPENameOperatorVersion
quasseleq0.4.0
quasseleq0.3.1
quasseleq0.3.0
quasseleq0.5.0
quasseleq0.5.2
quasseleq0.7.1
quasseleq0.4.3
quasseleq0.4.1
quasseleq0.5.1
quasseleq0.7.0

Rows per page:

1-10 of 141

References

bugs.quassel-irc.org/projects/quassel-irc/repository/revisions/da215fcb9cd3096a3e223c87577d5d4ab8f8518b/diff/src/core/ctcpparser.cpp

osvdb.org/75351

secunia.com/advisories/45970

www.openwall.com/lists/oss-security/2011/09/08/7

www.openwall.com/lists/oss-security/2011/09/09/7

www.securityfocus.com/bid/49526

www.ubuntu.com/usn/USN-1200-1

bugs.gentoo.org/show_bug.cgi?id=382313

exchange.xforce.ibmcloud.com/vulnerabilities/69682

6.8 Medium

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.038 Low

EPSS

Percentile

91.6%

Related for PRION:CVE-2011-3354

openvas7 nessus3 fedora3 debiancve1 ubuntucve1 cve1