Lucene search
K

11 matches found

OpenVAS
OpenVAS
added 2015/09/29 12:0 a.m.20 views

Gentoo Security Advisory GLSA 201311-03

Gentoo Linux Local Security Checks GLSA 201311-03 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...

6.8CVSS7.2AI score0.0211EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2015/05/26 12:0 a.m.27 views

openSUSE Security Update : quassel (openSUSE-2015-376)

The distributed IRC client quassel was updated to fix one security issue. The following vulnerability was fixed : - CVE-2015-3427: The SQL injection fix for CVE-2013-4422 was incomplete boo928728 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this...

7.5CVSS7.3AI score0.0211EPSS
Exploits0References3
Prion
Prion
added 2015/05/14 2:59 p.m.14 views

Sql injection

Quassel before 0.12.2 does not properly re-initialize the database session when the PostgreSQL database is restarted, which allows remote attackers to conduct SQL injection attacks via a \ backslash in a message. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-4422...

7.5CVSS7.8AI score0.0211EPSS
Exploits0References3Affected Software2
Tenable Nessus
Tenable Nessus
added 2015/05/13 12:0 a.m.26 views

Debian DSA-3258-1 : quassel - security update

It was discovered that the fix for CVE-2013-4422 in quassel, a distributed IRC client, was incomplete. This could allow remote attackers to inject SQL queries after a database reconnection e.g. when the backend PostgreSQL server is restarted. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. T...

7.5CVSS7.4AI score0.0211EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2015/05/12 12:0 a.m.23 views

Debian Security Advisory DSA 3258-1 (quassel - security update)

It was discovered that the fix for CVE-2013-4422 in quassel, a distributed IRC client, was incomplete. This could allow remote attackers to inject SQL queries after a database reconnection e.g. when the backend PostgreSQL server is restarted. OpenVAS Vulnerability Test $Id: deb3258.nasl 6609...

7.5CVSS0.6AI score0.0211EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2015/04/23 12:0 a.m.33 views

Quassel IRC -- SQL injection vulnerability

Quassel IRC developers report: Restarting a PostgreSQL database while Quassel Core is running would not properly re-initialize the database session inside Quassel, bringing back an old security issue CVE-2013-4422...

6.8CVSS6.4AI score0.0211EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2014/03/04 12:0 a.m.19 views

Fedora Update for quassel FEDORA-2014-1734

Check for the Version of quassel OpenVAS Vulnerability Test Fedora Update for quassel FEDORA-2014-1734 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

6.8CVSS7.5AI score0.0211EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2013/10/23 4:54 p.m.33 views

CVE-2013-4422

SQL injection vulnerability in Quassel IRC before 0.9.1, when Qt 4.8.5 or later and PostgreSQL 8.2 or later are used, allows remote attackers to execute arbitrary SQL commands via a \ backslash in a message...

6.8CVSS7.3AI score0.0211EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2013/10/23 3:0 p.m.31 views

CVE-2013-4422

SQL injection vulnerability in Quassel IRC before 0.9.1, when Qt 4.8.5 or later and PostgreSQL 8.2 or later are used, allows remote attackers to execute arbitrary SQL commands via a \ backslash in a message...

6.8CVSS8.2AI score0.0211EPSS
Exploits0
OSV
OSV
added 2013/10/17 7:49 p.m.7 views

MGASA-2013-0311 Updated quassel packages fix CVE-2013-4422

Updated quassel packages fix security vulnerability: Quassel IRC before 0.9.1 is vulnerable to SQL injection if used with Qt 4.8.5, due to a change in Qt's postgres driver, allowing other IRC users to trick the Quassel core into executing SQL queries CVE-2013-4422. This update provides Quassel...

6.8CVSS7.2AI score0.0211EPSS
Exploits0References4
Mageia
Mageia
added 2013/10/17 7:49 p.m.30 views

Updated quassel packages fix CVE-2013-4422

Updated quassel packages fix security vulnerability: Quassel IRC before 0.9.1 is vulnerable to SQL injection if used with Qt 4.8.5, due to a change in Qt's postgres driver, allowing other IRC users to trick the Quassel core into executing SQL queries CVE-2013-4422. This update provides Quassel...

6.8CVSS3.7AI score0.0211EPSS
Exploits0References3
Rows per page
Query Builder