11 matches found
Gentoo Security Advisory GLSA 201311-03
Gentoo Linux Local Security Checks GLSA 201311-03 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...
openSUSE Security Update : quassel (openSUSE-2015-376)
The distributed IRC client quassel was updated to fix one security issue. The following vulnerability was fixed : - CVE-2015-3427: The SQL injection fix for CVE-2013-4422 was incomplete boo928728 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this...
Sql injection
Quassel before 0.12.2 does not properly re-initialize the database session when the PostgreSQL database is restarted, which allows remote attackers to conduct SQL injection attacks via a \ backslash in a message. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-4422...
Debian DSA-3258-1 : quassel - security update
It was discovered that the fix for CVE-2013-4422 in quassel, a distributed IRC client, was incomplete. This could allow remote attackers to inject SQL queries after a database reconnection e.g. when the backend PostgreSQL server is restarted. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. T...
Debian Security Advisory DSA 3258-1 (quassel - security update)
It was discovered that the fix for CVE-2013-4422 in quassel, a distributed IRC client, was incomplete. This could allow remote attackers to inject SQL queries after a database reconnection e.g. when the backend PostgreSQL server is restarted. OpenVAS Vulnerability Test $Id: deb3258.nasl 6609...
Quassel IRC -- SQL injection vulnerability
Quassel IRC developers report: Restarting a PostgreSQL database while Quassel Core is running would not properly re-initialize the database session inside Quassel, bringing back an old security issue CVE-2013-4422...
Fedora Update for quassel FEDORA-2014-1734
Check for the Version of quassel OpenVAS Vulnerability Test Fedora Update for quassel FEDORA-2014-1734 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
CVE-2013-4422
SQL injection vulnerability in Quassel IRC before 0.9.1, when Qt 4.8.5 or later and PostgreSQL 8.2 or later are used, allows remote attackers to execute arbitrary SQL commands via a \ backslash in a message...
CVE-2013-4422
SQL injection vulnerability in Quassel IRC before 0.9.1, when Qt 4.8.5 or later and PostgreSQL 8.2 or later are used, allows remote attackers to execute arbitrary SQL commands via a \ backslash in a message...
MGASA-2013-0311 Updated quassel packages fix CVE-2013-4422
Updated quassel packages fix security vulnerability: Quassel IRC before 0.9.1 is vulnerable to SQL injection if used with Qt 4.8.5, due to a change in Qt's postgres driver, allowing other IRC users to trick the Quassel core into executing SQL queries CVE-2013-4422. This update provides Quassel...
Updated quassel packages fix CVE-2013-4422
Updated quassel packages fix security vulnerability: Quassel IRC before 0.9.1 is vulnerable to SQL injection if used with Qt 4.8.5, due to a change in Qt's postgres driver, allowing other IRC users to trick the Quassel core into executing SQL queries CVE-2013-4422. This update provides Quassel...