7 matches found
MGASA-2018-0243 Updated quassel packages fix security vulnerabilities
A heap corruption exists in quassel version 0.12.4 in quasselcore that allows an attacker to execute code remotely CVE-2018-1000178. A NULL Pointer Dereference exists in quassel version 0.12.4 in the quasselcore that allows an atacker to denial of service by attempting a login when the database i...
Updated quassel packages fix CVE-2016-4414
Updated quassel packages fix security vulnerability: It was found that quasselcore is vulnerable to a denial of service attack by unauthenticated clients. The protocol negotiation did not take into account lack of a match in handshake data, in which case PeerFactory::createPeer returns a nullptr,...
MGASA-2016-0166 Updated quassel packages fix CVE-2016-4414
Updated quassel packages fix security vulnerability: It was found that quasselcore is vulnerable to a denial of service attack by unauthenticated clients. The protocol negotiation did not take into account lack of a match in handshake data, in which case PeerFactory::createPeer returns a nullptr,...
MGASA-2015-0475 Updated quassel packages fix security vulnerability
The Quassel core could be crashed by a client using the op command, causing a denial of service CVE-2015-8547...
Updated quassel packages fix security vulnerabilities
Updated quassel packages fix security vulnerabilities: Quassel could crash when receiving an overlength CTCP query containing only multibyte characters CVE-2015-2778. Quassel could incorrectly split a message in the middle of a multibyte character, leading to a denial of service CVE-2015-2779...
Updated quassel packages fix security vulnerability
Due to and out-of-bounds read issue in Quassel core in The ECB Blowfish decryption function, a malicious client can cause either denial of service or disclosure of information from process memory by using an improperly formed message CVE-2014-8483...
MGASA-2014-0436 Updated quassel packages fix security vulnerability
Due to and out-of-bounds read issue in Quassel core in The ECB Blowfish decryption function, a malicious client can cause either denial of service or disclosure of information from process memory by using an improperly formed message CVE-2014-8483...