23 matches found
EUVD-2013-6225
Malware in sbrugna...
EUVD-2008-5628
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2018-1000178
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A heap corruption of type CWE-120 exists in quassel version 0.12.4 in quasselcore in void DataStreamPeer::processMessageconst QByteArray &msg datastreampeer.cpp...
Linux Distros Unpatched Vulnerability : CVE-2018-1000179
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A NULL Pointer Dereference of CWE-476 exists in quassel version 0.12.4 in the quasselcore void CoreAuthHandler::handleconst Login &msg coreauthhandler.cpp line...
UBUNTU-CVE-2018-1000179
A NULL Pointer Dereference of CWE-476 exists in quassel version 0.12.4 in the quasselcore void CoreAuthHandler::handleconst Login &msg coreauthhandler.cpp line 235 that allows an attacker to cause a denial of service...
DEBIAN-CVE-2018-1000178
A heap corruption of type CWE-120 exists in quassel version 0.12.4 in quasselcore in void DataStreamPeer::processMessageconst QByteArray &msg datastreampeer.cpp line 62 that allows an attacker to execute code remotely...
quasselcore denial of service vulnerability
Quassel aka Quassel IRC is a cross-platform distributed IRC chat client developed by the Quassel IRC team , which is developed using the QT application framework , PostgreSQL database to store data . A security vulnerability exists in CoreAuthHandler::handleconst Login &msg in the...
quassel-core: denial of service
CVE-2016-4414 denial of service It was found that quasselcore is vulnerable to a denial of service attack by unauthenticated clients. The protocol negotiation did not take into account lack of a match, in which case PeerFactory::createPeer returns a nullptr, which is immediately dereferenced...
Updated quassel packages fix security vulnerability
The Quassel core could be crashed by a client using the op command, causing a denial of service CVE-2015-8547...
quassel -- remote denial of service
Pierre Schweitzer reports: Any client sending the command "/op " in a query will cause the Quassel core to crash...
DEBIAN-CVE-2013-6404
Quassel core server daemon in Quassel IRC before 0.9.2 does not properly verify the user ID when accessing user backlogs, which allows remote authenticated users to read other users' backlogs via the bufferid in 1 16/selectbufferbyid.sql, 2 16/selectbufferbyid.sql, and 3 16/selectbufferbyid.sql i...
CVE-2013-6404
Affected software : Quassel IRC – Quassel core (server daemon) prior to version 0.9.2. Vulnerability : Improper verification of the user ID when accessing user backlogs, allowing remote authenticated users to read other users’ backlogs via the bufferid in specific SQL queries (core/SQL/PostgreSQL...
CVE-2013-6404
Quassel core server daemon in Quassel IRC before 0.9.2 does not properly verify the user ID when accessing user backlogs, which allows remote authenticated users to read other users' backlogs via the bufferid in 1 16/selectbufferbyid.sql, 2 16/selectbufferbyid.sql, and 3 16/selectbufferbyid.sql i...
USN-1230-1: Quassel vulnerability
Felix Geyer discovered that the quassel-core post installation script created data and logging directories which were readable by all users. The post installation script also generated a certificate, in the data directory, which was readable by all users...
Ubuntu 10.04 LTS / 10.10 / 11.04 : quassel vulnerability (USN-1230-1)
Felix Geyer discovered that the quassel-core post installation script created data and logging directories which were readable by all users. The post installation script also generated a certificate, in the data directory, which was readable by all users. Note that Tenable Network Security has...
Crlf injection
CRLF injection vulnerability in Quassel Core before 0.3.0.3 allows remote attackers to spoof IRC messages as other users via a crafted CTCP message...
CVE-2008-5657
CRLF injection vulnerability in Quassel Core before 0.3.0.3 allows remote attackers to spoof IRC messages as other users via a crafted CTCP message...
CVE-2008-5657
CRLF injection vulnerability in Quassel Core before 0.3.0.3 allows remote attackers to spoof IRC messages as other users via a crafted CTCP message...
DEBIAN-CVE-2008-5657
CRLF injection vulnerability in Quassel Core before 0.3.0.3 allows remote attackers to spoof IRC messages as other users via a crafted CTCP message...
CVE-2008-5657
CRLF injection vulnerability in Quassel Core before 0.3.0.3 allows remote attackers to spoof IRC messages as other users via a crafted CTCP message...