Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2011-3354

The CtcpParser::packedReply method in core/ctcpparser.cpp in Quassel before 0.7.3 allows remote attackers to cause a denial of service (crash) via a crafted Client-To-Client Protocol (CTCP) request, as demonstrated in the wild in September 2011.

Related bugs and status

CVE-2011-3354 (Candidate) is related to these bugs:

Bug #845707: remote DoS

		In	Importance	Status
845707	remote DoS	quassel (Ubuntu)	Medium	Fix Released
845707	remote DoS	quassel (Ubuntu Lucid)	Medium	Fix Released
845707	remote DoS	quassel (Ubuntu Maverick)	Medium	Fix Released
845707	remote DoS	quassel (Ubuntu Natty)	Medium	Fix Released
845707	remote DoS	quassel (Ubuntu Oneiric)	Medium	Fix Released
845707	remote DoS	maverick-backports	Undecided	Fix Released
845707	remote DoS	Lucid Backports	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: http://secunia.com/adv...
MISC: http://www.securityfoc...
MISC: http://osvdb.org/75351
MISC: http://www.ubuntu.com/...
MISC: http://www.openwall.co...
MISC: http://www.openwall.co...
MISC: http://bugs.quassel-ir...
MISC: https://bugs.gentoo.or...
MISC: https://exchange.xforc...