oss-sec mailing list archives
CVE request: denial of service in Quassel
From: Pierre Schweitzer <pierre () reactos org>
Date: Fri, 20 Mar 2015 17:22:53 +0100
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Dear all, The following commit fixed a denial of service in quassel: https://github.com/quassel/quassel/commit/b5e38970ffd55e2dd9f706ce75af9a8d7730b1b8 It allows a connected client to cause a core crash by sending a CTCP request which would be too long and multibyte. This is mitigated by the fact that it requires an authed user. With my best regards, - -- Pierre Schweitzer <pierre () reactos org> System & Network Administrator Senior Kernel Developer ReactOS Deutschland e.V. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJVDEldAAoJEHVFVWw9WFsLeaQP/0zUGaXiZUsJRbZod5ZqrMXb oUJ+FVfhDTyWZNFbyNb6Pi76STyQHCZwggzR90ay/oBqn7toya9SLHASamjHSBY4 VeJI7q+KaM2/T9YwTVMU0WLB6gPjkR4/jQf0aE1Fdf5yRGejybybA5ffdvbJjYSs du+uwsWOCztIohbm9vAH+bQCIPD+BjJzpAgsJ88SgfGMa3JZSah1pYfKh4StesYR 7SCx/R6WTJBqrrnfvUldUdcvF/5S8LGOtJoTAZi2QJZNZNBmZhntJ9QadCWuYTfX mcxRZVuZrmcZ5mH4jiP4J8KoFdGzoHO4mTT2vc8g8EGkGcQ8aflAbA9Ngg4z/vyR yZT0A+4fEYH5qh1QyIYiz2j+i4GXshcr/hS+NKStb30inj8fE5fnN8OAMjOPxd7O gVZJv38XHurPtCDUuo/BTWX2CKgyRvikK33sJXN0eDx/tQCnMk+W+g1Ur+ujCgpO vPW/Sv+301goGHZoobmWBic0gR2zUFeb/8FbTBnqA979DzUUCY712P/TX6vvhwnB oryfwvuLNPGjsbT2KyLi9u3jyJnO5dAw2gmFsVSz2hk+874kkuV/cYq28HEdLTe/ 1kSbEkEBZx7y5ksUZzp514j9RUUGNK/ZXZZz9GJkIEDlO19pmF/7SpgdFW/de6Kr Jpv+YbGqoIljb8c79IbX =GmZ8 -----END PGP SIGNATURE-----
Current thread:
- CVE request: denial of service in Quassel Pierre Schweitzer (Mar 20)
- Re: CVE request: denial of service in Quassel Pierre Schweitzer (Mar 27)
- Re: CVE request: denial of service in Quassel cve-assign (Mar 27)
- Re: CVE request: denial of service in Quassel Pierre Schweitzer (Mar 27)
- Re: CVE request: denial of service in Quassel cve-assign (Mar 27)
- Re: CVE request: denial of service in Quassel Pierre Schweitzer (Mar 27)