CVE-2011-3354

Published Oct 4, 2011

Last updated 7 years ago

CVSS info 5.0

Overview

Description: The CtcpParser::packedReply method in core/ctcpparser.cpp in Quassel before 0.7.3 allows remote attackers to cause a denial of service (crash) via a crafted Client-To-Client Protocol (CTCP) request, as demonstrated in the wild in September 2011.
Source: secalert@redhat.com
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 5
Impact score: 2.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:N/A:P

Weaknesses

nvd@nist.gov: CWE-399

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:quassel-irc:quassel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E6600ADB-EC8E-400D-B5C6-2E70A2DD10B9",
            "versionEndIncluding": "0.7.2"
          },
          {
            "criteria": "cpe:2.3:a:quassel-irc:quassel:0.3.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D8CEE378-4AF3-460B-983A-99ABC3FAB0A5"
          },
          {
            "criteria": "cpe:2.3:a:quassel-irc:quassel:0.3.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8E0D72A3-0BE8-491E-BA40-DF3048B38664"
          },
          {
            "criteria": "cpe:2.3:a:quassel-irc:quassel:0.4.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5AE5E456-0265-4680-B74B-BE41DEF4E4E3"
          },
          {
            "criteria": "cpe:2.3:a:quassel-irc:quassel:0.4.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "43387717-B4F1-458D-952D-A488B68A42BD"
          },
          {
            "criteria": "cpe:2.3:a:quassel-irc:quassel:0.4.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3C7CDBAF-7E56-4E28-89BB-40345D44224A"
          },
          {
            "criteria": "cpe:2.3:a:quassel-irc:quassel:0.4.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "382FDF17-58BA-494F-965B-AE89536AD355"
          },
          {
            "criteria": "cpe:2.3:a:quassel-irc:quassel:0.5.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E2FDCEE3-3196-4FD3-8947-BA0A8AC13C79"
          },
          {
            "criteria": "cpe:2.3:a:quassel-irc:quassel:0.5.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "958D78B5-F69C-4B62-B442-D73081C37E28"
          },
          {
            "criteria": "cpe:2.3:a:quassel-irc:quassel:0.5.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C079B355-6BFB-4EBC-916D-B3CD6C825D38"
          },
          {
            "criteria": "cpe:2.3:a:quassel-irc:quassel:0.6.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "79524C6D-EE5D-42EF-9BCF-1E878026DA21"
          },
          {
            "criteria": "cpe:2.3:a:quassel-irc:quassel:0.6.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E0E50F5F-6E73-4447-A437-B6825A2581E1"
          },
          {
            "criteria": "cpe:2.3:a:quassel-irc:quassel:0.7.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D1929DC3-9B22-40FB-9027-16A472D5791F"
          },
          {
            "criteria": "cpe:2.3:a:quassel-irc:quassel:0.7.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "991CC3AE-CE18-4256-9666-1F0A08532D55"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References