Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 382313 (CVE-2011-3354)

Summary: <net-irc/quassel-0.7.3 CTCP request Core DoS (CVE-2011-3354)
Product: Gentoo Security Reporter: Alex Legler (RETIRED) <a3li>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: minor CC: patrick, scarabeus, sputnick
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: http://git.quassel-irc.org/?p=quassel.git;a=commit;h=da215fcb9cd3096a3e223c87577d5d4ab8f8518b
Whiteboard: B3 [noglsa]
Package list:
Runtime testing required: ---

Description Alex Legler (RETIRED) archtester Gentoo Infrastructure gentoo-dev Security 2011-09-08 20:10:23 UTC
CtcpParser::packedReply in src/core/ctcpparser.cpp in Quassel does not process certain CTCP requests correctly, allowing a remote attacker connected to the same IRC network as the victim to cause a Denial of Service condition by sending specially crafted CTCP requests. This was demonstrated in various exploits on freenode today.

Fixed in git commit in $URL, released as quassel-0.7.3.
Comment 1 Alex Legler (RETIRED) archtester Gentoo Infrastructure gentoo-dev Security 2011-09-08 20:10:54 UTC
Maintainers: Can we stabilize 0.7.3?
Comment 2 Tomáš Chvátal (RETIRED) gentoo-dev 2011-09-08 20:15:39 UTC
Amd64 and x86 stable, works on both chroots.

Anything else? :)
Comment 3 Agostino Sarubbo gentoo-dev 2011-09-09 10:02:53 UTC
Already stable by Tomas. Adding glsa vote request.
Comment 4 Tim Sammut (RETIRED) gentoo-dev 2011-09-09 15:05:51 UTC
Thanks, folks. GLSA Vote: no.
Comment 5 Alex Legler (RETIRED) archtester Gentoo Infrastructure gentoo-dev Security 2011-09-09 18:47:06 UTC
NO too. Closing noglsa.
Comment 6 GLSAMaker/CVETool Bot gentoo-dev 2011-10-08 00:58:40 UTC
CVE-2011-3354 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3354):
  The CtcpParser::packedReply method in core/ctcpparser.cpp in Quassel before
  0.7.3 allows remote attackers to cause a denial of service (crash) via a
  crafted Client-To-Client Protocol (CTCP) request, as demonstrated in the
  wild in September 2011.