Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 382313 (CVE-2011-3354) - <net-irc/quassel-0.7.3 CTCP request Core DoS (CVE-2011-3354)
Summary: <net-irc/quassel-0.7.3 CTCP request Core DoS (CVE-2011-3354)
Status: RESOLVED FIXED
Alias: CVE-2011-3354
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
URL: http://git.quassel-irc.org/?p=quassel...
Whiteboard: B3 [noglsa]
Keywords:
Depends on:
Blocks:
 
Reported: 2011-09-08 20:10 UTC by Alex Legler (RETIRED)
Modified: 2011-10-08 00:58 UTC (History)
3 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Alex Legler (RETIRED) archtester gentoo-dev Security 2011-09-08 20:10:23 UTC
CtcpParser::packedReply in src/core/ctcpparser.cpp in Quassel does not process certain CTCP requests correctly, allowing a remote attacker connected to the same IRC network as the victim to cause a Denial of Service condition by sending specially crafted CTCP requests. This was demonstrated in various exploits on freenode today.

Fixed in git commit in $URL, released as quassel-0.7.3.
Comment 1 Alex Legler (RETIRED) archtester gentoo-dev Security 2011-09-08 20:10:54 UTC
Maintainers: Can we stabilize 0.7.3?
Comment 2 Tomáš Chvátal (RETIRED) gentoo-dev 2011-09-08 20:15:39 UTC
Amd64 and x86 stable, works on both chroots.

Anything else? :)
Comment 3 Agostino Sarubbo gentoo-dev 2011-09-09 10:02:53 UTC
Already stable by Tomas. Adding glsa vote request.
Comment 4 Tim Sammut (RETIRED) gentoo-dev 2011-09-09 15:05:51 UTC
Thanks, folks. GLSA Vote: no.
Comment 5 Alex Legler (RETIRED) archtester gentoo-dev Security 2011-09-09 18:47:06 UTC
NO too. Closing noglsa.
Comment 6 GLSAMaker/CVETool Bot gentoo-dev 2011-10-08 00:58:40 UTC
CVE-2011-3354 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3354):
  The CtcpParser::packedReply method in core/ctcpparser.cpp in Quassel before
  0.7.3 allows remote attackers to cause a denial of service (crash) via a
  crafted Client-To-Client Protocol (CTCP) request, as demonstrated in the
  wild in September 2011.