CVE-2011-3354
Published: 9 September 2011
The CtcpParser::packedReply method in core/ctcpparser.cpp in Quassel before 0.7.3 allows remote attackers to cause a denial of service (crash) via a crafted Client-To-Client Protocol (CTCP) request, as demonstrated in the wild in September 2011.
Notes
Author | Note |
---|---|
jdstrand | remote DoS being actively exploited CVE requested on oss-security |
Priority
Status
Package | Release | Status |
---|---|---|
quassel Launchpad, Ubuntu, Debian |
upstream |
Released
(0.7.3)
|
hardy |
Does not exist
|
|
lucid |
Released
(0.6.1-0ubuntu1.2)
|
|
maverick |
Released
(0.7.1-0ubuntu1.1)
|
|
natty |
Released
(0.7.2-0ubuntu2.2)
|
|
Patches: other: http://git.quassel-irc.org/?p=quassel.git;a=commit;h=da215fcb9cd3096a3e223c87577d5d4ab8f8518b |