Vulnerabilites related to quassel-irc - quassel_irc
cve-2010-3443
Vulnerability from cvelistv5
Published
2013-11-23 11:00
Modified
2024-08-07 03:11
Severity ?
EPSS score ?
Summary
ctcphandler.cpp in Quassel before 0.6.3 and 0.7.x before 0.7.1 allows remote attackers to cause a denial of service (unresponsive IRC) via multiple Client-To-Client Protocol (CTCP) requests in a PRIVMSG message.
References
| ▼ | URL | Tags |
|---|---|---|
| http://git.quassel-irc.org/?p=quassel.git%3Ba=commitdiff%3Bh=a4ca568cdf68cf4a0343eb161518dc8e50cea87d | x_refsource_CONFIRM | |
| http://bugs.quassel-irc.org/issues/1023 | x_refsource_CONFIRM | |
| http://bugs.quassel-irc.org/issues/1024 | x_refsource_CONFIRM | |
| http://secunia.com/advisories/55581 | third-party-advisory, x_refsource_SECUNIA | |
| http://ubuntu.com/usn/usn-991-1 | vendor-advisory, x_refsource_UBUNTU | |
| http://quassel-irc.org/node/115 | x_refsource_CONFIRM | |
| http://security.gentoo.org/glsa/glsa-201311-03.xml | vendor-advisory, x_refsource_GENTOO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:11:43.740Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.quassel-irc.org/?p=quassel.git%3Ba=commitdiff%3Bh=a4ca568cdf68cf4a0343eb161518dc8e50cea87d"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.quassel-irc.org/issues/1023"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.quassel-irc.org/issues/1024"
},
{
"name": "55581",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/55581"
},
{
"name": "USN-991-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://ubuntu.com/usn/usn-991-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://quassel-irc.org/node/115"
},
{
"name": "GLSA-201311-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201311-03.xml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-11-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "ctcphandler.cpp in Quassel before 0.6.3 and 0.7.x before 0.7.1 allows remote attackers to cause a denial of service (unresponsive IRC) via multiple Client-To-Client Protocol (CTCP) requests in a PRIVMSG message."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-11-23T18:10:04",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.quassel-irc.org/?p=quassel.git%3Ba=commitdiff%3Bh=a4ca568cdf68cf4a0343eb161518dc8e50cea87d"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.quassel-irc.org/issues/1023"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.quassel-irc.org/issues/1024"
},
{
"name": "55581",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/55581"
},
{
"name": "USN-991-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://ubuntu.com/usn/usn-991-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://quassel-irc.org/node/115"
},
{
"name": "GLSA-201311-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201311-03.xml"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2010-3443",
"datePublished": "2013-11-23T11:00:00",
"dateReserved": "2010-09-17T00:00:00",
"dateUpdated": "2024-08-07T03:11:43.740Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-6404
Vulnerability from cvelistv5
Published
2013-12-09 11:00
Modified
2024-08-06 17:39
Severity ?
EPSS score ?
Summary
Quassel core (server daemon) in Quassel IRC before 0.9.2 does not properly verify the user ID when accessing user backlogs, which allows remote authenticated users to read other users' backlogs via the bufferid in (1) 16/select_buffer_by_id.sql, (2) 16/select_buffer_by_id.sql, and (3) 16/select_buffer_by_id.sql in core/SQL/PostgreSQL/.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/quassel/quassel/commit/a1a24da | x_refsource_CONFIRM | |
| http://lists.opensuse.org/opensuse-updates/2013-12/msg00092.html | vendor-advisory, x_refsource_SUSE | |
| http://www.openwall.com/lists/oss-security/2013/11/28/8 | mailing-list, x_refsource_MLIST | |
| http://quassel-irc.org/node/123 | x_refsource_CONFIRM | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/89377 | vdb-entry, x_refsource_XF | |
| http://secunia.com/advisories/55640 | third-party-advisory, x_refsource_SECUNIA | |
| http://lists.opensuse.org/opensuse-updates/2014-01/msg00078.html | vendor-advisory, x_refsource_SUSE | |
| http://osvdb.org/100432 | vdb-entry, x_refsource_OSVDB |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:39:01.300Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/quassel/quassel/commit/a1a24da"
},
{
"name": "openSUSE-SU-2013:1929",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00092.html"
},
{
"name": "[oss-security] 20131127 Re: CVE Request: Quassel IRC - manipulated clients can access backlog of all users on a shared core",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2013/11/28/8"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://quassel-irc.org/node/123"
},
{
"name": "quasselirc-cve20136404-sec-bypass(89377)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89377"
},
{
"name": "55640",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/55640"
},
{
"name": "openSUSE-SU-2014:0114",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00078.html"
},
{
"name": "100432",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/100432"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-11-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Quassel core (server daemon) in Quassel IRC before 0.9.2 does not properly verify the user ID when accessing user backlogs, which allows remote authenticated users to read other users\u0027 backlogs via the bufferid in (1) 16/select_buffer_by_id.sql, (2) 16/select_buffer_by_id.sql, and (3) 16/select_buffer_by_id.sql in core/SQL/PostgreSQL/."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/quassel/quassel/commit/a1a24da"
},
{
"name": "openSUSE-SU-2013:1929",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00092.html"
},
{
"name": "[oss-security] 20131127 Re: CVE Request: Quassel IRC - manipulated clients can access backlog of all users on a shared core",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2013/11/28/8"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://quassel-irc.org/node/123"
},
{
"name": "quasselirc-cve20136404-sec-bypass(89377)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89377"
},
{
"name": "55640",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/55640"
},
{
"name": "openSUSE-SU-2014:0114",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00078.html"
},
{
"name": "100432",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/100432"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-6404",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Quassel core (server daemon) in Quassel IRC before 0.9.2 does not properly verify the user ID when accessing user backlogs, which allows remote authenticated users to read other users\u0027 backlogs via the bufferid in (1) 16/select_buffer_by_id.sql, (2) 16/select_buffer_by_id.sql, and (3) 16/select_buffer_by_id.sql in core/SQL/PostgreSQL/."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/quassel/quassel/commit/a1a24da",
"refsource": "CONFIRM",
"url": "https://github.com/quassel/quassel/commit/a1a24da"
},
{
"name": "openSUSE-SU-2013:1929",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00092.html"
},
{
"name": "[oss-security] 20131127 Re: CVE Request: Quassel IRC - manipulated clients can access backlog of all users on a shared core",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2013/11/28/8"
},
{
"name": "http://quassel-irc.org/node/123",
"refsource": "CONFIRM",
"url": "http://quassel-irc.org/node/123"
},
{
"name": "quasselirc-cve20136404-sec-bypass(89377)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89377"
},
{
"name": "55640",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/55640"
},
{
"name": "openSUSE-SU-2014:0114",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00078.html"
},
{
"name": "100432",
"refsource": "OSVDB",
"url": "http://osvdb.org/100432"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-6404",
"datePublished": "2013-12-09T11:00:00",
"dateReserved": "2013-11-04T00:00:00",
"dateUpdated": "2024-08-06T17:39:01.300Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-8483
Vulnerability from cvelistv5
Published
2014-11-06 15:00
Modified
2024-08-06 13:18
Severity ?
EPSS score ?
Summary
The blowfishECB function in core/cipher.cpp in Quassel IRC 0.10.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a malformed string.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/61932 | third-party-advisory, x_refsource_SECUNIA | |
| http://lists.opensuse.org/opensuse-updates/2014-11/msg00046.html | vendor-advisory, x_refsource_SUSE | |
| http://www.ubuntu.com/usn/USN-2401-1 | vendor-advisory, x_refsource_UBUNTU | |
| http://secunia.com/advisories/62261 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.debian.org/security/2014/dsa-3063 | vendor-advisory, x_refsource_DEBIAN | |
| http://bugs.quassel-irc.org/issues/1314 | x_refsource_CONFIRM | |
| http://lists.opensuse.org/opensuse-updates/2015-03/msg00068.html | vendor-advisory, x_refsource_SUSE | |
| http://www.debian.org/security/2014/dsa-3068 | vendor-advisory, x_refsource_DEBIAN | |
| http://secunia.com/advisories/62035 | third-party-advisory, x_refsource_SECUNIA | |
| http://lists.opensuse.org/opensuse-updates/2014-11/msg00028.html | vendor-advisory, x_refsource_SUSE | |
| https://github.com/quassel/quassel/commit/8b5ecd226f9208af3074b33d3b7cf5e14f55b138 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:18:48.337Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "61932",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61932"
},
{
"name": "openSUSE-SU-2014:1406",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00046.html"
},
{
"name": "USN-2401-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2401-1"
},
{
"name": "62261",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/62261"
},
{
"name": "DSA-3063",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2014/dsa-3063"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.quassel-irc.org/issues/1314"
},
{
"name": "openSUSE-SU-2015:0573",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00068.html"
},
{
"name": "DSA-3068",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2014/dsa-3068"
},
{
"name": "62035",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/62035"
},
{
"name": "openSUSE-SU-2014:1382",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00028.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/quassel/quassel/commit/8b5ecd226f9208af3074b33d3b7cf5e14f55b138"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-09-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The blowfishECB function in core/cipher.cpp in Quassel IRC 0.10.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a malformed string."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-03-25T12:57:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "61932",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61932"
},
{
"name": "openSUSE-SU-2014:1406",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00046.html"
},
{
"name": "USN-2401-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2401-1"
},
{
"name": "62261",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/62261"
},
{
"name": "DSA-3063",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2014/dsa-3063"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.quassel-irc.org/issues/1314"
},
{
"name": "openSUSE-SU-2015:0573",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00068.html"
},
{
"name": "DSA-3068",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2014/dsa-3068"
},
{
"name": "62035",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/62035"
},
{
"name": "openSUSE-SU-2014:1382",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00028.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/quassel/quassel/commit/8b5ecd226f9208af3074b33d3b7cf5e14f55b138"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-8483",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The blowfishECB function in core/cipher.cpp in Quassel IRC 0.10.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a malformed string."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "61932",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61932"
},
{
"name": "openSUSE-SU-2014:1406",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00046.html"
},
{
"name": "USN-2401-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2401-1"
},
{
"name": "62261",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62261"
},
{
"name": "DSA-3063",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-3063"
},
{
"name": "http://bugs.quassel-irc.org/issues/1314",
"refsource": "CONFIRM",
"url": "http://bugs.quassel-irc.org/issues/1314"
},
{
"name": "openSUSE-SU-2015:0573",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00068.html"
},
{
"name": "DSA-3068",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-3068"
},
{
"name": "62035",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62035"
},
{
"name": "openSUSE-SU-2014:1382",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00028.html"
},
{
"name": "https://github.com/quassel/quassel/commit/8b5ecd226f9208af3074b33d3b7cf5e14f55b138",
"refsource": "CONFIRM",
"url": "https://github.com/quassel/quassel/commit/8b5ecd226f9208af3074b33d3b7cf5e14f55b138"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-8483",
"datePublished": "2014-11-06T15:00:00",
"dateReserved": "2014-10-24T00:00:00",
"dateUpdated": "2024-08-06T13:18:48.337Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-4422
Vulnerability from cvelistv5
Published
2013-10-23 15:00
Modified
2024-08-06 16:45
Severity ?
EPSS score ?
Summary
SQL injection vulnerability in Quassel IRC before 0.9.1, when Qt 4.8.5 or later and PostgreSQL 8.2 or later are used, allows remote attackers to execute arbitrary SQL commands via a \ (backslash) in a message.
References
| ▼ | URL | Tags |
|---|---|---|
| http://quassel-irc.org/node/120 | x_refsource_CONFIRM | |
| http://secunia.com/advisories/55194 | third-party-advisory, x_refsource_SECUNIA | |
| http://secunia.com/advisories/55581 | third-party-advisory, x_refsource_SECUNIA | |
| http://bugs.quassel-irc.org/issues/1244 | x_refsource_CONFIRM | |
| http://seclists.org/oss-sec/2013/q4/74 | mailing-list, x_refsource_MLIST | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/87805 | vdb-entry, x_refsource_XF | |
| http://security.gentoo.org/glsa/glsa-201311-03.xml | vendor-advisory, x_refsource_GENTOO | |
| http://www.securityfocus.com/bid/62923 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:45:13.900Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://quassel-irc.org/node/120"
},
{
"name": "55194",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/55194"
},
{
"name": "55581",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/55581"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.quassel-irc.org/issues/1244"
},
{
"name": "[oss-security] 20131010 Re: CVE Request - Quassel IRC SQL injection",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://seclists.org/oss-sec/2013/q4/74"
},
{
"name": "quasselirc-backslash-sql-injection(87805)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/87805"
},
{
"name": "GLSA-201311-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201311-03.xml"
},
{
"name": "62923",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/62923"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-10-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in Quassel IRC before 0.9.1, when Qt 4.8.5 or later and PostgreSQL 8.2 or later are used, allows remote attackers to execute arbitrary SQL commands via a \\ (backslash) in a message."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://quassel-irc.org/node/120"
},
{
"name": "55194",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/55194"
},
{
"name": "55581",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/55581"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.quassel-irc.org/issues/1244"
},
{
"name": "[oss-security] 20131010 Re: CVE Request - Quassel IRC SQL injection",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://seclists.org/oss-sec/2013/q4/74"
},
{
"name": "quasselirc-backslash-sql-injection(87805)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/87805"
},
{
"name": "GLSA-201311-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201311-03.xml"
},
{
"name": "62923",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/62923"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-4422",
"datePublished": "2013-10-23T15:00:00",
"dateReserved": "2013-06-12T00:00:00",
"dateUpdated": "2024-08-06T16:45:13.900Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2013-12-09 16:36
Modified
2024-11-21 01:59
Severity ?
Summary
Quassel core (server daemon) in Quassel IRC before 0.9.2 does not properly verify the user ID when accessing user backlogs, which allows remote authenticated users to read other users' backlogs via the bufferid in (1) 16/select_buffer_by_id.sql, (2) 16/select_buffer_by_id.sql, and (3) 16/select_buffer_by_id.sql in core/SQL/PostgreSQL/.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| quassel-irc | quassel_irc | * | |
| quassel-irc | quassel_irc | 0.9.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:quassel-irc:quassel_irc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD0D0C0E-20AB-469F-BF5C-E30A9D6174E7",
"versionEndIncluding": "0.9.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:quassel-irc:quassel_irc:0.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE271B1C-BB4D-43BD-804A-02A56AFE1D98",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Quassel core (server daemon) in Quassel IRC before 0.9.2 does not properly verify the user ID when accessing user backlogs, which allows remote authenticated users to read other users\u0027 backlogs via the bufferid in (1) 16/select_buffer_by_id.sql, (2) 16/select_buffer_by_id.sql, and (3) 16/select_buffer_by_id.sql in core/SQL/PostgreSQL/."
},
{
"lang": "es",
"value": "Quassel core (server daemon) en Quassel IRC anteriores a 0.9.2 no verifica correctamente el ID del usuario cuando accede a backlogs de usuario, lo cual permite a usuarios autenticados remotamente leer backlogs de otros usuarios a trav\u00e9s del bufferid en (1) 16/select_buffer_by_id.sql, (2) 16/select_buffer_by_id.sql, y (3) 16/select_buffer_by_id.sql en core/SQL/PostgreSQL/."
}
],
"id": "CVE-2013-6404",
"lastModified": "2024-11-21T01:59:09.630",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-12-09T16:36:47.283",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00092.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00078.html"
},
{
"source": "secalert@redhat.com",
"url": "http://osvdb.org/100432"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://quassel-irc.org/node/123"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/55640"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2013/11/28/8"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89377"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Patch"
],
"url": "https://github.com/quassel/quassel/commit/a1a24da"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00092.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00078.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/100432"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://quassel-irc.org/node/123"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/55640"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2013/11/28/8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89377"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "https://github.com/quassel/quassel/commit/a1a24da"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-11-06 15:55
Modified
2024-11-21 02:19
Severity ?
Summary
The blowfishECB function in core/cipher.cpp in Quassel IRC 0.10.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a malformed string.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| canonical | ubuntu_linux | 12.04 | |
| debian | debian_linux | 7.0 | |
| quassel-irc | quassel_irc | 0.10.0 | |
| opensuse | opensuse | 12.3 | |
| opensuse | opensuse | 13.1 | |
| opensuse | opensuse | 13.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:quassel-irc:quassel_irc:0.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D62A66D6-7508-4333-A414-4102CBB072F8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DFBF430B-0832-44B0-AA0E-BA9E467F7668",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The blowfishECB function in core/cipher.cpp in Quassel IRC 0.10.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a malformed string."
},
{
"lang": "es",
"value": "La funci\u00f3n blowfishECB en core/cipher.cpp en Quassel IRC 0.10.0 permite a atacantes remotos causar una denegaci\u00f3n de servicio (lectura fuera de rango) a trav\u00e9s de una cadena malformada."
}
],
"evaluatorComment": "\u003ca href=\"http://cwe.mitre.org/data/definitions/125.html\"\u003eCWE-125: Out-of-bounds Read\u003c/a\u003e",
"id": "CVE-2014-8483",
"lastModified": "2024-11-21T02:19:09.360",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-11-06T15:55:09.523",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "http://bugs.quassel-irc.org/issues/1314"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00028.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00046.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00068.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Permissions Required",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61932"
},
{
"source": "cve@mitre.org",
"tags": [
"Permissions Required",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/62035"
},
{
"source": "cve@mitre.org",
"tags": [
"Permissions Required",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/62261"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-3063"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-3068"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2401-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "https://github.com/quassel/quassel/commit/8b5ecd226f9208af3074b33d3b7cf5e14f55b138"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "http://bugs.quassel-irc.org/issues/1314"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00028.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00046.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00068.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61932"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/62035"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/62261"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-3063"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-3068"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2401-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "https://github.com/quassel/quassel/commit/8b5ecd226f9208af3074b33d3b7cf5e14f55b138"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-10-23 16:54
Modified
2024-11-21 01:55
Severity ?
Summary
SQL injection vulnerability in Quassel IRC before 0.9.1, when Qt 4.8.5 or later and PostgreSQL 8.2 or later are used, allows remote attackers to execute arbitrary SQL commands via a \ (backslash) in a message.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:quassel-irc:quassel_irc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "170E86C5-BBF5-428C-ADA6-3A15EBDA4E19",
"versionEndIncluding": "0.9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:quassel-irc:quassel_irc:0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1433FF02-5809-4437-81C9-F3DDBEEBDF58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:quassel-irc:quassel_irc:0.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "757EAC47-2700-4328-91AA-E530629C1ACA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:quassel-irc:quassel_irc:0.3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6C753CCF-AA7D-4691-87A2-E9D8E3C6B907",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:quassel-irc:quassel_irc:0.3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "01E3D0A4-E754-4730-B926-FEDEE7967356",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:quassel-irc:quassel_irc:0.3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5A85C99B-79A9-4FAF-BA6F-C4137D9FA709",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:quassel-irc:quassel_irc:0.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "862BCFFB-C188-423B-B66B-B34E65958F9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:quassel-irc:quassel_irc:0.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "34CDFCD1-7992-4AAC-9357-1B20C477A3D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:quassel-irc:quassel_irc:0.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "297A53B8-257A-4730-A745-06451A993DF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:quassel-irc:quassel_irc:0.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "831DBB69-C22C-466A-AA01-F8D89AF2516B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:quassel-irc:quassel_irc:0.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3A85F092-B58B-461C-A81C-C237EBEB9575",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:quassel-irc:quassel_irc:0.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E09B40EF-B855-4CE4-B1D2-9FEA960C2F86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:quassel-irc:quassel_irc:0.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E52C0DA4-45C8-4D40-9736-CCF133629C6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:quassel-irc:quassel_irc:0.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "68EE8417-05A3-4CAB-8540-20DD34EB6E00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:quassel-irc:quassel_irc:0.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0887210F-24D0-4E24-87B4-0F07764CA891",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:quassel-irc:quassel_irc:0.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F9FEC0F5-4EAE-48EE-848C-E3BD14CCE65D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:quassel-irc:quassel_irc:0.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "06385037-D229-4A07-B1A6-1989BDA19C79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:quassel-irc:quassel_irc:0.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EA572CB3-5A7F-4BBC-B01D-97412ECE3CB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:quassel-irc:quassel_irc:0.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1F7079BD-A592-4947-86CB-A1CEAC0B1207",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:quassel-irc:quassel_irc:0.7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0C40856E-C88B-42D1-B5A7-F1E1E5FFDD59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:quassel-irc:quassel_irc:0.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8EE7000F-0920-4CFC-8619-7C49F6120FF1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7213327F-6909-43A7-952E-11600C28D4E3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "10EF0EA6-C8B6-40A7-A3AE-8639CA94D5C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D9F645F3-9767-4FD8-94EB-1096DF24E6C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C342A823-EF6F-4557-9F9E-D8893EA4C2BA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B85A443F-0802-412F-9AEE-3525311C93D4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "06253BA8-7F1E-4C79-9B2E-197307A627F0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "2A213AB8-A5FE-4062-B895-2FC4B19F60A4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "9A3F083E-59A8-41B1-826F-2CA39BD425C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DE49E2D5-8EAC-49C7-B704-E626FBE7EC35",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "A5059B2F-B588-463E-8E96-BC9DA129C12E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C919AF97-9713-44F8-B742-89C438DB0B48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "400BBC62-5D03-465B-A864-9CD479B963F8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "BC8C96F7-7F85-4E47-A05F-15E3C70AF583",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.2.13:*:*:*:*:*:*:*",
"matchCriteriaId": "6C236CF1-72C0-4C3D-AE04-B67E3F18EEC8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.2.14:*:*:*:*:*:*:*",
"matchCriteriaId": "ECC98D47-8B3C-4DE6-8C45-F5B92266027F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "C170C441-619A-48DB-9332-05FA4E62C342",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.2.16:*:*:*:*:*:*:*",
"matchCriteriaId": "053A2531-CFAA-466D-811C-A6154826D596",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.2.17:*:*:*:*:*:*:*",
"matchCriteriaId": "84A3D04C-2739-474C-B659-CBCFA574198B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.2.18:*:*:*:*:*:*:*",
"matchCriteriaId": "8D38CF1E-A944-4F7A-BECE-F8DF2589C873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A2A705DF-3654-427F-8B11-62DB0B6C9813",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "05AD5D33-86F4-4BFF-BA84-02AA1347BEEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "02FDCF30-D0F7-48AA-9633-9CC060495F47",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "788975F6-B3F1-4C21-B963-6BA59F14B71C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E6713D96-338B-4467-9F05-3153997F62E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "01EB1A77-92AD-47FB-8290-D05C9B6C19C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "74857259-30C7-422D-A24D-BE1E33F09466",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "CD80066B-787E-496B-88FD-F0AE291468C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "88C9F0AB-A125-4DCD-A02B-E04D4D95FB5D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "8FF13F89-F4C3-43EC-A36A-2F9283E923B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "F2631F09-73DD-4A28-8082-3939D89DDBE0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "82DDE9E7-EBF9-452B-8380-F9E87CF30ACA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "4BAE68CF-198D-4F01-92F3-4DED7E50ACA6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.3.13:*:*:*:*:*:*:*",
"matchCriteriaId": "EF798CBC-C8BB-4F88-A927-B385A0DD8F19",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.3.14:*:*:*:*:*:*:*",
"matchCriteriaId": "BF8F568F-7D23-4553-95C5-C7C6B6584EB7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.3.15:*:*:*:*:*:*:*",
"matchCriteriaId": "A1DB64EA-DE7B-4CA4-8121-90612409152D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.3.16:*:*:*:*:*:*:*",
"matchCriteriaId": "7A932403-9187-471B-BE65-4B6907D57D1B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.3.17:*:*:*:*:*:*:*",
"matchCriteriaId": "5CC6D76B-EF54-4F03-84BB-4CEAE31C4FFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.3.18:*:*:*:*:*:*:*",
"matchCriteriaId": "FE4CDA93-AEF6-489E-A5A1-BDC62BC9707B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.3.19:*:*:*:*:*:*:*",
"matchCriteriaId": "6866FCCB-1E43-4D8A-BC89-F06CB7A904B5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.3.20:*:*:*:*:*:*:*",
"matchCriteriaId": "1198129D-E814-4BB8-88DA-E500EB65E01D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.3.21:*:*:*:*:*:*:*",
"matchCriteriaId": "1937DF43-31CA-4AB8-8832-96AAD73A7FCF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.3.22:*:*:*:*:*:*:*",
"matchCriteriaId": "59AC452F-3902-4E6C-856D-469C87AAC1C2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "8F30CA60-0A82-45CD-8044-CE245393593D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5C991F71-1E27-47A6-97DC-424FC3EF6011",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5740C7AA-1772-41D8-9851-3E3669CD8521",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "970338CD-A680-4DD0-BD27-459B0DDA4002",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A99C579D-44C0-40A4-A4EB-CBCF40D0C2FA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3E9E57FA-5EAE-4698-992D-146C6310E0B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "C66CDEC1-FB2E-49B7-A8BE-38E43C8ED652",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "87DF2937-9C51-4768-BAB1-901BCA636ADD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "515C0ECD-2D95-4B6E-8E2F-DAF94E4A310F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "EA0EB754-7A71-40FA-9EAD-44914EB758C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "1089D316-D5A3-4F2D-9E52-57FD626A1D06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "F17D9158-E85A-4436-9180-E8546CF8F290",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.4.12:*:*:*:*:*:*:*",
"matchCriteriaId": "64CBBE6E-8FDA-46AD-96A9-8C6CFFE97ABC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.4.13:*:*:*:*:*:*:*",
"matchCriteriaId": "C7A0D13E-6B06-42E9-BEB9-C8FCC3A4E2ED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.4.14:*:*:*:*:*:*:*",
"matchCriteriaId": "AB79FB06-4712-4DE8-8C0B-5CEE8530828D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.4.15:*:*:*:*:*:*:*",
"matchCriteriaId": "7054A3D4-8C52-4636-B135-1078B8DF1D5D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.4.16:*:*:*:*:*:*:*",
"matchCriteriaId": "A6763B2A-00C4-4AAB-8769-9AAEE4BAA603",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2DD4DE67-9E3C-4F79-8AAB-344C1C46C618",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:9.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CCB718D2-97AA-4D61-AA4B-2216EEF55F67",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:9.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "605C06BF-54A0-40F8-A01E-8641B4A83035",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:9.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1F1F5B75-78D5-408E-8148-CA23DCED9CBB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:9.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "88DE8C27-0E0A-4428-B25D-054D4FC6FEA8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:9.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F609DDE4-0858-4F83-B8E6-7870196E21CB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:9.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "349F02AF-013E-4264-9717-010293A3D6E4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:9.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "047926F2-846A-4870-9640-9A4F2804D71B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:9.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "BB0165D8-0BFA-4D46-95A3-45A03DC086FB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:9.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "1D6CF6A0-43DC-4C64-A3C4-01EB36F6672B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:9.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "1E8251C0-9CAE-4608-BC11-75646A601408",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:9.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "AC024E5D-122D-4E3D-AD24-759AB5940F20",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:9.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "723336B5-405A-4236-A507-2C26E591CF49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4796DBEC-FF4F-4749-90D5-AD83D8B5E086",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:9.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "79108278-D644-4506-BD9C-F464C6E817B7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:9.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "10CF0AA0-41CD-4D50-BA7A-BF8846115C95",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:9.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "965E1A9D-BB23-4C0B-A9CA-54A1855055B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:9.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A1F37C66-0AFE-4D59-8867-BDBCE656774E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:9.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5CE53AE6-232C-4068-98D1-7749007C3CFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:9.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "FFD38139-FD17-41E7-8D10-7731D8203CFC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:9.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "CCC0B41F-38FF-4D41-9E31-D666A84BB2FC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:9.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "A591CB08-5CEB-45EB-876F-417DCD60AF53",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AD27648F-E2FF-4779-97F9-2632DCC6B16D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:9.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CEFB4916-8B59-4534-804C-CF9DA1B18508",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:9.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3413A3AB-45A3-48E1-9B30-1194C4E7D49D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:9.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5760CE83-4802-42A0-9338-E1E634882450",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:quassel-irc:quassel_irc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "170E86C5-BBF5-428C-ADA6-3A15EBDA4E19",
"versionEndIncluding": "0.9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:quassel-irc:quassel_irc:0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1433FF02-5809-4437-81C9-F3DDBEEBDF58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:quassel-irc:quassel_irc:0.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "757EAC47-2700-4328-91AA-E530629C1ACA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:quassel-irc:quassel_irc:0.3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6C753CCF-AA7D-4691-87A2-E9D8E3C6B907",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:quassel-irc:quassel_irc:0.3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "01E3D0A4-E754-4730-B926-FEDEE7967356",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:quassel-irc:quassel_irc:0.3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5A85C99B-79A9-4FAF-BA6F-C4137D9FA709",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:quassel-irc:quassel_irc:0.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "862BCFFB-C188-423B-B66B-B34E65958F9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:quassel-irc:quassel_irc:0.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "34CDFCD1-7992-4AAC-9357-1B20C477A3D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:quassel-irc:quassel_irc:0.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "297A53B8-257A-4730-A745-06451A993DF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:quassel-irc:quassel_irc:0.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "831DBB69-C22C-466A-AA01-F8D89AF2516B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:quassel-irc:quassel_irc:0.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3A85F092-B58B-461C-A81C-C237EBEB9575",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:quassel-irc:quassel_irc:0.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E09B40EF-B855-4CE4-B1D2-9FEA960C2F86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:quassel-irc:quassel_irc:0.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E52C0DA4-45C8-4D40-9736-CCF133629C6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:quassel-irc:quassel_irc:0.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "68EE8417-05A3-4CAB-8540-20DD34EB6E00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:quassel-irc:quassel_irc:0.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0887210F-24D0-4E24-87B4-0F07764CA891",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:quassel-irc:quassel_irc:0.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F9FEC0F5-4EAE-48EE-848C-E3BD14CCE65D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:quassel-irc:quassel_irc:0.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "06385037-D229-4A07-B1A6-1989BDA19C79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:quassel-irc:quassel_irc:0.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EA572CB3-5A7F-4BBC-B01D-97412ECE3CB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:quassel-irc:quassel_irc:0.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1F7079BD-A592-4947-86CB-A1CEAC0B1207",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:quassel-irc:quassel_irc:0.7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0C40856E-C88B-42D1-B5A7-F1E1E5FFDD59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:quassel-irc:quassel_irc:0.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8EE7000F-0920-4CFC-8619-7C49F6120FF1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:qt:qt:4.8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "581FF62C-BD93-485C-A5BA-E5EBFEDC45C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:qt:qt:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "03C7E11D-AA2C-48BB-8C50-B04E5CD3A7C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:qt:qt:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E30B4386-B419-46B7-945F-C04F79600708",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in Quassel IRC before 0.9.1, when Qt 4.8.5 or later and PostgreSQL 8.2 or later are used, allows remote attackers to execute arbitrary SQL commands via a \\ (backslash) in a message."
},
{
"lang": "es",
"value": "Vulnerabilidad de inyecci\u00f3n SQL en Quassel IRC anterior a la versi\u00f3n 0.9.1, cuando Qt 4.8.5 o posteriores y PostgreSQL 8.2 o posteriores son usados, permite a atacantes remotos ejecutar comandos SQL arbitrarios a trav\u00e9s de una \\ (barra invertida) en un mensaje."
}
],
"id": "CVE-2013-4422",
"lastModified": "2024-11-21T01:55:32.120",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-10-23T16:54:28.907",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://bugs.quassel-irc.org/issues/1244"
},
{
"source": "secalert@redhat.com",
"url": "http://quassel-irc.org/node/120"
},
{
"source": "secalert@redhat.com",
"url": "http://seclists.org/oss-sec/2013/q4/74"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/55194"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/55581"
},
{
"source": "secalert@redhat.com",
"url": "http://security.gentoo.org/glsa/glsa-201311-03.xml"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/62923"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/87805"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugs.quassel-irc.org/issues/1244"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://quassel-irc.org/node/120"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/oss-sec/2013/q4/74"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/55194"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/55581"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201311-03.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/62923"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/87805"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-11-23 11:55
Modified
2024-11-21 01:18
Severity ?
Summary
ctcphandler.cpp in Quassel before 0.6.3 and 0.7.x before 0.7.1 allows remote attackers to cause a denial of service (unresponsive IRC) via multiple Client-To-Client Protocol (CTCP) requests in a PRIVMSG message.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| quassel-irc | quassel_irc | * | |
| quassel-irc | quassel_irc | 0.1.0 | |
| quassel-irc | quassel_irc | 0.3.0 | |
| quassel-irc | quassel_irc | 0.3.0.1 | |
| quassel-irc | quassel_irc | 0.3.0.2 | |
| quassel-irc | quassel_irc | 0.3.0.3 | |
| quassel-irc | quassel_irc | 0.3.1 | |
| quassel-irc | quassel_irc | 0.4.0 | |
| quassel-irc | quassel_irc | 0.4.1 | |
| quassel-irc | quassel_irc | 0.4.2 | |
| quassel-irc | quassel_irc | 0.4.3 | |
| quassel-irc | quassel_irc | 0.5.0 | |
| quassel-irc | quassel_irc | 0.6.1 | |
| quassel-irc | quassel_irc | 0.7.0 | |
| canonical | ubuntu_linux | 9.04 | |
| canonical | ubuntu_linux | 9.10 | |
| canonical | ubuntu_linux | 10.04 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:quassel-irc:quassel_irc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "384843FB-51ED-43F4-ABA1-08850242F1DE",
"versionEndIncluding": "0.6.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:quassel-irc:quassel_irc:0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1433FF02-5809-4437-81C9-F3DDBEEBDF58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:quassel-irc:quassel_irc:0.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "757EAC47-2700-4328-91AA-E530629C1ACA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:quassel-irc:quassel_irc:0.3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6C753CCF-AA7D-4691-87A2-E9D8E3C6B907",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:quassel-irc:quassel_irc:0.3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "01E3D0A4-E754-4730-B926-FEDEE7967356",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:quassel-irc:quassel_irc:0.3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5A85C99B-79A9-4FAF-BA6F-C4137D9FA709",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:quassel-irc:quassel_irc:0.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "862BCFFB-C188-423B-B66B-B34E65958F9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:quassel-irc:quassel_irc:0.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "34CDFCD1-7992-4AAC-9357-1B20C477A3D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:quassel-irc:quassel_irc:0.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "297A53B8-257A-4730-A745-06451A993DF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:quassel-irc:quassel_irc:0.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "831DBB69-C22C-466A-AA01-F8D89AF2516B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:quassel-irc:quassel_irc:0.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3A85F092-B58B-461C-A81C-C237EBEB9575",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:quassel-irc:quassel_irc:0.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E09B40EF-B855-4CE4-B1D2-9FEA960C2F86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:quassel-irc:quassel_irc:0.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E52C0DA4-45C8-4D40-9736-CCF133629C6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:quassel-irc:quassel_irc:0.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F9FEC0F5-4EAE-48EE-848C-E3BD14CCE65D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:9.04:*:*:*:*:*:*:*",
"matchCriteriaId": "A5D026D0-EF78-438D-BEDD-FC8571F3ACEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*",
"matchCriteriaId": "A2BCB73E-27BB-4878-AD9C-90C4F20C25A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:-:lts:*:*:*:*:*",
"matchCriteriaId": "7118F616-25CA-4E34-AA13-4D14BB62419F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ctcphandler.cpp in Quassel before 0.6.3 and 0.7.x before 0.7.1 allows remote attackers to cause a denial of service (unresponsive IRC) via multiple Client-To-Client Protocol (CTCP) requests in a PRIVMSG message."
},
{
"lang": "es",
"value": "ctcphandler.cpp en Quassel anterior a la versi\u00f3n 0.6.3 y 0.7.x anterior a 0.7.1 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (IRC sin respuesta) a trav\u00e9s de m\u00faltiples peticiones Client-To-Client Protocol (CTCP) en un mensaje PRIVMSG."
}
],
"id": "CVE-2010-3443",
"lastModified": "2024-11-21T01:18:45.053",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-11-23T11:55:04.163",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://bugs.quassel-irc.org/issues/1023"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://bugs.quassel-irc.org/issues/1024"
},
{
"source": "secalert@redhat.com",
"url": "http://git.quassel-irc.org/?p=quassel.git%3Ba=commitdiff%3Bh=a4ca568cdf68cf4a0343eb161518dc8e50cea87d"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://quassel-irc.org/node/115"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/55581"
},
{
"source": "secalert@redhat.com",
"url": "http://security.gentoo.org/glsa/glsa-201311-03.xml"
},
{
"source": "secalert@redhat.com",
"url": "http://ubuntu.com/usn/usn-991-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://bugs.quassel-irc.org/issues/1023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://bugs.quassel-irc.org/issues/1024"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://git.quassel-irc.org/?p=quassel.git%3Ba=commitdiff%3Bh=a4ca568cdf68cf4a0343eb161518dc8e50cea87d"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://quassel-irc.org/node/115"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/55581"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201311-03.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://ubuntu.com/usn/usn-991-1"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}