ID CVE-2015-8547
Summary The CoreUserInputHandler::doMode function in core/coreuserinputhandler.cpp in Quassel 0.10.0 allows remote attackers to cause a denial of service (application crash) via the "/op *" command in a query.
References
Vulnerable Configurations
  • Quassel-IRC Quassel 0.10.0
    cpe:2.3:a:quassel-irc:quassel:0.10.0
  • openSUSE Leap 42.1
    cpe:2.3:o:opensuse:leap:42.1
  • OpenSUSE 13.1
    cpe:2.3:o:opensuse:opensuse:13.1
  • OpenSUSE 13.2
    cpe:2.3:o:opensuse:opensuse:13.2
CVSS
Base: 5.0 (as of 13-01-2016 - 11:01)
Impact:
Exploitability:
CWE CWE-17
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
nessus via4
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_9E7306B9A5C311E5B86414DAE9D210B8.NASL
    description Pierre Schweitzer reports : Any client sending the command '/op *' in a query will cause the Quassel core to crash.
    last seen 2019-02-21
    modified 2018-11-21
    plugin id 87542
    published 2015-12-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=87542
    title FreeBSD : quassel -- remote denial of service (9e7306b9-a5c3-11e5-b864-14dae9d210b8)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2016-7F0B1E47AC.NASL
    description Added security fix for CVE-2015-8547 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2016-10-18
    plugin id 89571
    published 2016-03-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=89571
    title Fedora 23 : quassel-0.12.2-6.fc23 (2016-7f0b1e47ac)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2015-938.NASL
    description Quassel was updated to fix a remote DoS security issue. The following vulnerability was fixed : - CVE-2015-8547: Remote DoS in Quassel core
    last seen 2018-09-01
    modified 2016-10-13
    plugin id 87617
    published 2015-12-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=87617
    title openSUSE Security Update : quassel (openSUSE-2015-938)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2016-3BC3D7F66E.NASL
    description Added security fix for CVE-2015-8547 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2016-10-18
    plugin id 89517
    published 2016-03-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=89517
    title Fedora 22 : quassel-0.12.2-6.fc22 (2016-3bc3d7f66e)
refmap via4
confirm
fedora
  • FEDORA-2016-3bc3d7f66e
  • FEDORA-2016-7f0b1e47ac
mlist
  • [oss-security] 20151212 CVE request: Remote DoS in Quassel
  • [oss-security] 20151212 Re: CVE request: Remote DoS in Quassel
suse openSUSE-SU-2015:2345
Last major update 07-12-2016 - 13:28
Published 08-01-2016 - 14:59
Last modified 30-10-2018 - 12:27
Back to Top