ID CVE-2016-4414
Summary The onReadyRead function in core/coreauthhandler.cpp in Quassel before 0.12.4 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via invalid handshake data. <a href="http://cwe.mitre.org/data/definitions/476.html">CWE-476: NULL Pointer Dereference</a>
References
Vulnerable Configurations
  • cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
    cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
  • cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
    cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
  • cpe:2.3:a:quassel-irc:quassel:0.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:quassel-irc:quassel:0.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:quassel-irc:quassel:0.2.0:alpha1:*:*:*:*:*:*
    cpe:2.3:a:quassel-irc:quassel:0.2.0:alpha1:*:*:*:*:*:*
  • cpe:2.3:a:quassel-irc:quassel:0.2.0:alpha2:*:*:*:*:*:*
    cpe:2.3:a:quassel-irc:quassel:0.2.0:alpha2:*:*:*:*:*:*
  • cpe:2.3:a:quassel-irc:quassel:0.2.0:alpha3:*:*:*:*:*:*
    cpe:2.3:a:quassel-irc:quassel:0.2.0:alpha3:*:*:*:*:*:*
  • cpe:2.3:a:quassel-irc:quassel:0.2.0:alpha4:*:*:*:*:*:*
    cpe:2.3:a:quassel-irc:quassel:0.2.0:alpha4:*:*:*:*:*:*
  • cpe:2.3:a:quassel-irc:quassel:0.2.0:alpha5:*:*:*:*:*:*
    cpe:2.3:a:quassel-irc:quassel:0.2.0:alpha5:*:*:*:*:*:*
  • cpe:2.3:a:quassel-irc:quassel:0.2.0:beta1:*:*:*:*:*:*
    cpe:2.3:a:quassel-irc:quassel:0.2.0:beta1:*:*:*:*:*:*
  • cpe:2.3:a:quassel-irc:quassel:0.2.0:pre:*:*:*:*:*:*
    cpe:2.3:a:quassel-irc:quassel:0.2.0:pre:*:*:*:*:*:*
  • cpe:2.3:a:quassel-irc:quassel:0.2.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:quassel-irc:quassel:0.2.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:quassel-irc:quassel:0.3.0:*:*:*:*:*:*:*
    cpe:2.3:a:quassel-irc:quassel:0.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:quassel-irc:quassel:0.3.0:pre:*:*:*:*:*:*
    cpe:2.3:a:quassel-irc:quassel:0.3.0:pre:*:*:*:*:*:*
  • cpe:2.3:a:quassel-irc:quassel:0.3.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:quassel-irc:quassel:0.3.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:quassel-irc:quassel:0.3.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:quassel-irc:quassel:0.3.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:quassel-irc:quassel:0.3.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:quassel-irc:quassel:0.3.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:quassel-irc:quassel:0.3.1:*:*:*:*:*:*:*
    cpe:2.3:a:quassel-irc:quassel:0.3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:quassel-irc:quassel:0.4.0:*:*:*:*:*:*:*
    cpe:2.3:a:quassel-irc:quassel:0.4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:quassel-irc:quassel:0.4.1:*:*:*:*:*:*:*
    cpe:2.3:a:quassel-irc:quassel:0.4.1:*:*:*:*:*:*:*
  • cpe:2.3:a:quassel-irc:quassel:0.4.2:*:*:*:*:*:*:*
    cpe:2.3:a:quassel-irc:quassel:0.4.2:*:*:*:*:*:*:*
  • cpe:2.3:a:quassel-irc:quassel:0.4.3:*:*:*:*:*:*:*
    cpe:2.3:a:quassel-irc:quassel:0.4.3:*:*:*:*:*:*:*
  • cpe:2.3:a:quassel-irc:quassel:0.5:rc1:*:*:*:*:*:*
    cpe:2.3:a:quassel-irc:quassel:0.5:rc1:*:*:*:*:*:*
  • cpe:2.3:a:quassel-irc:quassel:0.5:rc2:*:*:*:*:*:*
    cpe:2.3:a:quassel-irc:quassel:0.5:rc2:*:*:*:*:*:*
  • cpe:2.3:a:quassel-irc:quassel:0.5.0:*:*:*:*:*:*:*
    cpe:2.3:a:quassel-irc:quassel:0.5.0:*:*:*:*:*:*:*
  • cpe:2.3:a:quassel-irc:quassel:0.5.1:*:*:*:*:*:*:*
    cpe:2.3:a:quassel-irc:quassel:0.5.1:*:*:*:*:*:*:*
  • cpe:2.3:a:quassel-irc:quassel:0.5.2:*:*:*:*:*:*:*
    cpe:2.3:a:quassel-irc:quassel:0.5.2:*:*:*:*:*:*:*
  • cpe:2.3:a:quassel-irc:quassel:0.6:beta1:*:*:*:*:*:*
    cpe:2.3:a:quassel-irc:quassel:0.6:beta1:*:*:*:*:*:*
  • cpe:2.3:a:quassel-irc:quassel:0.6:rc1:*:*:*:*:*:*
    cpe:2.3:a:quassel-irc:quassel:0.6:rc1:*:*:*:*:*:*
  • cpe:2.3:a:quassel-irc:quassel:0.6.0:*:*:*:*:*:*:*
    cpe:2.3:a:quassel-irc:quassel:0.6.0:*:*:*:*:*:*:*
  • cpe:2.3:a:quassel-irc:quassel:0.6.1:*:*:*:*:*:*:*
    cpe:2.3:a:quassel-irc:quassel:0.6.1:*:*:*:*:*:*:*
  • cpe:2.3:a:quassel-irc:quassel:0.6.2:*:*:*:*:*:*:*
    cpe:2.3:a:quassel-irc:quassel:0.6.2:*:*:*:*:*:*:*
  • cpe:2.3:a:quassel-irc:quassel:0.6.3:*:*:*:*:*:*:*
    cpe:2.3:a:quassel-irc:quassel:0.6.3:*:*:*:*:*:*:*
  • cpe:2.3:a:quassel-irc:quassel:0.7:beta1:*:*:*:*:*:*
    cpe:2.3:a:quassel-irc:quassel:0.7:beta1:*:*:*:*:*:*
  • cpe:2.3:a:quassel-irc:quassel:0.7:pre:*:*:*:*:*:*
    cpe:2.3:a:quassel-irc:quassel:0.7:pre:*:*:*:*:*:*
  • cpe:2.3:a:quassel-irc:quassel:0.7:rc1:*:*:*:*:*:*
    cpe:2.3:a:quassel-irc:quassel:0.7:rc1:*:*:*:*:*:*
  • cpe:2.3:a:quassel-irc:quassel:0.7.0:*:*:*:*:*:*:*
    cpe:2.3:a:quassel-irc:quassel:0.7.0:*:*:*:*:*:*:*
  • cpe:2.3:a:quassel-irc:quassel:0.7.1:*:*:*:*:*:*:*
    cpe:2.3:a:quassel-irc:quassel:0.7.1:*:*:*:*:*:*:*
  • cpe:2.3:a:quassel-irc:quassel:0.7.2:*:*:*:*:*:*:*
    cpe:2.3:a:quassel-irc:quassel:0.7.2:*:*:*:*:*:*:*
  • cpe:2.3:a:quassel-irc:quassel:0.7.3:*:*:*:*:*:*:*
    cpe:2.3:a:quassel-irc:quassel:0.7.3:*:*:*:*:*:*:*
  • cpe:2.3:a:quassel-irc:quassel:0.7.4:*:*:*:*:*:*:*
    cpe:2.3:a:quassel-irc:quassel:0.7.4:*:*:*:*:*:*:*
  • cpe:2.3:a:quassel-irc:quassel:0.8:beta1:*:*:*:*:*:*
    cpe:2.3:a:quassel-irc:quassel:0.8:beta1:*:*:*:*:*:*
  • cpe:2.3:a:quassel-irc:quassel:0.8:pre:*:*:*:*:*:*
    cpe:2.3:a:quassel-irc:quassel:0.8:pre:*:*:*:*:*:*
  • cpe:2.3:a:quassel-irc:quassel:0.8:rc1:*:*:*:*:*:*
    cpe:2.3:a:quassel-irc:quassel:0.8:rc1:*:*:*:*:*:*
  • cpe:2.3:a:quassel-irc:quassel:0.8.0:*:*:*:*:*:*:*
    cpe:2.3:a:quassel-irc:quassel:0.8.0:*:*:*:*:*:*:*
  • cpe:2.3:a:quassel-irc:quassel:0.9:beta1:*:*:*:*:*:*
    cpe:2.3:a:quassel-irc:quassel:0.9:beta1:*:*:*:*:*:*
  • cpe:2.3:a:quassel-irc:quassel:0.9:pre:*:*:*:*:*:*
    cpe:2.3:a:quassel-irc:quassel:0.9:pre:*:*:*:*:*:*
  • cpe:2.3:a:quassel-irc:quassel:0.9:rc1:*:*:*:*:*:*
    cpe:2.3:a:quassel-irc:quassel:0.9:rc1:*:*:*:*:*:*
  • cpe:2.3:a:quassel-irc:quassel:0.9.0:*:*:*:*:*:*:*
    cpe:2.3:a:quassel-irc:quassel:0.9.0:*:*:*:*:*:*:*
  • cpe:2.3:a:quassel-irc:quassel:0.9.1:*:*:*:*:*:*:*
    cpe:2.3:a:quassel-irc:quassel:0.9.1:*:*:*:*:*:*:*
  • cpe:2.3:a:quassel-irc:quassel:0.9.2:*:*:*:*:*:*:*
    cpe:2.3:a:quassel-irc:quassel:0.9.2:*:*:*:*:*:*:*
  • cpe:2.3:a:quassel-irc:quassel:0.9.3:*:*:*:*:*:*:*
    cpe:2.3:a:quassel-irc:quassel:0.9.3:*:*:*:*:*:*:*
  • cpe:2.3:a:quassel-irc:quassel:0.10:beta1:*:*:*:*:*:*
    cpe:2.3:a:quassel-irc:quassel:0.10:beta1:*:*:*:*:*:*
  • cpe:2.3:a:quassel-irc:quassel:0.10:pre:*:*:*:*:*:*
    cpe:2.3:a:quassel-irc:quassel:0.10:pre:*:*:*:*:*:*
  • cpe:2.3:a:quassel-irc:quassel:0.10:rc1:*:*:*:*:*:*
    cpe:2.3:a:quassel-irc:quassel:0.10:rc1:*:*:*:*:*:*
  • cpe:2.3:a:quassel-irc:quassel:0.10.0:*:*:*:*:*:*:*
    cpe:2.3:a:quassel-irc:quassel:0.10.0:*:*:*:*:*:*:*
  • cpe:2.3:a:quassel-irc:quassel:0.10.1:*:*:*:*:*:*:*
    cpe:2.3:a:quassel-irc:quassel:0.10.1:*:*:*:*:*:*:*
  • cpe:2.3:a:quassel-irc:quassel:0.11:pre:*:*:*:*:*:*
    cpe:2.3:a:quassel-irc:quassel:0.11:pre:*:*:*:*:*:*
  • cpe:2.3:a:quassel-irc:quassel:0.11.0:*:*:*:*:*:*:*
    cpe:2.3:a:quassel-irc:quassel:0.11.0:*:*:*:*:*:*:*
  • cpe:2.3:a:quassel-irc:quassel:0.12:beta1:*:*:*:*:*:*
    cpe:2.3:a:quassel-irc:quassel:0.12:beta1:*:*:*:*:*:*
  • cpe:2.3:a:quassel-irc:quassel:0.12:pre:*:*:*:*:*:*
    cpe:2.3:a:quassel-irc:quassel:0.12:pre:*:*:*:*:*:*
  • cpe:2.3:a:quassel-irc:quassel:0.12:rc1:*:*:*:*:*:*
    cpe:2.3:a:quassel-irc:quassel:0.12:rc1:*:*:*:*:*:*
  • cpe:2.3:a:quassel-irc:quassel:0.12.0:*:*:*:*:*:*:*
    cpe:2.3:a:quassel-irc:quassel:0.12.0:*:*:*:*:*:*:*
  • cpe:2.3:a:quassel-irc:quassel:0.12.1:*:*:*:*:*:*:*
    cpe:2.3:a:quassel-irc:quassel:0.12.1:*:*:*:*:*:*:*
  • cpe:2.3:a:quassel-irc:quassel:0.12.2:*:*:*:*:*:*:*
    cpe:2.3:a:quassel-irc:quassel:0.12.2:*:*:*:*:*:*:*
  • cpe:2.3:a:quassel-irc:quassel:0.12.3:*:*:*:*:*:*:*
    cpe:2.3:a:quassel-irc:quassel:0.12.3:*:*:*:*:*:*:*
  • cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*
    cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*
  • cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*
    cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*
  • cpe:2.3:o:fedoraproject:fedora:24:*:*:*:*:*:*:*
    cpe:2.3:o:fedoraproject:fedora:24:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 30-10-2018 - 16:27)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:N/I:N/A:P
refmap via4
confirm
fedora
  • FEDORA-2016-0431acaa78
  • FEDORA-2016-42f30d76a0
  • FEDORA-2016-bf916bcc04
mlist
  • [oss-security] 20160430 CVE request - Quassel IRC denial of service
  • [oss-security] 20160430 Re: CVE request - Quassel IRC denial of service
suse openSUSE-SU-2016:1314
Last major update 30-10-2018 - 16:27
Published 13-06-2016 - 19:59
Last modified 30-10-2018 - 16:27
Back to Top