[v3.0] quassel: denial of service (CVE-2015-2778, CVE-2015-2779)
Quassel before 0.12-rc1 uses an incorrect data-type size when splitting a message, which allows remote attackers to cause a denial of service (crash) via a long CTCP query containing only multibyte characters (CVE-2015-2778).
Stack consumption vulnerability in the message splitting functionality in Quassel before 0.12-rc1 allows remote attackers to cause a denial of service (uncontrolled recursion) via a crafted massage (CVE-2015-2779).
References:
http://seclists.org/oss-sec/2015/q1/903
CONFIRM:
https://github.com/quassel/quassel/commit/b5e38970ffd55e2dd9f706ce75af9a8d7730b1b8
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2778
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2779
(from redmine: issue id 4148, created on 2015-05-11, closed on 2017-09-05)
- Relations:
- relates #4220 (closed)
- parent #4146