Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Sat, 12 Dec 2015 10:55:10 +0100
From: Pierre Schweitzer <pierre@...ctos.org>
To: oss-security@...ts.openwall.com
Cc: cve-assign@...re.org
Subject: CVE request: Remote DoS in Quassel

Dear all,

It was discovered and fixed [1] in Quassel, a DoS remotely triggerable
by any client on a Quassel core.

Any client sending the command "/op *" in a query will cause the Quassel
core to crash. I was able to reproduce it with Quassel 0.10.0.

No release has this fix in yet.

Can a CVE be assigned to this issue?

Cheers,

[1]:
https://github.com/quassel/quassel/commit/b8edbda019eeb99da8663193e224efc9d1265dc7
-- 
Pierre Schweitzer <pierre at reactos.org>
System & Network Administrator
Senior Kernel Developer
ReactOS Deutschland e.V.


[ CONTENT OF TYPE application/pgp-signature SKIPPED ]

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ