FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

quassel -- remote denial of service

Affected packages
quassel < 0.12.4

Details

VuXML ID 7d64d00c-43e3-11e6-ab34-002590263bf5
Discovery 2016-04-24
Entry 2016-07-07

Mitre reports:

The onReadyRead function in core/coreauthhandler.cpp in Quassel before 0.12.4 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via invalid handshake data.

References

CVE Name CVE-2016-4414
URL http://quassel-irc.org/node/129
URL http://www.openwall.com/lists/oss-security/2016/04/30/2
URL http://www.openwall.com/lists/oss-security/2016/04/30/4
URL https://github.com/quassel/quassel/commit/e678873