Vulnerabilities > CVE-2014-8483 - Out-of-bounds Read vulnerability in multiple products

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
canonical
debian
quassel-irc
opensuse
CWE-125
nessus
NVD
Published: 2014-11-06
Updated: 2018-10-30

Summary

The blowfishECB function in core/cipher.cpp in Quassel IRC 0.10.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a malformed string.

Vulnerable Configurations

Part Description Count
OS
Canonical
1
OS
Debian
1
OS
Opensuse
3
Application
Quassel-Irc
1

Common Weakness Enumeration (CWE)

Common Attack Pattern Enumeration and Classification (CAPEC)

  • Overread Buffers
    An adversary attacks a target by providing input that causes an application to read beyond the boundary of a defined buffer. This typically occurs when a value influencing where to start or stop reading is set to reflect positions outside of the valid memory location of the buffer. This type of attack may result in exposure of sensitive information, a system crash, or arbitrary code execution.

Nessus

  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-3068.NASL
    descriptionIt was discovered that Konversation, an IRC client for KDE, could be crashed when receiving malformed messages using FiSH encryption.
    last seen2020-03-17
    modified2014-11-10
    plugin id79064
    published2014-11-10
    reporterThis script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/79064
    titleDebian DSA-3068-1 : konversation - security update
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DLA-168.NASL
    descriptionIt was discovered that Konversation, an IRC client for KDE, could by crashed when receiving malformed messages using FiSH encryption. NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-17
    modified2015-03-26
    plugin id82152
    published2015-03-26
    reporterThis script is Copyright (C) 2015-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/82152
    titleDebian DLA-168-1 : konversation security update
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2015-251.NASL
    descriptionKDE and QT were updated to fix security issues and bugs. The following vulerabilities were fixed : - CVE-2014-0190: Malformed GIF files could have crashed QT based applications - CVE-2015-0295: Malformed BMP files could have crashed QT based applications - CVE-2014-8600: Multiple cross-site scripting (XSS) vulnerabilities in the KDE runtime could have allowed remote attackers to insert arbitrary web script or HTML via crafted URIs using one of several supported URL schemes - CVE-2014-8483: A missing size check in the Blowfish ECB could have lead to a crash of Konversation or 11 byte information leak - CVE-2014-3494: The KMail POP3 kioslave accepted invalid certifiates and allowed a man-in-the-middle (MITM) attack Additionally, Konversation was updated to 1.5.1 to fix bugs.
    last seen2020-06-05
    modified2015-03-24
    plugin id82014
    published2015-03-24
    reporterThis script is Copyright (C) 2015-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/82014
    titleopenSUSE Security Update : kdebase4-runtime / kdelibs4 / konversation / etc (openSUSE-2015-251)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2014-638.NASL
    descriptionquassel was updated to fix an out-of-bound read (CVE-2014-8483).
    last seen2020-06-05
    modified2014-11-11
    plugin id79104
    published2014-11-11
    reporterThis script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/79104
    titleopenSUSE Security Update : quassel (openSUSE-SU-2014:1382-1)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-3063.NASL
    descriptionAn out-of-bounds read vulnerability was discovered in Quassel-core, one of the components of the distributed IRC client Quassel. An attacker can send a crafted message that crash to component causing a denial of services or disclosure of information from process memory.
    last seen2020-03-17
    modified2014-11-04
    plugin id78834
    published2014-11-04
    reporterThis script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/78834
    titleDebian DSA-3063-1 : quassel - security update
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-2401-1.NASL
    descriptionManuel Nickschas discovered that Konversation did not properly perform input sanitization when using Blowfish ECB encryption. A remote attacker could exploit this to cause a denial of service. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id79121
    published2014-11-11
    reporterUbuntu Security Notice (C) 2014-2019 Canonical, Inc. / NASL script (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/79121
    titleUbuntu 12.04 LTS : konversation vulnerability (USN-2401-1)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2014-13791.NASL
    descriptionKonversation 1.5.1 is a maintenance release containing only bug fixes. The included changes address several minor behavioral defects and a low-risk DoS security defect in the Blowfish ECB support. See also: https://konversation.kde.org/ Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-17
    modified2014-11-17
    plugin id79257
    published2014-11-17
    reporterThis script is Copyright (C) 2014-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/79257
    titleFedora 20 : konversation-1.5.1-1.fc20 (2014-13791)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2014-13702.NASL
    descriptionKonversation 1.5.1 is a maintenance release containing only bug fixes. The included changes address several minor behavioral defects and a low-risk DoS security defect in the Blowfish ECB support. See also: https://konversation.kde.org/ Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-17
    modified2014-11-17
    plugin id79256
    published2014-11-17
    reporterThis script is Copyright (C) 2014-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/79256
    titleFedora 19 : konversation-1.5.1-1.fc19 (2014-13702)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2014-659.NASL
    descriptionkonversation was updated to version 1.5.1, fixing bugs and one security issue. Changes : - Konversation 1.5.1 is a maintenance release containing only bug fixes. The included changes address several minor behavioral defects and a low-risk DoS security defect in the Blowfish ECB support. The KDE Platform version dependency has increased to v4.9.0 to gain access to newer Qt socket transport security flags. - Fixed a bug causing wildcards in command alias replacement patterns not to be expanded. - Fixed a bug causing auto-joining of channels not starting in # or & to sometimes fail because the auto-join command was generated before we got the CHANTYPES pronouncement by the server. - Added a size sanity check for incoming Blowfish ECB blocks. The blind assumption of incoming blocks being the expected 12 bytes could lead to a crash or up to 11 byte information leak due to an out-of-bounds read. CVE-2014-8483. - Enabling SSL/TLS support for connections will now advertise the protocols Qt considers secure by default, instead of being hardcoded to TLSv1. - Fixed the bundled
    last seen2020-06-05
    modified2014-11-13
    plugin id79226
    published2014-11-13
    reporterThis script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/79226
    titleopenSUSE Security Update : konversation (openSUSE-SU-2014:1406-1)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2014-13837.NASL
    descriptionKonversation 1.5.1 is a maintenance release containing only bug fixes. The included changes address several minor behavioral defects and a low-risk DoS security defect in the Blowfish ECB support. See also: https://konversation.kde.org/ Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-17
    modified2014-11-12
    plugin id79193
    published2014-11-12
    reporterThis script is Copyright (C) 2014-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/79193
    titleFedora 21 : konversation-1.5.1-1.fc21 (2014-13837)
  • NASL familyFreeBSD Local Security Checks
    NASL idFREEBSD_PKG_0167F5AD64EA11E498C100269EE29E57.NASL
    descriptionKonversation developers report : Konversation
    last seen2020-06-01
    modified2020-06-02
    plugin id78878
    published2014-11-06
    reporterThis script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/78878
    titleFreeBSD : Konversation -- out-of-bounds read on a heap-allocated array (0167f5ad-64ea-11e4-98c1-00269ee29e57)

References