Vulnerabilities > CVE-2015-2778 - Resource Management Errors vulnerability in Quassel-Irc Quassel

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

quassel-irc

CWE-399

nessus

NVD

Published: 2015-04-10

Updated: 2016-12-03

Summary

Quassel before 0.12-rc1 uses an incorrect data-type size when splitting a message, which allows remote attackers to cause a denial of service (crash) via a long CTCP query containing only multibyte characters.

Vulnerable Configurations

Part	Description	Count
Application	Quassel-Irc Quassel IRC Quassel 0.1.0 Quassel IRC Quassel 0.2.0 Quassel IRC Quassel 0.3.0 Quassel IRC Quassel 0.3.0.1 Quassel IRC Quassel 0.3.0.2 Quassel IRC Quassel 0.3.0.3 Quassel IRC Quassel 0.3.1 Quassel IRC Quassel 0.4.0 Quassel IRC Quassel 0.4.1 Quassel IRC Quassel 0.4.2 Quassel IRC Quassel 0.4.3 Quassel IRC Quassel 0.5 Quassel IRC Quassel 0.5.0 Quassel IRC Quassel 0.5.1 Quassel IRC Quassel 0.5.2 Quassel IRC Quassel 0.6 Quassel IRC Quassel 0.6.0 Quassel IRC Quassel 0.6.1 Quassel IRC Quassel 0.6.2 Quassel IRC Quassel 0.6.3 Quassel IRC Quassel 0.7 Quassel IRC Quassel 0.7.0 Quassel IRC Quassel 0.7.1 Quassel IRC Quassel 0.7.2 Quassel IRC Quassel 0.7.3 Quassel IRC Quassel 0.7.4 Quassel IRC Quassel 0.8 Quassel IRC Quassel 0.8.0 Quassel IRC Quassel 0.9 Quassel IRC Quassel 0.9.0 Quassel IRC Quassel 0.9.1 Quassel IRC Quassel 0.9.2 Quassel IRC Quassel 0.9.3 Quassel IRC Quassel 0.10 Quassel IRC Quassel 0.10.0 Quassel IRC Quassel 0.10.1 Quassel IRC Quassel 0.11 Quassel IRC Quassel 0.11.0	56

Common Weakness Enumeration (CWE)

CWE-399 - Resource Management Errors

Nessus

NASL family	SuSE Local Security Checks
NASL id	OPENSUSE-2015-294.NASL
description	The IRC client quassel was updated to fix two security issues. The following vulnerabilities were fixed : - quassel could crash when receiving an overlength CTCP query containing only multibyte characters (bnc#924930 CVE-2015-2778) - quassel could incorrectly split a message in the middle of a multibyte character, leading to DoS (bnc#924933 CVE-2015-2779)
last seen	2020-06-05
modified	2015-04-09
plugin id	82652
published	2015-04-09
reporter	This script is Copyright (C) 2015-2020 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/82652
title	openSUSE Security Update : quassel (openSUSE-2015-294)
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update openSUSE-2015-294. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(82652); script_version("1.3"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04"); script_cve_id("CVE-2015-2778", "CVE-2015-2779"); script_name(english:"openSUSE Security Update : quassel (openSUSE-2015-294)"); script_summary(english:"Check for the openSUSE-2015-294 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "The IRC client quassel was updated to fix two security issues. The following vulnerabilities were fixed : - quassel could crash when receiving an overlength CTCP query containing only multibyte characters (bnc#924930 CVE-2015-2778) - quassel could incorrectly split a message in the middle of a multibyte character, leading to DoS (bnc#924933 CVE-2015-2779)" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=924930" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=924933" ); script_set_attribute( attribute:"solution", value:"Update the affected quassel packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:quassel-base"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:quassel-client"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:quassel-client-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:quassel-core"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:quassel-core-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:quassel-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:quassel-mono"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:quassel-mono-debuginfo"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:13.1"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:13.2"); script_set_attribute(attribute:"patch_publication_date", value:"2015/04/02"); script_set_attribute(attribute:"plugin_publication_date", value:"2015/04/09"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2015-2020 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) \|\| release =~ "^(SLED\|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE13\.1\|SUSE13\.2)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "13.1 / 13.2", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586\|i686\|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE13.1", reference:"quassel-base-0.9.2-19.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"quassel-client-0.9.2-19.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"quassel-client-debuginfo-0.9.2-19.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"quassel-core-0.9.2-19.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"quassel-core-debuginfo-0.9.2-19.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"quassel-debugsource-0.9.2-19.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"quassel-mono-0.9.2-19.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"quassel-mono-debuginfo-0.9.2-19.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"quassel-base-0.10.0-3.7.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"quassel-client-0.10.0-3.7.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"quassel-client-debuginfo-0.10.0-3.7.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"quassel-core-0.10.0-3.7.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"quassel-core-debuginfo-0.10.0-3.7.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"quassel-debugsource-0.10.0-3.7.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"quassel-mono-0.10.0-3.7.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"quassel-mono-debuginfo-0.10.0-3.7.1") ) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "quassel-base / quassel-client / quassel-client-debuginfo / etc"); }

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Nessus

References