Bug 636942 (CVE-2010-3443)

Summary: CVE-2010-3443 quassel: multiple CTCP requests may lead to DoS
Product: [Other] Security Response Reporter: Vincent Danen <vdanen>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED ERRATA QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedCC: lorenzo, muep, smparrish
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2011-06-14 17:05:17 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 636944    
Bug Blocks:    

Description Vincent Danen 2010-09-23 18:15:11 UTC
Quassel is vulnerable to a denial of service if it receives multiple CTCP requests in one PRIVMSG.  The new version of Quassel (0.6.3 and 0.7) now answer with one packed NOTICE response containing all CTCP replies.

This affects Quassel as provided by Fedora.

References:

[1] http://quassel-irc.org/node/115
[2] http://bugs.quassel-irc.org/issues/1024
[3] http://bugs.quassel-irc.org/projects/quassel-irc/repository/revisions/fdec4a88742d1586a5fdfad767151c72a4a82af2/diff

Comment 1 Vincent Danen 2010-09-23 18:16:21 UTC
Created quassel tracking bugs for this issue

Affects: fedora-all [bug 636944]

Comment 2 Vincent Danen 2010-10-01 19:59:26 UTC
This has been assigned the name CVE-2010-3443.

Comment 3 Joonas Sarajärvi 2010-10-25 06:51:23 UTC
This was reported over a month ago, and there is a bugfix release available that claims to fix this. Could the updated version be made available at least in Fedora 13 updates-testing?

Comment 4 Vincent Danen 2011-06-14 17:05:17 UTC
Fixed in Fedora, 20111107, via quassel-0.7.1-1.fc* (new upstream version)