[Pkg-kde-extras] Bug#896914: Bug#896914: quassel: Implement custom deserializer to add our own sanity checks

Scott Kitterman sklist at kitterman.com
Wed Apr 25 23:05:21 BST 2018


Issue descriptions from Gentoo (input for DSA text).  I'm not sure issue 2 is really a security issue.

Vuln 1:
Title: quasselcore, corruption of heap metadata caused by qdatastream
leading to preauth remote code execution.
Severity: high, by default the server port is publicly open and the address
can be requested using the /WHOIS command of IRC protocol.
Description: In Qdatastream protocol each object are prepended with 4 bytes
for the object size, this can be used to trigger allocation errors.


Vuln 2:
Title: quasselcore DDOS
Severity: low, impact only a quasselcore not configured.
Description: A login attempt causes a NULL pointer dereference because when
the database is not initialized.

Scott K



More information about the pkg-kde-extras mailing list