Upstream information
Description
The blowfishECB function in core/cipher.cpp in Quassel IRC 0.10.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a malformed string.SUSE information
Overall state of this security issue: Does not affect SUSE products
This issue is currently not rated by SUSE as it is not affecting the SUSE Enterprise products.
National Vulnerability Database | SUSE | |
---|---|---|
Base Score | 5 | 1.2 |
Vector | AV:N/AC:L/Au:N/C:N/I:N/A:P | AV:L/AC:H/Au:N/C:P/I:N/A:N |
Access Vector | Network | Local |
Access Complexity | Low | High |
Authentication | None | None |
Confidentiality Impact | None | Partial |
Integrity Impact | None | None |
Availability Impact | Partial | None |
SUSE Security Advisories:
- openSUSE-SU-2014:1382-1
openSUSE-SU-2014:1406-1
openSUSE-SU-2015:0573-1
List of released packages
Product(s) | Fixed package version(s) | References |
---|---|---|
openSUSE Leap 15.0 |
| Patchnames: openSUSE Leap 15.0 GA konversation-1.7.4-lp150.2.1 |
openSUSE Leap 15.2 |
| Patchnames: openSUSE Leap 15.2 GA konversation-1.7.5-lp152.3.14 |
openSUSE Leap 15.3 |
| Patchnames: openSUSE Leap 15.3 GA konversation-1.7.5-bp153.1.25 |
openSUSE Leap 15.4 |
| Patchnames: openSUSE Leap 15.4 GA konversation-21.12.3-bp154.1.33 |
openSUSE Tumbleweed |
| Patchnames: openSUSE-Tumbleweed-2024-10238 |
SUSE Timeline for this CVE
CVE page created: Mon Oct 27 06:38:27 2014CVE page last modified: Sat Jun 15 22:22:11 2024