Tucos

**Name of the Vulnerable Software and Affected Versions** Quassel versions prior to 0.12.4 **Description** The issue allows remote attackers to cause a denial of service, resulting in a crash due to a NULL pointer dereference. This occurs when the `onReadyRead` function in `coreauthhandler.cpp` processes invalid handshake data. **Recommendations** For versions prior to 0.12.4, update to version 0.12.4 or later to resolve the issue. As a temporary workaround, consider restricting access to the `onReadyRead` function until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Quassel IRC version 0.10.0 **Description** The issue allows remote attackers to cause a denial of service, specifically an out-of-bounds read, by providing a malformed string to the blowfishECB function in core/cipher.cpp. **Recommendations** For Quassel IRC version 0.10.0, consider disabling the blowfishECB function as a temporary workaround until a patch is available.