PT-2008-6710 · Quassel · Quassel Core

Coekie

Publicado

2008-12-17

Atualizado

2017-08-08

CVE-2008-5657

CVSS v2.0

7.5

Alta

Vetor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Quassel Core versions prior to 0.3.0.3

Description A CRLF injection issue allows remote attackers to spoof IRC messages as other users via a crafted CTCP message.

Recommendations For versions prior to 0.3.0.3, update to version 0.3.0.3 or later to resolve the issue.

Correção

RCE

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

CVE-2008-5657

Quassel Core