PT-2008-6710 · Quassel · Quassel Core

Coekie

Published

2008-12-17

Updated

2017-08-08

CVE-2008-5657

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Quassel Core versions prior to 0.3.0.3

Description A CRLF injection issue allows remote attackers to spoof IRC messages as other users via a crafted CTCP message.

Recommendations For versions prior to 0.3.0.3, update to version 0.3.0.3 or later to resolve the issue.

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

CVE-2008-5657

Quassel Core