CVE-2013-4422 in quassel, a distributed IRC client, was incomplete. This could allow remote attackers to inject SQL queries after a database reconnection (e.g. when the backend PostgreSQL server is restarted)."> OVAL Reference oval:org.cisecurity:def:145 - CERT Civis.Net
Oval Definition:oval:org.cisecurity:def:145
Revision Date:2016-02-08Version:2
Title:DSA-3258-1 -- quassel -- security update
Description:It was discovered that the fix for CVE-2013-4422 in quassel, a distributed IRC client, was incomplete. This could allow remote attackers to inject SQL queries after a database reconnection (e.g. when the backend PostgreSQL server is restarted).
Family:unixClass:patch
Status:ACCEPTEDReference(s):CVE-2015-3427
DSA-3258-1
Platform(s):Debian 8
Product(s):quassel
Definition Synopsis
  • Debian 8 is installed
  • AND quassel is earlier than 1:0.10.0-2.3+deb8u1
    • BACK