Vulnerability CVE-2013-6404

Vulnerability Name:

CVE-2013-6404 (CCN-89377)

Assigned:

2013-11-28

Published:

2013-11-28

Updated:

2017-08-29

Summary:

Quassel core (server daemon) in Quassel IRC before 0.9.2 does not properly verify the user ID when accessing user backlogs, which allows remote authenticated users to read other users' backlogs via the bufferid in (1) 16/select_buffer_by_id.sql, (2) 16/select_buffer_by_id.sql, and (3) 16/select_buffer_by_id.sql in core/SQL/PostgreSQL/.

CVSS v3 Severity:

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): Low Availibility (A): None

CVSS v2 Severity:

4.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:S/C:P/I:N/A:N)
3.0 Low (Temporal CVSS v2 Vector: AV:N/AC:L/Au:S/C:P/I:N/A:N/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): Single_Instance
Impact Metrics:	Confidentiality (C): Partial Integrity (I): None Availibility (A): None

5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)
3.7 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): Partial Availibility (A): None

Vulnerability Type:

CWE-264

Vulnerability Consequences:

Bypass Security

References:

Source: MITRE
Type: CNA
CVE-2013-6404

Source: SUSE
Type: UNKNOWN
openSUSE-SU-2013:1929

Source: SUSE
Type: UNKNOWN
openSUSE-SU-2014:0114

Source: OSVDB
Type: UNKNOWN
100432

Source: CCN
Type: Quassel IRC Web site
Quassel IRC

Source: CONFIRM
Type: Patch, Vendor Advisory
http://quassel-irc.org/node/123

Source: CCN
Type: oss-sec Mailing List, Thu, 28 Nov 2013 01:05:39 -0700
Re: CVE Request: Quassel IRC - manipulated clients can access backlog of all users on a shared core

Source: CCN
Type: SA55640
Quassel IRC Backlog Access Bypass Vulnerabilities

Source: SECUNIA
Type: Vendor Advisory
55640

Source: MLIST
Type: UNKNOWN
[oss-security] 20131127 Re: CVE Request: Quassel IRC - manipulated clients can access backlog of all users on a shared core

Source: CCN
Type: OSVDB ID: 100432
Quassel IRC Crafted Request Arbitrary User Backlog Remote Disclosure

Source: CCN
Type: BID-63980
Quassel IRC CVE-2013-6404 Security Bypass Vulnerability

Source: XF
Type: UNKNOWN
quasselirc-cve20136404-sec-bypass(89377)

Source: XF
Type: UNKNOWN
quasselirc-cve20136404-sec-bypass(89377)

Source: CONFIRM
Type: Exploit, Patch
https://github.com/quassel/quassel/commit/a1a24da

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2013-6404

Vulnerable Configuration:

Configuration 1:

cpe:/a:quassel-irc:quassel_irc:0.9.0:*:*:*:*:*:*:*

OR cpe:/a:quassel-irc:quassel_irc:*:*:*:*:*:*:*:* (Version <= 0.9.1)

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20136404	V	CVE-2013-6404	2017-03-01
oval:com.ubuntu.precise:def:20136404000	V	CVE-2013-6404 on Ubuntu 12.04 LTS (precise) - low.	2013-12-09

BACK