AOH :: HP Unsorted Q :: VA1665.HTM

Quassel connection hijacking



Quassel IRC: connection hijacking
Quassel IRC: connection hijacking



Quassel IRC (http://quassel-irc.org/) is "a modern, cross-platform, 
distributed IRC client".
A vulnerability in the CTCP handling allows an attacker to trick Quassel IRC 
into sending arbitrary commands to the IRC server.
This can be used by an attacker for example to gain operator privileges on a 
channel.

Details
======A CTCP ping where the value contains a CTCP quoted newline ('\020' + 'n') will 
let the Quassel core reply with a message containing an unquoted newline 
('\n'). The IRC server interprets this as a command separator.

Solution
=======This has been fixed in version 0.3.0.2, released Oct 27 2008.

Online version: http://wouter.coekaerts.be/site/security/quassel-ctcp 

The entire AOH site is optimized to look best in Firefox® 3 on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH
We do not send spam. If you have received spam bearing an artofhacking.com email address, please forward it with full headers to abuse@artofhacking.com.