Vulnerability Report

CVE-2011-3354

Title: Quassel-Irc Quassel Denial of Service (DoS)

DoS

Proof Of Concept

No public PoC currently indexed for CVE-2011-3354.

CWE Category CWE-399

Published Date Oct 04, 2011

Modified Date Apr 29, 2026

Exploit Status Not Found

Score 5.0 CVSS v2.0

Exploit Probability (EPSS)

1.62%

Vulnerability Summary

CVE-2011-3354: The CtcpParser::packedReply method in core/ctcpparser.cpp in Quassel before 0.7.3 allows remote attackers to cause a denial of service (crash) via a crafted Client-To-Client Protocol (CTCP) request, as demonstrated in the wild in September 2011.

Impacted Vendors

quassel-irc 1

Reference Links

http://bugs.quassel-irc.org/projects/quassel-irc/repository/revisions/da215fcb9cd3096a3e223c87577d5d4ab8f8518b/diff/src/core/ctcpparser.cpp http://osvdb.org/75351 http://secunia.com/advisories/45970 http://www.openwall.com/lists/oss-security/2011/09/08/7 http://www.openwall.com/lists/oss-security/2011/09/09/7 http://www.securityfocus.com/bid/49526 http://www.ubuntu.com/usn/USN-1200-1 https://bugs.gentoo.org/show_bug.cgi?id=382313 https://exchange.xforce.ibmcloud.com/vulnerabilities/69682 http://bugs.quassel-irc.org/projects/quassel-irc/repository/revisions/da215fcb9cd3096a3e223c87577d5d4ab8f8518b/diff/src/core/ctcpparser.cpp http://osvdb.org/75351 http://secunia.com/advisories/45970 http://www.openwall.com/lists/oss-security/2011/09/08/7 http://www.openwall.com/lists/oss-security/2011/09/09/7 http://www.securityfocus.com/bid/49526 http://www.ubuntu.com/usn/USN-1200-1 https://bugs.gentoo.org/show_bug.cgi?id=382313 https://exchange.xforce.ibmcloud.com/vulnerabilities/69682

CVSS v2.0

Source Entity [email protected]

Severity MEDIUM

5.0

Access Vector

N/A

Authentication

N/A

RAW VECTOR AV:N/AC:L/Au:N/C:N/I:N/A:P

Associated Attack Patterns (CAPEC)

Total: Patterns

CVE-2011-3354 Exploits & PoCs (Proof Of Concept)

No public PoCs found in our database for this CVE.

April 29, 2026 MODIFIED

Vulnerability data updated via NVD.

April 11, 2025 MODIFIED

Vulnerability data or affected products updated.

October 04, 2011 PUBLISHED

Vulnerability first announced in NVD.

Attack Vector Matrix

Access Vector N/A

Complexity N/A

Privileges N/A

Interaction NONE

CVSS Vector String


                                    AV:N/AC:L/Au:N/C:N/I:N/A:P

Affected Stack

No specific products linked.