Unrated severityNVD Advisory· Published Dec 17, 2008· Updated Apr 23, 2026
CVE-2008-5657
CVE-2008-5657
Description
CRLF injection vulnerability in Quassel Core before 0.3.0.3 allows remote attackers to spoof IRC messages as other users via a crafted CTCP message.
Affected products
13cpe:2.3:a:quassel:quassel_core:*:*:*:*:*:*:*:*+ 12 more
- cpe:2.3:a:quassel:quassel_core:*:*:*:*:*:*:*:*range: <=0.3.0.2
- cpe:2.3:a:quassel:quassel_core:0.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:quassel:quassel_core:0.2.0:alpha1:*:*:*:*:*:*
- cpe:2.3:a:quassel:quassel_core:0.2.0:alpha2:*:*:*:*:*:*
- cpe:2.3:a:quassel:quassel_core:0.2.0:alpha3:*:*:*:*:*:*
- cpe:2.3:a:quassel:quassel_core:0.2.0:alpha4:*:*:*:*:*:*
- cpe:2.3:a:quassel:quassel_core:0.2.0:alpha5:*:*:*:*:*:*
- cpe:2.3:a:quassel:quassel_core:0.2.0:beta1:*:*:*:*:*:*
- cpe:2.3:a:quassel:quassel_core:0.2.0:pre:*:*:*:*:*:*
- cpe:2.3:a:quassel:quassel_core:0.2.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:quassel:quassel_core:0.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:quassel:quassel_core:0.3.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:quassel:quassel_core:0.3.0:pre:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
11- quassel-irc.org/node/89nvdPatchVendor Advisory
- bugs.debian.org/cgi-bin/bugreport.cginvd
- secunia.com/advisories/32470nvd
- secunia.com/advisories/32692nvd
- wouter.coekaerts.be/site/security/quassel-ctcpnvd
- www.securityfocus.com/archive/1/497882/30/0/threadednvd
- www.securityfocus.com/archive/1/497884nvd
- www.securityfocus.com/bid/31973nvd
- www.vupen.com/english/advisories/2008/3164nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/46195nvd
- www.redhat.com/archives/fedora-package-announce/2008-November/msg00354.htmlnvd
News mentions
0No linked articles in our index yet.