Bug #1023
Possible DoS attack vulnerability for multiple CTCP requests
| Status: | Resolved | Start date: | 09/21/2010 | |
|---|---|---|---|---|
| Priority: | High | Due date: | 09/21/2010 | |
| Assignee: | EgS | % Done: | 100% | |
| Category: | Quassel Core | |||
| Target version: | 0.6.3 | |||
| Version: | 0.6.2 | OS: | Any |
Description
Thanks to Jima for reporting and supporting.
History
#1 Updated by johu over 2 years ago
- Status changed from New to Resolved
- % Done changed from 0 to 100
If we receive multiple CTCP requests in one PRIVMSG we now answer with one packed NOTICE containing all CTCP replies. This fixes a possible DoS Attack rendering Quassels IRC connection useless. Upgrading is strongly recommended. Thanks to Jima for reporting and supporting.
fixed with a4ca568c