Lucene search
UbuntuUSN-2401-1HistoryNov 10, 2014 - 12:00 a.m.
Konversation vulnerability
2014-11-1000:00:00
ubuntu.com
29
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
6.3 Medium
AI Score
Confidence
Low
0.034 Low
EPSS
Percentile
91.5%
Releases
- Ubuntu 12.04
Packages
- konversation - Internet Relay Chat (IRC) client for KDE
Details
Manuel Nickschas discovered that Konversation did not properly perform
input sanitization when using Blowfish ECB encryption. A remote attacker
could exploit this to cause a denial of service.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 12.04 | noarch | konversation | < 1.4-1ubuntu2.1 | UNKNOWN |
| Ubuntu | 12.04 | noarch | konversation-dbg | < 1.4-1ubuntu2.1 | UNKNOWN |
References
Related
freebsd
freebsd
Konversation -- out-of-bounds read on a heap-allocated array
2014-11-04 00:00:00
nessus
nessus
Debian DSA-3068-1 : konversation - security update
2014-11-10 00:00:00
Ubuntu 12.04 LTS : konversation vulnerability (USN-2401-1)
2014-11-11 00:00:00
Debian DLA-168-1 : konversation security update
2015-03-26 00:00:00
openvas
openvas
Debian Security Advisory DSA 3068-1 (konversation - security update)
2014-11-07 00:00:00
Ubuntu: Security Advisory (USN-2401-1)
2014-11-11 00:00:00
Mageia: Security Advisory (MGASA-2014-0437)
2022-01-28 00:00:00
debian
debian
[SECURITY] [DLA 168-1] konversation security update
2015-03-07 21:38:47
[SECURITY] [DSA 3063-1] quassel security update
2014-11-02 21:31:23
[SECURITY] [DSA 3068-1] konversation security update
2014-11-07 10:07:25
ubuntucve
ubuntucve
CVE-2014-8483
2014-10-29 00:00:00
mageia
mageia
Updated konversation package fixes security vulnerability
2014-10-29 14:30:40
Updated quassel packages fix security vulnerability
2014-10-29 14:30:40
osv
osv
konversation - security update
2014-11-07 00:00:00
quassel - security update
2014-11-02 00:00:00
debiancve
debiancve
CVE-2014-8483
2014-11-06 15:55:09
cve
cve
CVE-2014-8483
2014-11-06 15:55:09
fedora
fedora
[SECURITY] Fedora 20 Update: konversation-1.5.1-1.fc20
2014-11-15 09:10:35
[SECURITY] Fedora 21 Update: konversation-1.5.1-1.fc21
2014-11-12 02:34:43
[SECURITY] Fedora 19 Update: konversation-1.5.1-1.fc19
2014-11-15 09:22:43
securityvulns
securityvulns
[SECURITY] [DSA 3063-1] quassel security update
2014-11-03 00:00:00
KDE Konversation / Quassel IRC memory corruption
2014-12-01 00:00:00
[USN-2401-1] Konversation vulnerability
2014-12-01 00:00:00
prion
prion
Out-of-bounds
2014-11-06 15:55:00
nvd
nvd
CVE-2014-8483
2014-11-06 15:55:09
archlinux
archlinux
konversation: denial of service
2014-11-09 00:00:00
cvelist
cvelist
CVE-2014-8483
2014-11-06 15:00:00
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
6.3 Medium
AI Score
Confidence
Low
0.034 Low
EPSS
Percentile
91.5%
Related for USN-2401-1