ctcphandler.cpp in Quassel before 0.6.3 and 0.7.x before 0.7.1 allows remote attackers to cause a denial of service (unresponsive IRC) via multiple Client-To-Client Protocol (CTCP) requests in a PRIVMSG message.
Gentoo Linux Security Advisory 201311-3 - Two vulnerabilities in Quassel may result in Denial of Service or SQL injection. Versions less than 0.9.1 are affected.