A NULL Pointer Dereference of CWE-476 exists in quassel version 0.12.4 in the quasselcore void CoreAuthHandler::handle coreauthhandler.cpp line 235 that allows an attacker to cause a denial of service.