CVE-2007-0157 - Array index error in the uri_lookup function in the URI parser for neon 0.26.0 to 0.26.2, possibly o

CVE-2007-0157

Summary

Array index error in the uri_lookup function in the URI parser for neon 0.26.0 to 0.26.2, possibly only on 64-bit platforms, allows remote malicious servers to cause a denial of service (crash) via a URI with non-ASCII characters, which triggers a buffer under-read due to a type conversion error that generates a negative index.

References

Vulnerable Configurations

cpe:2.3:a:neon:neon:0.26.0:*:*:*:*:*:*:*
cpe:2.3:a:neon:neon:0.26.0:*:*:*:*:*:*:*
cpe:2.3:a:neon:neon:0.26.1:*:*:*:*:*:*:*
cpe:2.3:a:neon:neon:0.26.1:*:*:*:*:*:*:*
cpe:2.3:a:neon:neon:0.26.2:*:*:*:*:*:*:*
cpe:2.3:a:neon:neon:0.26.2:*:*:*:*:*:*:*

CVSS

Base:	7.8 (as of 08-03-2011 - 02:48)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
NONE	NONE	COMPLETE

cvss-vector via4

AV:N/AC:L/Au:N/C:N/I:N/A:C

refmap via4

bid	22035
confirm	http://bugs.debian.org/cgi-bin/bugreport.cgi/neon26_0.26.2-3_to_mdx1.diff?bug=404723;msg=5;att=2 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=404723 http://www.webdav.org/cadaver/
mandriva	MDKSA-2007:013
mlist	[cadaver] 20070123 release 0.22.5 [neon] 20070107 invalid chars cause sigserv in neon
osvdb	39247
secunia	23751 23763 23984
suse	SUSE-SR:2007:002
vupen	ADV-2007-0172 ADV-2007-0362

statements via4

contributor	Mark J Cox
lastmodified	2007-01-15
organization	Red Hat
statement	Not vulnerable. This issue does not affect the older versions of neon as shipped with Red Hat Enterprise Linux 2.1, 3, and 4. This issue also does not affect the older versions of neon included in the cadaver package.

Last major update

08-03-2011 - 02:48

Published

09-01-2007 - 21:28

Last modified

08-03-2011 - 02:48