CVE-2007-0157 (GCVE-0-2007-0157)

Vulnerability from cvelistv5 – Published: 2007-01-09 21:00 – Updated: 2024-08-07 12:12
VLAI?
Summary
Array index error in the uri_lookup function in the URI parser for neon 0.26.0 to 0.26.2, possibly only on 64-bit platforms, allows remote malicious servers to cause a denial of service (crash) via a URI with non-ASCII characters, which triggers a buffer under-read due to a type conversion error that generates a negative index.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
http://secunia.com/advisories/23984 third-party-advisoryx_refsource_SECUNIA
http://mailman.webdav.org/pipermail/neon/2007-Jan… mailing-listx_refsource_MLIST
http://bugs.debian.org/cgi-bin/bugreport.cgi/neon… x_refsource_CONFIRM
http://www.webdav.org/cadaver/ x_refsource_CONFIRM
http://mailman.webdav.org/pipermail/cadaver/2007-… mailing-listx_refsource_MLIST
http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=404723 x_refsource_CONFIRM
http://www.novell.com/linux/security/advisories/2… vendor-advisoryx_refsource_SUSE
http://www.securityfocus.com/bid/22035 vdb-entryx_refsource_BID
http://www.vupen.com/english/advisories/2007/0172 vdb-entryx_refsource_VUPEN
http://secunia.com/advisories/23763 third-party-advisoryx_refsource_SECUNIA
http://www.vupen.com/english/advisories/2007/0362 vdb-entryx_refsource_VUPEN
http://secunia.com/advisories/23751 third-party-advisoryx_refsource_SECUNIA
http://osvdb.org/39247 vdb-entryx_refsource_OSVDB
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T12:12:16.464Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "23984",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/23984"
          },
          {
            "name": "[neon] 20070107 invalid chars cause sigserv in neon",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://mailman.webdav.org/pipermail/neon/2007-January/002362.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi/neon26_0.26.2-3_to_mdx1.diff?bug=404723%3Bmsg=5%3Batt=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.webdav.org/cadaver/"
          },
          {
            "name": "[cadaver] 20070123 release 0.22.5",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://mailman.webdav.org/pipermail/cadaver/2007-January/001015.html"
          },
          {
            "name": "MDKSA-2007:013",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:013"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=404723"
          },
          {
            "name": "SUSE-SR:2007:002",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2007_02_sr.html"
          },
          {
            "name": "22035",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/22035"
          },
          {
            "name": "ADV-2007-0172",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/0172"
          },
          {
            "name": "23763",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/23763"
          },
          {
            "name": "ADV-2007-0362",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/0362"
          },
          {
            "name": "23751",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/23751"
          },
          {
            "name": "39247",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/39247"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-01-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Array index error in the uri_lookup function in the URI parser for neon 0.26.0 to 0.26.2, possibly only on 64-bit platforms, allows remote malicious servers to cause a denial of service (crash) via a URI with non-ASCII characters, which triggers a buffer under-read due to a type conversion error that generates a negative index."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2007-01-19T10:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "23984",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/23984"
        },
        {
          "name": "[neon] 20070107 invalid chars cause sigserv in neon",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://mailman.webdav.org/pipermail/neon/2007-January/002362.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi/neon26_0.26.2-3_to_mdx1.diff?bug=404723%3Bmsg=5%3Batt=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.webdav.org/cadaver/"
        },
        {
          "name": "[cadaver] 20070123 release 0.22.5",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://mailman.webdav.org/pipermail/cadaver/2007-January/001015.html"
        },
        {
          "name": "MDKSA-2007:013",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:013"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=404723"
        },
        {
          "name": "SUSE-SR:2007:002",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2007_02_sr.html"
        },
        {
          "name": "22035",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/22035"
        },
        {
          "name": "ADV-2007-0172",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/0172"
        },
        {
          "name": "23763",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/23763"
        },
        {
          "name": "ADV-2007-0362",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/0362"
        },
        {
          "name": "23751",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/23751"
        },
        {
          "name": "39247",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/39247"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-0157",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Array index error in the uri_lookup function in the URI parser for neon 0.26.0 to 0.26.2, possibly only on 64-bit platforms, allows remote malicious servers to cause a denial of service (crash) via a URI with non-ASCII characters, which triggers a buffer under-read due to a type conversion error that generates a negative index."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "23984",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/23984"
            },
            {
              "name": "[neon] 20070107 invalid chars cause sigserv in neon",
              "refsource": "MLIST",
              "url": "http://mailman.webdav.org/pipermail/neon/2007-January/002362.html"
            },
            {
              "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi/neon26_0.26.2-3_to_mdx1.diff?bug=404723;msg=5;att=2",
              "refsource": "CONFIRM",
              "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi/neon26_0.26.2-3_to_mdx1.diff?bug=404723;msg=5;att=2"
            },
            {
              "name": "http://www.webdav.org/cadaver/",
              "refsource": "CONFIRM",
              "url": "http://www.webdav.org/cadaver/"
            },
            {
              "name": "[cadaver] 20070123 release 0.22.5",
              "refsource": "MLIST",
              "url": "http://mailman.webdav.org/pipermail/cadaver/2007-January/001015.html"
            },
            {
              "name": "MDKSA-2007:013",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:013"
            },
            {
              "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=404723",
              "refsource": "CONFIRM",
              "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=404723"
            },
            {
              "name": "SUSE-SR:2007:002",
              "refsource": "SUSE",
              "url": "http://www.novell.com/linux/security/advisories/2007_02_sr.html"
            },
            {
              "name": "22035",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/22035"
            },
            {
              "name": "ADV-2007-0172",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/0172"
            },
            {
              "name": "23763",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/23763"
            },
            {
              "name": "ADV-2007-0362",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/0362"
            },
            {
              "name": "23751",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/23751"
            },
            {
              "name": "39247",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/39247"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-0157",
    "datePublished": "2007-01-09T21:00:00",
    "dateReserved": "2007-01-09T00:00:00",
    "dateUpdated": "2024-08-07T12:12:16.464Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:neon:neon:0.26.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6CA5EF13-02E0-414E-8076-9E8CF8791C61\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:neon:neon:0.26.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D2538986-65F3-4E52-BD74-E31728B14A45\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:neon:neon:0.26.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D48115F0-4B06-4C4C-8969-7F0518C46257\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Array index error in the uri_lookup function in the URI parser for neon 0.26.0 to 0.26.2, possibly only on 64-bit platforms, allows remote malicious servers to cause a denial of service (crash) via a URI with non-ASCII characters, which triggers a buffer under-read due to a type conversion error that generates a negative index.\"}, {\"lang\": \"es\", \"value\": \"Error de \\u00edndice de array en la funci\\u00f3n uri_lookup del int\\u00e9rprete de URI para neon 0.26.0 hasta 0.26.2, posiblemente s\\u00f3lo en plataformas de 54 bits, permite a servidores remotos maliciosos provocar una denegaci\\u00f3n de servicio (ca\\u00edda) mediante un URI con caracteres no-ASCII, lo que dispara una lectura de b\\u00fafer por debajo del l\\u00edmite inferior debido a un error de conversi\\u00f3n de tipos que genera un \\u00edndice negativo.\"}]",
      "id": "CVE-2007-0157",
      "lastModified": "2024-11-21T00:25:07.620",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:N/A:C\", \"baseScore\": 7.8, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2007-01-09T21:28:00.000",
      "references": "[{\"url\": \"http://bugs.debian.org/cgi-bin/bugreport.cgi/neon26_0.26.2-3_to_mdx1.diff?bug=404723%3Bmsg=5%3Batt=2\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=404723\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://mailman.webdav.org/pipermail/cadaver/2007-January/001015.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://mailman.webdav.org/pipermail/neon/2007-January/002362.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://osvdb.org/39247\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://secunia.com/advisories/23751\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://secunia.com/advisories/23763\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://secunia.com/advisories/23984\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDKSA-2007:013\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.novell.com/linux/security/advisories/2007_02_sr.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/bid/22035\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.vupen.com/english/advisories/2007/0172\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.vupen.com/english/advisories/2007/0362\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.webdav.org/cadaver/\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://bugs.debian.org/cgi-bin/bugreport.cgi/neon26_0.26.2-3_to_mdx1.diff?bug=404723%3Bmsg=5%3Batt=2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=404723\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://mailman.webdav.org/pipermail/cadaver/2007-January/001015.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://mailman.webdav.org/pipermail/neon/2007-January/002362.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://osvdb.org/39247\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/23751\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/23763\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/23984\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDKSA-2007:013\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.novell.com/linux/security/advisories/2007_02_sr.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/22035\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.vupen.com/english/advisories/2007/0172\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.vupen.com/english/advisories/2007/0362\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.webdav.org/cadaver/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "cve@mitre.org",
      "vendorComments": "[{\"organization\": \"Red Hat\", \"comment\": \"Not vulnerable.  This issue does not affect the older versions of neon as shipped with Red Hat Enterprise Linux 2.1, 3, and 4.  This issue also does not affect the older versions of neon included in the cadaver package.\", \"lastModified\": \"2007-01-15T00:00:00\"}]",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-Other\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2007-0157\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2007-01-09T21:28:00.000\",\"lastModified\":\"2025-04-09T00:30:58.490\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Array index error in the uri_lookup function in the URI parser for neon 0.26.0 to 0.26.2, possibly only on 64-bit platforms, allows remote malicious servers to cause a denial of service (crash) via a URI with non-ASCII characters, which triggers a buffer under-read due to a type conversion error that generates a negative index.\"},{\"lang\":\"es\",\"value\":\"Error de \u00edndice de array en la funci\u00f3n uri_lookup del int\u00e9rprete de URI para neon 0.26.0 hasta 0.26.2, posiblemente s\u00f3lo en plataformas de 54 bits, permite a servidores remotos maliciosos provocar una denegaci\u00f3n de servicio (ca\u00edda) mediante un URI con caracteres no-ASCII, lo que dispara una lectura de b\u00fafer por debajo del l\u00edmite inferior debido a un error de conversi\u00f3n de tipos que genera un \u00edndice negativo.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:C\",\"baseScore\":7.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:neon:neon:0.26.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6CA5EF13-02E0-414E-8076-9E8CF8791C61\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:neon:neon:0.26.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D2538986-65F3-4E52-BD74-E31728B14A45\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:neon:neon:0.26.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D48115F0-4B06-4C4C-8969-7F0518C46257\"}]}]}],\"references\":[{\"url\":\"http://bugs.debian.org/cgi-bin/bugreport.cgi/neon26_0.26.2-3_to_mdx1.diff?bug=404723%3Bmsg=5%3Batt=2\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=404723\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://mailman.webdav.org/pipermail/cadaver/2007-January/001015.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://mailman.webdav.org/pipermail/neon/2007-January/002362.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://osvdb.org/39247\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/23751\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/23763\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/23984\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDKSA-2007:013\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.novell.com/linux/security/advisories/2007_02_sr.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/22035\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2007/0172\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2007/0362\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.webdav.org/cadaver/\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://bugs.debian.org/cgi-bin/bugreport.cgi/neon26_0.26.2-3_to_mdx1.diff?bug=404723%3Bmsg=5%3Batt=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=404723\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://mailman.webdav.org/pipermail/cadaver/2007-January/001015.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://mailman.webdav.org/pipermail/neon/2007-January/002362.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://osvdb.org/39247\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/23751\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/23763\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/23984\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDKSA-2007:013\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.novell.com/linux/security/advisories/2007_02_sr.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/22035\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2007/0172\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2007/0362\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.webdav.org/cadaver/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}],\"vendorComments\":[{\"organization\":\"Red Hat\",\"comment\":\"Not vulnerable.  This issue does not affect the older versions of neon as shipped with Red Hat Enterprise Linux 2.1, 3, and 4.  This issue also does not affect the older versions of neon included in the cadaver package.\",\"lastModified\":\"2007-01-15T00:00:00\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.