CVE-2007-0157 - Vulnerability Details - OpenCVE

Array index error in the uri_lookup function in the URI parser for neon 0.26.0 to 0.26.2, possibly only on 64-bit platforms, allows remote malicious servers to cause a denial of service (crash) via a URI with non-ASCII characters, which triggers a buffer under-read due to a type conversion error that generates a negative index.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Neon	Neon

Configuration 1 [-]

OR	cpe:2.3:a:neon:neon:0.26.0:::::::*
	cpe:2.3:a:neon:neon:0.26.1:::::::*
	cpe:2.3:a:neon:neon:0.26.2:::::::*

No data.

References

Link	Providers
http://bugs.debian.org/cgi-bin/bugreport.cgi/neon26_0.26.2-3_to_mdx1.diff?bug=404723%3Bmsg=5%3Batt=2
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=404723
http://mailman.webdav.org/pipermail/cadaver/2007-January/001015.html
http://mailman.webdav.org/pipermail/neon/2007-January/002362.html
http://osvdb.org/39247
http://secunia.com/advisories/23751
http://secunia.com/advisories/23763
http://secunia.com/advisories/23984
http://www.mandriva.com/security/advisories?name=MDKSA-2007:013
http://www.novell.com/linux/security/advisories/2007_02_sr.html
http://www.securityfocus.com/bid/22035
http://www.vupen.com/english/advisories/2007/0172
http://www.vupen.com/english/advisories/2007/0362
http://www.webdav.org/cadaver/

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2007-01-09T21:00:00

Updated: 2024-08-07T12:12:16.464Z

Reserved: 2007-01-09T00:00:00

Link: CVE-2007-0157

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2007-01-09T21:28:00.000

Modified: 2025-04-09T00:30:58.490

Link: CVE-2007-0157

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-01-07T00:00:00", "descriptions": [{"lang": "en", "value": "Array index error in the uri_lookup function in the URI parser for neon 0.26.0 to 0.26.2, possibly only on 64-bit platforms, allows remote malicious servers to cause a denial of service (crash) via a URI with non-ASCII characters, which triggers a buffer under-read due to a type conversion error that generates a negative index."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2007-01-19T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "23984", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/23984"}, {"name": "[neon] 20070107 invalid chars cause sigserv in neon", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://mailman.webdav.org/pipermail/neon/2007-January/002362.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi/neon26_0.26.2-3_to_mdx1.diff?bug=404723%3Bmsg=5%3Batt=2"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.webdav.org/cadaver/"}, {"name": "[cadaver] 20070123 release 0.22.5", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://mailman.webdav.org/pipermail/cadaver/2007-January/001015.html"}, {"name": "MDKSA-2007:013", "tags": ["vendor-advisory", "x_refsource_MANDRIVA"], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:013"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=404723"}, {"name": "SUSE-SR:2007:002", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://www.novell.com/linux/security/advisories/2007_02_sr.html"}, {"name": "22035", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/22035"}, {"name": "ADV-2007-0172", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2007/0172"}, {"name": "23763", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/23763"}, {"name": "ADV-2007-0362", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2007/0362"}, {"name": "23751", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/23751"}, {"name": "39247", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/39247"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "[email protected]", "ID": "CVE-2007-0157", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Array index error in the uri_lookup function in the URI parser for neon 0.26.0 to 0.26.2, possibly only on 64-bit platforms, allows remote malicious servers to cause a denial of service (crash) via a URI with non-ASCII characters, which triggers a buffer under-read due to a type conversion error that generates a negative index."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "23984", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/23984"}, {"name": "[neon] 20070107 invalid chars cause sigserv in neon", "refsource": "MLIST", "url": "http://mailman.webdav.org/pipermail/neon/2007-January/002362.html"}, {"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi/neon26_0.26.2-3_to_mdx1.diff?bug=404723;msg=5;att=2", "refsource": "CONFIRM", "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi/neon26_0.26.2-3_to_mdx1.diff?bug=404723;msg=5;att=2"}, {"name": "http://www.webdav.org/cadaver/", "refsource": "CONFIRM", "url": "http://www.webdav.org/cadaver/"}, {"name": "[cadaver] 20070123 release 0.22.5", "refsource": "MLIST", "url": "http://mailman.webdav.org/pipermail/cadaver/2007-January/001015.html"}, {"name": "MDKSA-2007:013", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:013"}, {"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=404723", "refsource": "CONFIRM", "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=404723"}, {"name": "SUSE-SR:2007:002", "refsource": "SUSE", "url": "http://www.novell.com/linux/security/advisories/2007_02_sr.html"}, {"name": "22035", "refsource": "BID", "url": "http://www.securityfocus.com/bid/22035"}, {"name": "ADV-2007-0172", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/0172"}, {"name": "23763", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/23763"}, {"name": "ADV-2007-0362", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/0362"}, {"name": "23751", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/23751"}, {"name": "39247", "refsource": "OSVDB", "url": "http://osvdb.org/39247"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T12:12:16.464Z"}, "title": "CVE Program Container", "references": [{"name": "23984", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/23984"}, {"name": "[neon] 20070107 invalid chars cause sigserv in neon", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://mailman.webdav.org/pipermail/neon/2007-January/002362.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi/neon26_0.26.2-3_to_mdx1.diff?bug=404723%3Bmsg=5%3Batt=2"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.webdav.org/cadaver/"}, {"name": "[cadaver] 20070123 release 0.22.5", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://mailman.webdav.org/pipermail/cadaver/2007-January/001015.html"}, {"name": "MDKSA-2007:013", "tags": ["vendor-advisory", "x_refsource_MANDRIVA", "x_transferred"], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:013"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=404723"}, {"name": "SUSE-SR:2007:002", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://www.novell.com/linux/security/advisories/2007_02_sr.html"}, {"name": "22035", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/22035"}, {"name": "ADV-2007-0172", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2007/0172"}, {"name": "23763", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/23763"}, {"name": "ADV-2007-0362", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2007/0362"}, {"name": "23751", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/23751"}, {"name": "39247", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/39247"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-0157", "datePublished": "2007-01-09T21:00:00", "dateReserved": "2007-01-09T00:00:00", "dateUpdated": "2024-08-07T12:12:16.464Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:neon:neon:0.26.0:*:*:*:*:*:*:*", "matchCriteriaId": "6CA5EF13-02E0-414E-8076-9E8CF8791C61", "vulnerable": true}, {"criteria": "cpe:2.3:a:neon:neon:0.26.1:*:*:*:*:*:*:*", "matchCriteriaId": "D2538986-65F3-4E52-BD74-E31728B14A45", "vulnerable": true}, {"criteria": "cpe:2.3:a:neon:neon:0.26.2:*:*:*:*:*:*:*", "matchCriteriaId": "D48115F0-4B06-4C4C-8969-7F0518C46257", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Array index error in the uri_lookup function in the URI parser for neon 0.26.0 to 0.26.2, possibly only on 64-bit platforms, allows remote malicious servers to cause a denial of service (crash) via a URI with non-ASCII characters, which triggers a buffer under-read due to a type conversion error that generates a negative index."}, {"lang": "es", "value": "Error de \u00edndice de array en la funci\u00f3n uri_lookup del int\u00e9rprete de URI para neon 0.26.0 hasta 0.26.2, posiblemente s\u00f3lo en plataformas de 54 bits, permite a servidores remotos maliciosos provocar una denegaci\u00f3n de servicio (ca\u00edda) mediante un URI con caracteres no-ASCII, lo que dispara una lectura de b\u00fafer por debajo del l\u00edmite inferior debido a un error de conversi\u00f3n de tipos que genera un \u00edndice negativo."}], "id": "CVE-2007-0157", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "[email protected]", "type": "Primary", "userInteractionRequired": false}]}, "published": "2007-01-09T21:28:00.000", "references": [{"source": "[email protected]", "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi/neon26_0.26.2-3_to_mdx1.diff?bug=404723%3Bmsg=5%3Batt=2"}, {"source": "[email protected]", "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=404723"}, {"source": "[email protected]", "url": "http://mailman.webdav.org/pipermail/cadaver/2007-January/001015.html"}, {"source": "[email protected]", "url": "http://mailman.webdav.org/pipermail/neon/2007-January/002362.html"}, {"source": "[email protected]", "url": "http://osvdb.org/39247"}, {"source": "[email protected]", "url": "http://secunia.com/advisories/23751"}, {"source": "[email protected]", "url": "http://secunia.com/advisories/23763"}, {"source": "[email protected]", "url": "http://secunia.com/advisories/23984"}, {"source": "[email protected]", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:013"}, {"source": "[email protected]", "url": "http://www.novell.com/linux/security/advisories/2007_02_sr.html"}, {"source": "[email protected]", "url": "http://www.securityfocus.com/bid/22035"}, {"source": "[email protected]", "url": "http://www.vupen.com/english/advisories/2007/0172"}, {"source": "[email protected]", "url": "http://www.vupen.com/english/advisories/2007/0362"}, {"source": "[email protected]", "url": "http://www.webdav.org/cadaver/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi/neon26_0.26.2-3_to_mdx1.diff?bug=404723%3Bmsg=5%3Batt=2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=404723"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://mailman.webdav.org/pipermail/cadaver/2007-January/001015.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://mailman.webdav.org/pipermail/neon/2007-January/002362.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/39247"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/23751"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/23763"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/23984"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:013"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.novell.com/linux/security/advisories/2007_02_sr.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/22035"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2007/0172"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2007/0362"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.webdav.org/cadaver/"}], "sourceIdentifier": "[email protected]", "vendorComments": [{"comment": "Not vulnerable. This issue does not affect the older versions of neon as shipped with Red Hat Enterprise Linux 2.1, 3, and 4. This issue also does not affect the older versions of neon included in the cadaver package.", "lastModified": "2007-01-15T00:00:00", "organization": "Red Hat"}], "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "[email protected]", "type": "Primary"}]}