MidnightBSD

Advisories for c-icap_project

CVE-2013-7401 MEDIUM

The parse_request function in request.c in c-icap 0.2.x allows remote attackers to cause a denial of service (crash) via a URI without a " " or "?" character in an ICAP request, as demonstrated by use of the OPTIONS method.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
c-icap_project c-icap 0.2.3
c-icap_project c-icap 0.2.4
c-icap_project c-icap 0.2.2
c-icap_project c-icap 0.2.6
c-icap_project c-icap 0.2.5
c-icap_project c-icap 0.2.1
CVE-2013-7402 MEDIUM

Multiple unspecified vulnerabilities in request.c in c-icap 0.2.x allow remote attackers to cause a denial of service (crash) via a crafted ICAP request.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
c-icap_project c-icap 0.2.3
c-icap_project c-icap 0.2.4
c-icap_project c-icap 0.2.2
c-icap_project c-icap 0.2.6
c-icap_project c-icap 0.2.5
c-icap_project c-icap 0.2.1