CVE-2013-7401
- Source
- https://cve.org/CVERecord?id=CVE-2013-7401
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2013-7401.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2013-7401
- Downstream
- Related
- Withdrawn
- 2026-01-27T04:12:21.602410Z
- Published
- 2014-12-19T20:59:00Z
- Modified
- 2026-01-27T04:12:21.602410Z
- Summary
- [none]
- Details
-
The parse_request function in request.c in c-icap 0.2.x allows remote attackers to cause a denial of service (crash) via a URI without a " " or "?" character in an ICAP request, as demonstrated by use of the OPTIONS method.
- References
-
- http://advisories.mageia.org/MGASA-2014-0530.html
- http://security.gentoo.org/glsa/glsa-201409-07.xml
- http://www.mandriva.com/security/advisories?name=MDVSA-2015:001
- http://osvdb.org/ref/89/c-icap.txt
- http://openwall.com/lists/oss-security/2014/09/15/6
- http://sourceforge.net/p/c-icap/code/1018/
- http://www.osvdb.org/89304