{"id":"UBUNTU-CVE-2013-7401","details":"The parse_request function in request.c in c-icap 0.2.x allows remote attackers to cause a denial of service (crash) via a URI without a \" \" or \"?\" character in an ICAP request, as demonstrated by use of the OPTIONS method.","modified":"2026-01-20T16:54:45.974226Z","published":"2014-12-19T20:59:00Z","upstream":["CVE-2013-7401"],"references":[{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2013-7401"},{"type":"REPORT","url":"http://www.openwall.com/lists/oss-security/2014/09/01/10"},{"type":"REPORT","url":"http://www.openwall.com/lists/oss-security/2014/09/15"},{"type":"REPORT","url":"https://www.cve.org/CVERecord?id=CVE-2013-7401"}],"affected":[{"package":{"name":"c-icap","ecosystem":"Ubuntu:16.04:LTS","purl":"pkg:deb/ubuntu/c-icap@1:0.4.2-2?arch=source&distro=xenial"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["1:0.3.5-1","1:0.4.2-1","1:0.4.2-2"],"ecosystem_specific":{"binaries":[{"binary_version":"1:0.4.2-2","binary_name":"c-icap"},{"binary_version":"1:0.4.2-2","binary_name":"libicapapi-dev"},{"binary_version":"1:0.4.2-2","binary_name":"libicapapi4"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2013/UBUNTU-CVE-2013-7401.json"}},{"package":{"name":"c-icap","ecosystem":"Ubuntu:18.04:LTS","purl":"pkg:deb/ubuntu/c-icap@1:0.4.4-1?arch=source&distro=bionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["1:0.4.4-1"],"ecosystem_specific":{"binaries":[{"binary_version":"1:0.4.4-1","binary_name":"c-icap"},{"binary_version":"1:0.4.4-1","binary_name":"libicapapi-dev"},{"binary_version":"1:0.4.4-1","binary_name":"libicapapi4"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2013/UBUNTU-CVE-2013-7401.json"}},{"package":{"name":"c-icap","ecosystem":"Ubuntu:20.04:LTS","purl":"pkg:deb/ubuntu/c-icap@1:0.5.3-3?arch=source&distro=focal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["1:0.5.3-2","1:0.5.3-3"],"ecosystem_specific":{"binaries":[{"binary_version":"1:0.5.3-3","binary_name":"c-icap"},{"binary_version":"1:0.5.3-3","binary_name":"libicapapi-dev"},{"binary_version":"1:0.5.3-3","binary_name":"libicapapi5"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2013/UBUNTU-CVE-2013-7401.json"}},{"package":{"name":"c-icap","ecosystem":"Ubuntu:22.04:LTS","purl":"pkg:deb/ubuntu/c-icap@1:0.5.6-2build1?arch=source&distro=jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["1:0.5.6-2","1:0.5.6-2build1"],"ecosystem_specific":{"binaries":[{"binary_version":"1:0.5.6-2build1","binary_name":"c-icap"},{"binary_version":"1:0.5.6-2build1","binary_name":"libicapapi-dev"},{"binary_version":"1:0.5.6-2build1","binary_name":"libicapapi5"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2013/UBUNTU-CVE-2013-7401.json"}},{"package":{"name":"c-icap","ecosystem":"Ubuntu:24.04:LTS","purl":"pkg:deb/ubuntu/c-icap@1:0.5.10-6.1build2?arch=source&distro=noble"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["1:0.5.10-5","1:0.5.10-6","1:0.5.10-6.1build1","1:0.5.10-6.1build2"],"ecosystem_specific":{"binaries":[{"binary_version":"1:0.5.10-6.1build2","binary_name":"c-icap"},{"binary_version":"1:0.5.10-6.1build2","binary_name":"libicapapi-dev"},{"binary_version":"1:0.5.10-6.1build2","binary_name":"libicapapi5t64"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2013/UBUNTU-CVE-2013-7401.json"}},{"package":{"name":"c-icap","ecosystem":"Ubuntu:25.10","purl":"pkg:deb/ubuntu/c-icap@1:0.5.10-7?arch=source&distro=questing"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["1:0.5.10-6.1build2","1:0.5.10-7"],"ecosystem_specific":{"binaries":[{"binary_version":"1:0.5.10-7","binary_name":"c-icap"},{"binary_version":"1:0.5.10-7","binary_name":"libicapapi-dev"},{"binary_version":"1:0.5.10-7","binary_name":"libicapapi5t64"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2013/UBUNTU-CVE-2013-7401.json"}}],"schema_version":"1.7.3","severity":[{"type":"Ubuntu","score":"medium"}]}