CVE-2007-2415 - OpenCVE

Pi3Web Web Server 2.0.3 PL1 allows remote attackers to cause a denial of service (application exit) via a long URI. NOTE: this issue was originally reported as a crash, but the vendor states that the impact is a "clean" exit in which "the server I/O loop finishes and the process exits normally."

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:N/AC:L/Au:N/C:N/I:N/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Pi3web	Pi3web Web Server

Configuration 1 [-]

cpe:2.3:a:pi3web:pi3web_web_server:2.0.3_pl1:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://secunia.com/advisories/25009
http://sourceforge.net/forum/forum.php?thread_id=1725156&forum_id=131392
http://www.securityfocus.com/bid/23713
http://www.vupen.com/english/advisories/2007/1579
https://exchange.xforce.ibmcloud.com/vulnerabilities/33967

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2007-05-01T10:00:00

Updated: 2024-08-07T13:33:28.725Z

Reserved: 2007-04-30T00:00:00

Link: CVE-2007-2415

Vulnrichment

No data.

NVD

Status : Modified

Published: 2007-05-01T10:19:00.000

Modified: 2017-07-29T01:31:26.190

Link: CVE-2007-2415

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-04-30T00:00:00", "descriptions": [{"lang": "en", "value": "Pi3Web Web Server 2.0.3 PL1 allows remote attackers to cause a denial of service (application exit) via a long URI. NOTE: this issue was originally reported as a crash, but the vendor states that the impact is a \"clean\" exit in which \"the server I/O loop finishes and the process exits normally.\""}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-07-28T12:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "23713", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/23713"}, {"name": "pi3web-http-dos(33967)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33967"}, {"name": "ADV-2007-1579", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2007/1579"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://sourceforge.net/forum/forum.php?thread_id=1725156&forum_id=131392"}, {"name": "25009", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/25009"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-2415", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Pi3Web Web Server 2.0.3 PL1 allows remote attackers to cause a denial of service (application exit) via a long URI. NOTE: this issue was originally reported as a crash, but the vendor states that the impact is a \"clean\" exit in which \"the server I/O loop finishes and the process exits normally.\""}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "23713", "refsource": "BID", "url": "http://www.securityfocus.com/bid/23713"}, {"name": "pi3web-http-dos(33967)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33967"}, {"name": "ADV-2007-1579", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/1579"}, {"name": "http://sourceforge.net/forum/forum.php?thread_id=1725156&forum_id=131392", "refsource": "CONFIRM", "url": "http://sourceforge.net/forum/forum.php?thread_id=1725156&forum_id=131392"}, {"name": "25009", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/25009"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T13:33:28.725Z"}, "title": "CVE Program Container", "references": [{"name": "23713", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/23713"}, {"name": "pi3web-http-dos(33967)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33967"}, {"name": "ADV-2007-1579", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2007/1579"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://sourceforge.net/forum/forum.php?thread_id=1725156&forum_id=131392"}, {"name": "25009", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/25009"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-2415", "datePublished": "2007-05-01T10:00:00", "dateReserved": "2007-04-30T00:00:00", "dateUpdated": "2024-08-07T13:33:28.725Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:pi3web:pi3web_web_server:2.0.3_pl1:*:*:*:*:*:*:*", "matchCriteriaId": "9B9DD9D2-0E2A-4CE5-B450-8D1A2527BE83", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Pi3Web Web Server 2.0.3 PL1 allows remote attackers to cause a denial of service (application exit) via a long URI. NOTE: this issue was originally reported as a crash, but the vendor states that the impact is a \"clean\" exit in which \"the server I/O loop finishes and the process exits normally.\""}, {"lang": "es", "value": "Pi3Web Web Server versi\u00f3n 2.0.3 PL1, permite a atacantes remotos causar una denegaci\u00f3n de servicio (salida de la aplicaci\u00f3n) por medio de un URI largo. NOTA: este problema se report\u00f3 originalmente como un bloqueo, pero el proveedor declara que el impacto es una salida \"clean\" en la que \"the server I/O loop finishes and the process exits normally\u201d."}], "id": "CVE-2007-2415", "lastModified": "2017-07-29T01:31:26.190", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2007-05-01T10:19:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/25009"}, {"source": "cve@mitre.org", "url": "http://sourceforge.net/forum/forum.php?thread_id=1725156&forum_id=131392"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/23713"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2007/1579"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33967"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-399"}], "source": "nvd@nist.gov", "type": "Primary"}]}