ID CESA-2009:1452 Type centos Reporter CentOS Project Modified 2009-10-30T15:43:55
Description
CentOS Errata and Security Advisory CESA-2009:1452
neon is an HTTP and WebDAV client library, with a C interface. It provides
a high-level interface to HTTP and WebDAV methods along with a low-level
interface for HTTP request handling. neon supports persistent connections,
proxy servers, basic, digest and Kerberos authentication, and has complete
SSL support.
It was discovered that neon is affected by the previously published "null
prefix attack", caused by incorrect handling of NULL characters in X.509
certificates. If an attacker is able to get a carefully-crafted certificate
signed by a trusted Certificate Authority, the attacker could use the
certificate during a man-in-the-middle attack and potentially confuse an
application using the neon library into accepting it by mistake.
(CVE-2009-2474)
A denial of service flaw was found in the neon Extensible Markup Language
(XML) parser. A remote attacker (malicious DAV server) could provide a
specially-crafted XML document that would cause excessive memory and CPU
consumption if an application using the neon XML parser was tricked into
processing it. (CVE-2009-2473)
All neon users should upgrade to these updated packages, which contain
backported patches to correct these issues. Applications using the neon
HTTP and WebDAV client library, such as cadaver, must be restarted for this
update to take effect.
Merged security bulletin from advisories:
http://lists.centos.org/pipermail/centos-announce/2009-October/016252.html
http://lists.centos.org/pipermail/centos-announce/2009-October/016253.html
http://lists.centos.org/pipermail/centos-announce/2009-September/016167.html
http://lists.centos.org/pipermail/centos-announce/2009-September/016168.html
Affected packages:
neon
neon-devel
Upstream details at:
https://rhn.redhat.com/errata/RHSA-2009-1452.html
{"href": "http://lists.centos.org/pipermail/centos-announce/2009-September/016167.html", "history": [{"lastseen": "2017-10-03T18:25:11", "differentElements": ["references", "affectedPackage", "description", "published", "href"], "edition": 1, "bulletin": {"cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://lists.centos.org/pipermail/centos-announce/2009-September/016167.html", "objectVersion": "1.3", "viewCount": 0, "id": "CESA-2009:1452", "history": [], "modified": "2009-10-30T15:43:55", "edition": 1, "published": "2009-09-22T14:46:23", "description": "**CentOS Errata and Security Advisory** CESA-2009:1452\n\n\nneon is an HTTP and WebDAV client library, with a C interface. It provides\na high-level interface to HTTP and WebDAV methods along with a low-level\ninterface for HTTP request handling. neon supports persistent connections,\nproxy servers, basic, digest and Kerberos authentication, and has complete\nSSL support.\n\nIt was discovered that neon is affected by the previously published \"null\nprefix attack\", caused by incorrect handling of NULL characters in X.509\ncertificates. If an attacker is able to get a carefully-crafted certificate\nsigned by a trusted Certificate Authority, the attacker could use the\ncertificate during a man-in-the-middle attack and potentially confuse an\napplication using the neon library into accepting it by mistake.\n(CVE-2009-2474)\n\nA denial of service flaw was found in the neon Extensible Markup Language\n(XML) parser. A remote attacker (malicious DAV server) could provide a\nspecially-crafted XML document that would cause excessive memory and CPU\nconsumption if an application using the neon XML parser was tricked into\nprocessing it. (CVE-2009-2473)\n\nAll neon users should upgrade to these updated packages, which contain\nbackported patches to correct these issues. Applications using the neon\nHTTP and WebDAV client library, such as cadaver, must be restarted for this\nupdate to take effect.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2009-October/016252.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-October/016253.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-September/016167.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-September/016168.html\n\n**Affected packages:**\nneon\nneon-devel\n\n**Upstream details at:**\n\nhttps://rhn.redhat.com/errata/RHSA-2009-1452.html", "bulletinFamily": "unix", "cvelist": ["CVE-2009-2473", "CVE-2009-2474"], "title": "neon security update", "lastseen": "2017-10-03T18:25:11", "affectedPackage": [{"arch": "x86_64", "packageName": "neon-devel", "operator": "lt", "OS": "CentOS", "packageFilename": "neon-devel-0.25.5-10.el5_4.1.x86_64.rpm", "packageVersion": "0.25.5-10.el5_4.1", "OSVersion": "5"}, {"arch": "x86_64", "packageName": "neon", "operator": "lt", "OS": "CentOS", "packageFilename": "neon-0.24.7-4.el4_8.2.x86_64.rpm", "packageVersion": "0.24.7-4.el4_8.2", "OSVersion": "4"}, {"arch": "x86_64", "packageName": "neon", "operator": "lt", "OS": "CentOS", "packageFilename": "neon-0.25.5-10.el5_4.1.x86_64.rpm", "packageVersion": "0.25.5-10.el5_4.1", "OSVersion": "5"}, {"arch": "any", "packageName": "neon", "operator": "lt", "OS": "CentOS", "packageFilename": "neon-0.24.7-4.el4_8.2.src.rpm", "packageVersion": "0.24.7-4.el4_8.2", "OSVersion": "4"}, {"arch": "any", "packageName": "neon", "operator": "lt", "OS": "CentOS", "packageFilename": "neon-0.24.7-4.el4_8.2.src.rpm", "packageVersion": "0.24.7-4.el4_8.2", "OSVersion": "4"}, {"arch": "i386", "packageName": "neon", "operator": "lt", "OS": "CentOS", "packageFilename": "neon-0.25.5-10.el5_4.1.i386.rpm", "packageVersion": "0.25.5-10.el5_4.1", "OSVersion": "5"}, {"arch": "i386", "packageName": "neon", "operator": "lt", "OS": "CentOS", "packageFilename": "neon-0.25.5-10.el5_4.1.i386.rpm", "packageVersion": "0.25.5-10.el5_4.1", "OSVersion": "5"}, {"arch": "i386", "packageName": "neon", "operator": "lt", "OS": "CentOS", "packageFilename": "neon-0.24.7-4.el4_8.2.i386.rpm", "packageVersion": "0.24.7-4.el4_8.2", "OSVersion": "4"}, {"arch": "i386", "packageName": "neon", "operator": "lt", "OS": "CentOS", "packageFilename": "neon-0.24.7-4.el4_8.2.i386.rpm", "packageVersion": "0.24.7-4.el4_8.2", "OSVersion": "4"}, {"arch": "i386", "packageName": "neon-devel", "operator": "lt", "OS": "CentOS", "packageFilename": "neon-devel-0.25.5-10.el5_4.1.i386.rpm", "packageVersion": "0.25.5-10.el5_4.1", "OSVersion": "5"}, {"arch": "i386", "packageName": "neon-devel", "operator": "lt", "OS": "CentOS", "packageFilename": "neon-devel-0.25.5-10.el5_4.1.i386.rpm", "packageVersion": "0.25.5-10.el5_4.1", "OSVersion": "5"}, {"arch": "x86_64", "packageName": "neon-devel", "operator": "lt", "OS": "CentOS", "packageFilename": "neon-devel-0.24.7-4.el4_8.2.x86_64.rpm", "packageVersion": "0.24.7-4.el4_8.2", "OSVersion": "4"}, {"arch": "any", "packageName": "neon", "operator": "lt", "OS": "CentOS", "packageFilename": "neon-0.25.5-10.el5_4.1.src.rpm", "packageVersion": "0.25.5-10.el5_4.1", "OSVersion": "5"}, {"arch": "any", "packageName": "neon", "operator": "lt", "OS": "CentOS", "packageFilename": "neon-0.25.5-10.el5_4.1.src.rpm", "packageVersion": "0.25.5-10.el5_4.1", "OSVersion": "5"}, {"arch": "i386", "packageName": "neon-devel", "operator": "lt", "OS": "CentOS", "packageFilename": "neon-devel-0.24.7-4.el4_8.2.i386.rpm", "packageVersion": "0.24.7-4.el4_8.2", "OSVersion": "4"}], "type": "centos", "enchantments": {"score": {"modified": "2017-10-03T18:25:11", "value": 2.6}}, "reporter": "CentOS Project", "hashmap": [{"key": "description", "hash": "d1b0e8bc739e2fb31125e99658f8bb2c"}, {"key": "affectedPackage", "hash": "3837bdb7ea3b078360e1ce17b9e5fb5a"}, {"key": "href", "hash": "c87e9e834573a607bb659db6d1bb210c"}, {"key": "cvelist", "hash": "3fd07612452189326473ed41c7ac7233"}, {"key": "reporter", "hash": "9855627921475e40e00f92d60af14cb3"}, {"key": "references", "hash": "c16865428364b112c5b7833530925d68"}, {"key": "modified", "hash": "b2e009d03f795ff24a22fb2858c4cc87"}, {"key": "bulletinFamily", "hash": "4913a9178621eadcdf191db17915fbcb"}, {"key": "type", "hash": "cdc872db616ac66adb3166c75e9ad183"}, {"key": "cvss", "hash": "737e2591b537c46d1ca7ce6f0cea5cb9"}, {"key": "title", "hash": "daebf7540f0ca99ad2c73a96de1ddc86"}, {"key": "published", "hash": "5a29862f2f16928d5a033b4a4a3278f5"}], "hash": "ec9b597417b17d7c3bbc00b5ed19aa1807f43ae2fc9047821ee6d2c236947a9a", "references": ["https://rhn.redhat.com/errata/RHSA-2009-1452.html", "http://rhn.redhat.com/errata/RHSA-2009-1452.html"]}}, {"lastseen": "2018-03-09T09:41:54", "differentElements": ["references", "affectedPackage", "description", "published", "href"], "edition": 2, "bulletin": {"cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://lists.centos.org/pipermail/centos-announce/2009-October/016252.html", "objectVersion": "1.3", "viewCount": 0, "id": "CESA-2009:1452", "history": [], "modified": "2009-10-30T15:43:55", "edition": 2, "published": "2009-10-30T15:43:55", "description": "**CentOS Errata and Security Advisory** CESA-2009:1452\n\n\nneon is an HTTP and WebDAV client library, with a C interface. It provides\na high-level interface to HTTP and WebDAV methods along with a low-level\ninterface for HTTP request handling. neon supports persistent connections,\nproxy servers, basic, digest and Kerberos authentication, and has complete\nSSL support.\n\nIt was discovered that neon is affected by the previously published \"null\nprefix attack\", caused by incorrect handling of NULL characters in X.509\ncertificates. If an attacker is able to get a carefully-crafted certificate\nsigned by a trusted Certificate Authority, the attacker could use the\ncertificate during a man-in-the-middle attack and potentially confuse an\napplication using the neon library into accepting it by mistake.\n(CVE-2009-2474)\n\nA denial of service flaw was found in the neon Extensible Markup Language\n(XML) parser. A remote attacker (malicious DAV server) could provide a\nspecially-crafted XML document that would cause excessive memory and CPU\nconsumption if an application using the neon XML parser was tricked into\nprocessing it. (CVE-2009-2473)\n\nAll neon users should upgrade to these updated packages, which contain\nbackported patches to correct these issues. Applications using the neon\nHTTP and WebDAV client library, such as cadaver, must be restarted for this\nupdate to take effect.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2009-October/016252.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-October/016253.html\n\n**Affected packages:**\nneon\nneon-devel\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2009-1452.html", "bulletinFamily": "unix", "cvelist": ["CVE-2009-2473", "CVE-2009-2474"], "title": "neon security update", "lastseen": "2018-03-09T09:41:54", "affectedPackage": [{"arch": "x86_64", "packageName": "neon-devel", "operator": "lt", "OS": "CentOS", "packageFilename": "neon-devel-0.25.5-10.el5_4.1.x86_64.rpm", "packageVersion": "0.25.5-10.el5_4.1", "OSVersion": "5"}, {"arch": "x86_64", "packageName": "neon", "operator": "lt", "OS": "CentOS", "packageFilename": "neon-0.25.5-10.el5_4.1.x86_64.rpm", "packageVersion": "0.25.5-10.el5_4.1", "OSVersion": "5"}, {"arch": "i386", "packageName": "neon", "operator": "lt", "OS": "CentOS", "packageFilename": "neon-0.25.5-10.el5_4.1.i386.rpm", "packageVersion": "0.25.5-10.el5_4.1", "OSVersion": "5"}, {"arch": "i386", "packageName": "neon", "operator": "lt", "OS": "CentOS", "packageFilename": "neon-0.25.5-10.el5_4.1.i386.rpm", "packageVersion": "0.25.5-10.el5_4.1", "OSVersion": "5"}, {"arch": "i386", "packageName": "neon-devel", "operator": "lt", "OS": "CentOS", "packageFilename": "neon-devel-0.25.5-10.el5_4.1.i386.rpm", "packageVersion": "0.25.5-10.el5_4.1", "OSVersion": "5"}, {"arch": "i386", "packageName": "neon-devel", "operator": "lt", "OS": "CentOS", "packageFilename": "neon-devel-0.25.5-10.el5_4.1.i386.rpm", "packageVersion": "0.25.5-10.el5_4.1", "OSVersion": "5"}, {"arch": "any", "packageName": "neon", "operator": "lt", "OS": "CentOS", "packageFilename": "neon-0.25.5-10.el5_4.1.src.rpm", "packageVersion": "0.25.5-10.el5_4.1", "OSVersion": "5"}, {"arch": "any", "packageName": "neon", "operator": "lt", "OS": "CentOS", "packageFilename": "neon-0.25.5-10.el5_4.1.src.rpm", "packageVersion": "0.25.5-10.el5_4.1", "OSVersion": "5"}], "type": "centos", "enchantments": {"score": {"modified": "2018-03-09T09:41:54", "value": 2.6}}, "reporter": "CentOS Project", "hashmap": [{"key": "href", "hash": "522e01a411fe9a2768ef8f6b1fba0326"}, {"key": "cvelist", "hash": "3fd07612452189326473ed41c7ac7233"}, {"key": "published", "hash": "b2e009d03f795ff24a22fb2858c4cc87"}, {"key": "affectedPackage", "hash": "6900296188c2120180b51ec30a02d9de"}, {"key": "reporter", "hash": "9855627921475e40e00f92d60af14cb3"}, {"key": "modified", "hash": "b2e009d03f795ff24a22fb2858c4cc87"}, {"key": "description", "hash": "9df3c613a5de461e55c79b92a3f73b88"}, {"key": "references", "hash": "d57fe1665983fa5247ab5198722f2f9e"}, {"key": "bulletinFamily", "hash": "4913a9178621eadcdf191db17915fbcb"}, {"key": "type", "hash": "cdc872db616ac66adb3166c75e9ad183"}, {"key": "cvss", "hash": "737e2591b537c46d1ca7ce6f0cea5cb9"}, {"key": "title", "hash": "daebf7540f0ca99ad2c73a96de1ddc86"}], "hash": "1323c16dd3a778d5540eda60b49f2598f59f462b46b9b8e121aef07841332b60", "references": ["https://rhn.redhat.com/errata/RHSA-2009-1452.html"]}}], "id": "CESA-2009:1452", "reporter": "CentOS Project", "published": "2009-09-22T14:46:23", "description": "**CentOS Errata and Security Advisory** CESA-2009:1452\n\n\nneon is an HTTP and WebDAV client library, with a C interface. It provides\na high-level interface to HTTP and WebDAV methods along with a low-level\ninterface for HTTP request handling. neon supports persistent connections,\nproxy servers, basic, digest and Kerberos authentication, and has complete\nSSL support.\n\nIt was discovered that neon is affected by the previously published \"null\nprefix attack\", caused by incorrect handling of NULL characters in X.509\ncertificates. If an attacker is able to get a carefully-crafted certificate\nsigned by a trusted Certificate Authority, the attacker could use the\ncertificate during a man-in-the-middle attack and potentially confuse an\napplication using the neon library into accepting it by mistake.\n(CVE-2009-2474)\n\nA denial of service flaw was found in the neon Extensible Markup Language\n(XML) parser. A remote attacker (malicious DAV server) could provide a\nspecially-crafted XML document that would cause excessive memory and CPU\nconsumption if an application using the neon XML parser was tricked into\nprocessing it. (CVE-2009-2473)\n\nAll neon users should upgrade to these updated packages, which contain\nbackported patches to correct these issues. Applications using the neon\nHTTP and WebDAV client library, such as cadaver, must be restarted for this\nupdate to take effect.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2009-October/016252.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-October/016253.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-September/016167.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-September/016168.html\n\n**Affected packages:**\nneon\nneon-devel\n\n**Upstream details at:**\n\nhttps://rhn.redhat.com/errata/RHSA-2009-1452.html", "title": "neon security update", "affectedPackage": [{"arch": "x86_64", "packageName": "neon-devel", "operator": "lt", "OS": "CentOS", "packageFilename": "neon-devel-0.25.5-10.el5_4.1.x86_64.rpm", "packageVersion": "0.25.5-10.el5_4.1", "OSVersion": "5"}, {"arch": "x86_64", "packageName": "neon", "operator": "lt", "OS": "CentOS", "packageFilename": "neon-0.24.7-4.el4_8.2.x86_64.rpm", "packageVersion": "0.24.7-4.el4_8.2", "OSVersion": "4"}, {"arch": "x86_64", "packageName": "neon", "operator": "lt", "OS": "CentOS", "packageFilename": "neon-0.25.5-10.el5_4.1.x86_64.rpm", "packageVersion": "0.25.5-10.el5_4.1", "OSVersion": "5"}, {"arch": "any", "packageName": "neon", "operator": "lt", "OS": "CentOS", "packageFilename": "neon-0.24.7-4.el4_8.2.src.rpm", "packageVersion": "0.24.7-4.el4_8.2", "OSVersion": "4"}, {"arch": "any", "packageName": "neon", "operator": "lt", "OS": "CentOS", "packageFilename": "neon-0.24.7-4.el4_8.2.src.rpm", "packageVersion": "0.24.7-4.el4_8.2", "OSVersion": "4"}, {"arch": "i386", "packageName": "neon", "operator": "lt", "OS": "CentOS", "packageFilename": "neon-0.25.5-10.el5_4.1.i386.rpm", "packageVersion": "0.25.5-10.el5_4.1", "OSVersion": "5"}, {"arch": "i386", "packageName": "neon", "operator": "lt", "OS": "CentOS", "packageFilename": "neon-0.25.5-10.el5_4.1.i386.rpm", "packageVersion": "0.25.5-10.el5_4.1", "OSVersion": "5"}, {"arch": "i386", "packageName": "neon", "operator": "lt", "OS": "CentOS", "packageFilename": "neon-0.24.7-4.el4_8.2.i386.rpm", "packageVersion": "0.24.7-4.el4_8.2", "OSVersion": "4"}, {"arch": "i386", "packageName": "neon", "operator": "lt", "OS": "CentOS", "packageFilename": "neon-0.24.7-4.el4_8.2.i386.rpm", "packageVersion": "0.24.7-4.el4_8.2", "OSVersion": "4"}, {"arch": "i386", "packageName": "neon-devel", "operator": "lt", "OS": "CentOS", "packageFilename": "neon-devel-0.25.5-10.el5_4.1.i386.rpm", "packageVersion": "0.25.5-10.el5_4.1", "OSVersion": "5"}, {"arch": "i386", "packageName": "neon-devel", "operator": "lt", "OS": "CentOS", "packageFilename": "neon-devel-0.25.5-10.el5_4.1.i386.rpm", "packageVersion": "0.25.5-10.el5_4.1", "OSVersion": "5"}, {"arch": "x86_64", "packageName": "neon-devel", "operator": "lt", "OS": "CentOS", "packageFilename": "neon-devel-0.24.7-4.el4_8.2.x86_64.rpm", "packageVersion": "0.24.7-4.el4_8.2", "OSVersion": "4"}, {"arch": "any", "packageName": "neon", "operator": "lt", "OS": "CentOS", "packageFilename": "neon-0.25.5-10.el5_4.1.src.rpm", "packageVersion": "0.25.5-10.el5_4.1", "OSVersion": "5"}, {"arch": "any", "packageName": "neon", "operator": "lt", "OS": "CentOS", "packageFilename": "neon-0.25.5-10.el5_4.1.src.rpm", "packageVersion": "0.25.5-10.el5_4.1", "OSVersion": "5"}, {"arch": "i386", "packageName": "neon-devel", "operator": "lt", "OS": "CentOS", "packageFilename": "neon-devel-0.24.7-4.el4_8.2.i386.rpm", "packageVersion": "0.24.7-4.el4_8.2", "OSVersion": "4"}], "bulletinFamily": "unix", "type": "centos", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "hash": "ec9b597417b17d7c3bbc00b5ed19aa1807f43ae2fc9047821ee6d2c236947a9a", "references": ["https://rhn.redhat.com/errata/RHSA-2009-1452.html", "http://rhn.redhat.com/errata/RHSA-2009-1452.html"], "edition": 3, "cvelist": ["CVE-2009-2473", "CVE-2009-2474"], "lastseen": "2018-03-09T11:46:03", "viewCount": 0, "enchantments": {"vulnersScore": 5.0}, "hashmap": [{"key": "affectedPackage", "hash": "3837bdb7ea3b078360e1ce17b9e5fb5a"}, {"key": "bulletinFamily", "hash": "4913a9178621eadcdf191db17915fbcb"}, {"key": "cvelist", "hash": "3fd07612452189326473ed41c7ac7233"}, {"key": "cvss", "hash": "737e2591b537c46d1ca7ce6f0cea5cb9"}, {"key": "description", "hash": "d1b0e8bc739e2fb31125e99658f8bb2c"}, {"key": "href", "hash": "c87e9e834573a607bb659db6d1bb210c"}, {"key": "modified", "hash": "b2e009d03f795ff24a22fb2858c4cc87"}, {"key": "published", "hash": "5a29862f2f16928d5a033b4a4a3278f5"}, {"key": "references", "hash": "c16865428364b112c5b7833530925d68"}, {"key": "reporter", "hash": "9855627921475e40e00f92d60af14cb3"}, {"key": "title", "hash": "daebf7540f0ca99ad2c73a96de1ddc86"}, {"key": "type", "hash": "cdc872db616ac66adb3166c75e9ad183"}], "objectVersion": "1.3", "modified": "2009-10-30T15:43:55"}
{"result": {"cve": [{"id": "CVE-2009-2473", "type": "cve", "title": "CVE-2009-2473", "description": "neon before 0.28.6, when expat is used, does not properly detect recursion during entity expansion, which allows context-dependent attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564.", "published": "2009-08-21T13:30:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2473", "cvelist": ["CVE-2009-2473"], "lastseen": "2017-09-19T13:36:33"}, {"id": "CVE-2009-2474", "type": "cve", "title": "CVE-2009-2474", "description": "neon before 0.28.6, when OpenSSL or GnuTLS is used, does not properly handle a '\\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.", "published": "2009-08-21T13:30:00", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2474", "cvelist": ["CVE-2009-2474"], "lastseen": "2017-09-19T13:36:33"}], "exploitdb": [{"id": "EDB-ID:10206", "type": "exploitdb", "title": "Expat 2.0.1 UTF-8 Character XML Parsing Remote Denial of Service Vulnerability", "description": "Expat 2.0.1 UTF-8 Character XML Parsing Remote Denial of Service Vulnerability. CVE-2009-2473. Dos exploit for linux platform", "published": "2009-11-12T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.exploit-db.com/exploits/10206/", "cvelist": ["CVE-2009-2473"], "lastseen": "2016-02-01T12:01:33"}], "nessus": [{"id": "REDHAT-RHSA-2013-0131.NASL", "type": "nessus", "title": "RHEL 5 : gnome-vfs2 (RHSA-2013:0131)", "description": "Updated gnome-vfs2 packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nThe gnome-vfs2 packages provide the GNOME Virtual File System, which is the foundation of the Nautilus file manager. neon is an HTTP and WebDAV client library embedded in the gnome-vfs2 packages.\n\nA denial of service flaw was found in the neon Extensible Markup Language (XML) parser. Visiting a malicious DAV server with an application using gnome-vfs2 (such as Nautilus) could possibly cause the application to consume an excessive amount of CPU and memory.\n(CVE-2009-2473)\n\nThis update also fixes the following bugs :\n\n* When extracted from the Uniform Resource Identifier (URI), gnome-vfs2 returned escaped file paths. If a path, as stored in the URI, contained non-ASCII characters or ASCII characters which are parsed as something other than a file path (for example, spaces), the escaped path was inaccurate. Consequently, files with the described type of URI could not be processed. With this update, gnome-vfs2 properly unescapes paths that are required for a system call. As a result, these paths are parsed properly. (BZ#580855)\n\n* In certain cases, the trash info file was populated by foreign entries, pointing to live data. Emptying the trash caused an accidental deletion of valuable data. With this update, a workaround has been applied in order to prevent the deletion. As a result, the accidental data loss is prevented, however further information is still gathered to fully fix this problem. (BZ#586015)\n\n* Due to a wrong test checking for a destination file system, the Nautilus file manager failed to delete a symbolic link to a folder which was residing in another file system. With this update, a special test has been added. As a result, a symbolic link pointing to another file system can be trashed or deleted properly. (BZ#621394)\n\n* Prior to this update, when directories without a read permission were marked for copy, the Nautilus file manager skipped these unreadable directories without notification. With this update, Nautilus displays an error message and properly informs the user about the aforementioned problem. (BZ#772307)\n\n* Previously, gnome-vfs2 used the stat() function calls for every file on the MultiVersion File System (MVFS), used for example by IBM Rational ClearCase. This behavior significantly slowed down file operations. With this update, the unnecessary stat() operations have been limited. As a result, gnome-vfs2 user interfaces, such as Nautilus, are more responsive. (BZ#822817)\n\nAll gnome-vfs2 users are advised to upgrade to these updated packages, which contain backported patches to correct these issues.", "published": "2013-01-08T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=63412", "cvelist": ["CVE-2009-2473"], "lastseen": "2017-10-29T13:37:57"}, {"id": "CENTOS_RHSA-2013-0131.NASL", "type": "nessus", "title": "CentOS 5 : gnome-vfs2 (CESA-2013:0131)", "description": "Updated gnome-vfs2 packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nThe gnome-vfs2 packages provide the GNOME Virtual File System, which is the foundation of the Nautilus file manager. neon is an HTTP and WebDAV client library embedded in the gnome-vfs2 packages.\n\nA denial of service flaw was found in the neon Extensible Markup Language (XML) parser. Visiting a malicious DAV server with an application using gnome-vfs2 (such as Nautilus) could possibly cause the application to consume an excessive amount of CPU and memory.\n(CVE-2009-2473)\n\nThis update also fixes the following bugs :\n\n* When extracted from the Uniform Resource Identifier (URI), gnome-vfs2 returned escaped file paths. If a path, as stored in the URI, contained non-ASCII characters or ASCII characters which are parsed as something other than a file path (for example, spaces), the escaped path was inaccurate. Consequently, files with the described type of URI could not be processed. With this update, gnome-vfs2 properly unescapes paths that are required for a system call. As a result, these paths are parsed properly. (BZ#580855)\n\n* In certain cases, the trash info file was populated by foreign entries, pointing to live data. Emptying the trash caused an accidental deletion of valuable data. With this update, a workaround has been applied in order to prevent the deletion. As a result, the accidental data loss is prevented, however further information is still gathered to fully fix this problem. (BZ#586015)\n\n* Due to a wrong test checking for a destination file system, the Nautilus file manager failed to delete a symbolic link to a folder which was residing in another file system. With this update, a special test has been added. As a result, a symbolic link pointing to another file system can be trashed or deleted properly. (BZ#621394)\n\n* Prior to this update, when directories without a read permission were marked for copy, the Nautilus file manager skipped these unreadable directories without notification. With this update, Nautilus displays an error message and properly informs the user about the aforementioned problem. (BZ#772307)\n\n* Previously, gnome-vfs2 used the stat() function calls for every file on the MultiVersion File System (MVFS), used for example by IBM Rational ClearCase. This behavior significantly slowed down file operations. With this update, the unnecessary stat() operations have been limited. As a result, gnome-vfs2 user interfaces, such as Nautilus, are more responsive. (BZ#822817)\n\nAll gnome-vfs2 users are advised to upgrade to these updated packages, which contain backported patches to correct these issues.", "published": "2013-01-17T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=63576", "cvelist": ["CVE-2009-2473"], "lastseen": "2018-07-03T10:24:21"}, {"id": "ORACLELINUX_ELSA-2013-0131.NASL", "type": "nessus", "title": "Oracle Linux 5 : gnome-vfs2 (ELSA-2013-0131)", "description": "From Red Hat Security Advisory 2013:0131 :\n\nUpdated gnome-vfs2 packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nThe gnome-vfs2 packages provide the GNOME Virtual File System, which is the foundation of the Nautilus file manager. neon is an HTTP and WebDAV client library embedded in the gnome-vfs2 packages.\n\nA denial of service flaw was found in the neon Extensible Markup Language (XML) parser. Visiting a malicious DAV server with an application using gnome-vfs2 (such as Nautilus) could possibly cause the application to consume an excessive amount of CPU and memory.\n(CVE-2009-2473)\n\nThis update also fixes the following bugs :\n\n* When extracted from the Uniform Resource Identifier (URI), gnome-vfs2 returned escaped file paths. If a path, as stored in the URI, contained non-ASCII characters or ASCII characters which are parsed as something other than a file path (for example, spaces), the escaped path was inaccurate. Consequently, files with the described type of URI could not be processed. With this update, gnome-vfs2 properly unescapes paths that are required for a system call. As a result, these paths are parsed properly. (BZ#580855)\n\n* In certain cases, the trash info file was populated by foreign entries, pointing to live data. Emptying the trash caused an accidental deletion of valuable data. With this update, a workaround has been applied in order to prevent the deletion. As a result, the accidental data loss is prevented, however further information is still gathered to fully fix this problem. (BZ#586015)\n\n* Due to a wrong test checking for a destination file system, the Nautilus file manager failed to delete a symbolic link to a folder which was residing in another file system. With this update, a special test has been added. As a result, a symbolic link pointing to another file system can be trashed or deleted properly. (BZ#621394)\n\n* Prior to this update, when directories without a read permission were marked for copy, the Nautilus file manager skipped these unreadable directories without notification. With this update, Nautilus displays an error message and properly informs the user about the aforementioned problem. (BZ#772307)\n\n* Previously, gnome-vfs2 used the stat() function calls for every file on the MultiVersion File System (MVFS), used for example by IBM Rational ClearCase. This behavior significantly slowed down file operations. With this update, the unnecessary stat() operations have been limited. As a result, gnome-vfs2 user interfaces, such as Nautilus, are more responsive. (BZ#822817)\n\nAll gnome-vfs2 users are advised to upgrade to these updated packages, which contain backported patches to correct these issues.", "published": "2013-07-12T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=68702", "cvelist": ["CVE-2009-2473"], "lastseen": "2017-10-29T13:33:10"}, {"id": "SL_20130108_GNOME_VFS2_ON_SL5_X.NASL", "type": "nessus", "title": "Scientific Linux Security Update : gnome-vfs2 on SL5.x i386/x86_64", "description": "A denial of service flaw was found in the neon Extensible Markup Language (XML) parser. Visiting a malicious DAV server with an application using gnome-vfs2 (such as Nautilus) could possibly cause the application to consume an excessive amount of CPU and memory.\n(CVE-2009-2473)\n\nThis update also fixes the following bugs :\n\n - When extracted from the Uniform Resource Identifier (URI), gnome-vfs2 returned escaped file paths. If a path, as stored in the URI, contained non- ASCII characters or ASCII characters which are parsed as something other than a file path (for example, spaces), the escaped path was inaccurate. Consequently, files with the described type of URI could not be processed.\n With this update, gnome-vfs2 properly unescapes paths that are required for a system call. As a result, these paths are parsed properly.\n\n - In certain cases, the trash info file was populated by foreign entries, pointing to live data. Emptying the trash caused an accidental deletion of valuable data.\n With this update, a workaround has been applied in order to prevent the deletion. As a result, the accidental data loss is prevented, however further information is still gathered to fully fix this problem.\n\n - Due to a wrong test checking for a destination file system, the Nautilus file manager failed to delete a symbolic link to a folder which was residing in another file system. With this update, a special test has been added. As a result, a symbolic link pointing to another file system can be trashed or deleted properly.\n\n - Prior to this update, when directories without a read permission were marked for copy, the Nautilus file manager skipped these unreadable directories without notification. With this update, Nautilus displays an error message and properly informs the user about the aforementioned problem.\n\n - Previously, gnome-vfs2 used the stat() function calls for every file on the MultiVersion File System (MVFS), used for example by IBM Rational ClearCase. This behavior significantly slowed down file operations. With this update, the unnecessary stat() operations have been limited. As a result, gnome-vfs2 user interfaces, such as Nautilus, are more responsive.", "published": "2013-01-17T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=63594", "cvelist": ["CVE-2009-2473"], "lastseen": "2017-10-29T13:44:32"}, {"id": "FEDORA_2009-8794.NASL", "type": "nessus", "title": "Fedora 10 : neon-0.28.6-1.fc10 (2009-8794)", "description": "This update includes the latest release of neon, version 0.28.6. This fixes two security issues: * the 'billion laughs' attack against expat could allow a Denial of Service attack by a malicious server.\n(CVE-2009-2473) * an embedded NUL byte in a certificate subject name could allow an undetected MITM attack against an SSL server if a trusted CA issues such a cert. Several bug fixes are also included, notably: * X.509v1 CA certificates are trusted by default * Fix handling of some PKCS#12 certificates\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2009-08-24T00:00:00", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=40677", "cvelist": ["CVE-2009-2473", "CVE-2009-2474"], "lastseen": "2017-10-29T13:38:12"}, {"id": "SUSE_11_1_LIBNEON-DEVEL-091012.NASL", "type": "nessus", "title": "openSUSE Security Update : libneon-devel (libneon-devel-1377)", "description": "neon did not properly handle embedded NUL characters in X.509 certificates when comparing host names. Attackers could exploit that to spoof SSL servers (CVE-2009-2408).\n\nSpecially crafted XML documents that contain a large number of nested entity references could cause neon to consume large amounts of CPU and memory (CVE-2009-2473).", "published": "2009-10-30T00:00:00", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=42317", "cvelist": ["CVE-2009-2408", "CVE-2009-2473"], "lastseen": "2017-10-29T13:35:07"}, {"id": "ORACLELINUX_ELSA-2009-1452.NASL", "type": "nessus", "title": "Oracle Linux 4 / 5 : neon (ELSA-2009-1452)", "description": "From Red Hat Security Advisory 2009:1452 :\n\nUpdated neon packages that fix two security issues are now available for Red Hat Enterprise Linux 4 and 5.\n\nThis update has been rated as having moderate security impact by the Red Hat Security Response Team.\n\nneon is an HTTP and WebDAV client library, with a C interface. It provides a high-level interface to HTTP and WebDAV methods along with a low-level interface for HTTP request handling. neon supports persistent connections, proxy servers, basic, digest and Kerberos authentication, and has complete SSL support.\n\nIt was discovered that neon is affected by the previously published 'null prefix attack', caused by incorrect handling of NULL characters in X.509 certificates. If an attacker is able to get a carefully-crafted certificate signed by a trusted Certificate Authority, the attacker could use the certificate during a man-in-the-middle attack and potentially confuse an application using the neon library into accepting it by mistake. (CVE-2009-2474)\n\nA denial of service flaw was found in the neon Extensible Markup Language (XML) parser. A remote attacker (malicious DAV server) could provide a specially crafted XML document that would cause excessive memory and CPU consumption if an application using the neon XML parser was tricked into processing it. (CVE-2009-2473)\n\nAll neon users should upgrade to these updated packages, which contain backported patches to correct these issues. Applications using the neon HTTP and WebDAV client library, such as cadaver, must be restarted for this update to take effect.", "published": "2013-07-12T00:00:00", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=67927", "cvelist": ["CVE-2009-2473", "CVE-2009-2474"], "lastseen": "2017-10-29T13:41:52"}, {"id": "SUSE_NEON-6549.NASL", "type": "nessus", "title": "SuSE 10 Security Update : neon (ZYPP Patch Number 6549)", "description": "neon did not properly handle embedded NUL characters in X.509 certificates when comparing host names. Attackers could exploit that to spoof SSL servers. (CVE-2009-2408)\n\nSpecially crafted XML documents that contain a large number of nested entity references could cause neon to consume large amounts of CPU and memory. (CVE-2009-2473)", "published": "2010-10-11T00:00:00", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=49905", "cvelist": ["CVE-2009-2408", "CVE-2009-2473"], "lastseen": "2017-10-29T13:42:14"}, {"id": "MANDRIVA_MDVSA-2009-221.NASL", "type": "nessus", "title": "Mandriva Linux Security Advisory : libneon0.27 (MDVSA-2009:221)", "description": "Multiple vulnerabilities has been found and corrected in libneon0.27 :\n\nneon before 0.28.6, when expat is used, does not properly detect recursion during entity expansion, which allows context-dependent attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564 (CVE-2009-2473).\n\nneon before 0.28.6, when OpenSSL is used, does not properly handle a '�' (NUL) character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408 (CVE-2009-2474).\n\nThis update provides a solution to these vulnerabilities.", "published": "2009-08-25T00:00:00", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=40764", "cvelist": ["CVE-2009-2473", "CVE-2009-2474"], "lastseen": "2017-10-29T13:41:27"}, {"id": "SUSE_NEON-6548.NASL", "type": "nessus", "title": "SuSE 10 Security Update : neon (ZYPP Patch Number 6548)", "description": "neon did not properly handle embedded NUL characters in X.509 certificates when comparing host names. Attackers could exploit that to spoof SSL servers. (CVE-2009-2408)\n\nSpecially crafted XML documents that contain a large number of nested entity references could cause neon to consume large amounts of CPU and memory. (CVE-2009-2473)", "published": "2009-10-29T00:00:00", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=42303", "cvelist": ["CVE-2009-2408", "CVE-2009-2473"], "lastseen": "2017-10-29T13:44:57"}], "openvas": [{"id": "OPENVAS:1361412562310881571", "type": "openvas", "title": "CentOS Update for gnome-vfs2 CESA-2013:0131 centos5 ", "description": "Check for the Version of gnome-vfs2", "published": "2013-01-21T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881571", "cvelist": ["CVE-2009-2473"], "lastseen": "2018-04-06T11:23:48"}, {"id": "OPENVAS:136141256231064713", "type": "openvas", "title": "Fedora Core 10 FEDORA-2009-8794 (neon)", "description": "The remote host is missing an update to neon\nannounced via advisory FEDORA-2009-8794.", "published": "2009-09-02T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064713", "cvelist": ["CVE-2009-2473"], "lastseen": "2018-04-06T11:40:13"}, {"id": "OPENVAS:136141256231064719", "type": "openvas", "title": "Fedora Core 11 FEDORA-2009-8815 (neon)", "description": "The remote host is missing an update to neon\nannounced via advisory FEDORA-2009-8815.", "published": "2009-09-02T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064719", "cvelist": ["CVE-2009-2473"], "lastseen": "2018-04-06T11:40:03"}, {"id": "OPENVAS:64719", "type": "openvas", "title": "Fedora Core 11 FEDORA-2009-8815 (neon)", "description": "The remote host is missing an update to neon\nannounced via advisory FEDORA-2009-8815.", "published": "2009-09-02T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=64719", "cvelist": ["CVE-2009-2473"], "lastseen": "2017-07-25T10:57:01"}, {"id": "OPENVAS:64713", "type": "openvas", "title": "Fedora Core 10 FEDORA-2009-8794 (neon)", "description": "The remote host is missing an update to neon\nannounced via advisory FEDORA-2009-8794.", "published": "2009-09-02T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=64713", "cvelist": ["CVE-2009-2473"], "lastseen": "2017-07-25T10:57:05"}, {"id": "OPENVAS:870884", "type": "openvas", "title": "RedHat Update for gnome-vfs2 RHSA-2013:0131-01", "description": "Check for the Version of gnome-vfs2", "published": "2013-01-11T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=870884", "cvelist": ["CVE-2009-2473"], "lastseen": "2018-02-05T11:10:46"}, {"id": "OPENVAS:881571", "type": "openvas", "title": "CentOS Update for gnome-vfs2 CESA-2013:0131 centos5 ", "description": "Check for the Version of gnome-vfs2", "published": "2013-01-21T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=881571", "cvelist": ["CVE-2009-2473"], "lastseen": "2018-02-06T13:10:48"}, {"id": "OPENVAS:1361412562310123751", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2013-0131", "description": "Oracle Linux Local Security Checks ELSA-2013-0131", "published": "2015-10-06T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123751", "cvelist": ["CVE-2009-2473"], "lastseen": "2017-07-24T12:52:56"}, {"id": "OPENVAS:1361412562310870884", "type": "openvas", "title": "RedHat Update for gnome-vfs2 RHSA-2013:0131-01", "description": "Check for the Version of gnome-vfs2", "published": "2013-01-11T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870884", "cvelist": ["CVE-2009-2473"], "lastseen": "2018-04-06T11:21:57"}, {"id": "OPENVAS:64986", "type": "openvas", "title": "CentOS Security Advisory CESA-2009:1452 (neon)", "description": "The remote host is missing updates to neon announced in\nadvisory CESA-2009:1452.", "published": "2009-09-28T00:00:00", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=64986", "cvelist": ["CVE-2009-2473", "CVE-2009-2474"], "lastseen": "2017-07-25T10:56:20"}], "centos": [{"id": "CESA-2013:0131", "type": "centos", "title": "gnome security update", "description": "**CentOS Errata and Security Advisory** CESA-2013:0131\n\n\nThe gnome-vfs2 packages provide the GNOME Virtual File System, which is the\nfoundation of the Nautilus file manager. neon is an HTTP and WebDAV client\nlibrary embedded in the gnome-vfs2 packages.\n\nA denial of service flaw was found in the neon Extensible Markup Language\n(XML) parser. Visiting a malicious DAV server with an application using\ngnome-vfs2 (such as Nautilus) could possibly cause the application to\nconsume an excessive amount of CPU and memory. (CVE-2009-2473)\n\nThis update also fixes the following bugs:\n\n* When extracted from the Uniform Resource Identifier (URI), gnome-vfs2\nreturned escaped file paths. If a path, as stored in the URI,\ncontained non-ASCII characters or ASCII characters which are parsed as\nsomething other than a file path (for example, spaces), the escaped path\nwas inaccurate. Consequently, files with the described type of URI could\nnot be processed. With this update, gnome-vfs2 properly unescapes paths\nthat are required for a system call. As a result, these paths are parsed\nproperly. (BZ#580855)\n\n* In certain cases, the trash info file was populated by foreign\nentries, pointing to live data. Emptying the trash caused an accidental\ndeletion of valuable data. With this update, a workaround has been applied\nin order to prevent the deletion. As a result, the accidental data loss is\nprevented, however further information is still gathered to fully fix this\nproblem. (BZ#586015)\n\n* Due to a wrong test checking for a destination file system, the Nautilus\nfile manager failed to delete a symbolic link to a folder which was\nresiding in another file system. With this update, a special test has been\nadded. As a result, a symbolic link pointing to another file system can be\ntrashed or deleted properly. (BZ#621394)\n\n* Prior to this update, when directories without a read permission were\nmarked for copy, the Nautilus file manager skipped these unreadable\ndirectories without notification. With this update, Nautilus displays an\nerror message and properly informs the user about the aforementioned\nproblem. (BZ#772307)\n\n* Previously, gnome-vfs2 used the stat() function calls for every file on\nthe MultiVersion File System (MVFS), used for example by IBM Rational\nClearCase. This behavior significantly slowed down file operations. With\nthis update, the unnecessary stat() operations have been limited. As a\nresult, gnome-vfs2 user interfaces, such as Nautilus, are more responsive.\n(BZ#822817)\n\nAll gnome-vfs2 users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-cr-announce/2013-January/000341.html\n\n**Affected packages:**\ngnome-vfs2\ngnome-vfs2-devel\ngnome-vfs2-smb\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2013-0131.html", "published": "2013-01-11T13:17:57", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://lists.centos.org/pipermail/centos-cr-announce/2013-January/000341.html", "cvelist": ["CVE-2009-2473"], "lastseen": "2018-04-04T12:59:58"}], "seebug": [{"id": "SSV:12116", "type": "seebug", "title": "Neon XML\u6587\u6863\u89e3\u6790\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e", "description": "BUGTRAQ ID: 36080\r\nCVE(CAN) ID: CVE-2009-2473\r\n\r\nneon\u662f\u4e00\u6b3eHTTP\u548cWebDAV\u5ba2\u6237\u7aef\u5e93\u3002\r\n\r\n\u5982\u679c\u4f7f\u7528\u4e86expat\u5e93\uff0cneon\u5728\u5b9e\u4f53\u6269\u5c55\u671f\u95f4\u6ca1\u6709\u6b63\u786e\u7684\u68c0\u6d4b\u9012\u5f52\u3002\u5f53\u5ba2\u6237\u7aef\u5e94\u7528\u8bbf\u95ee\u6076\u610f\u7684DAV\u670d\u52a1\u5668\u6216\u4f7f\u7528XML\u89e3\u6790\u63a5\u53e3\uff08ne_xml*\uff09\u89e3\u6790XML\u6587\u6863\u7684\u65f6\u5019\uff0c\u5305\u542b\u6709\u5927\u91cf\u5d4c\u5957\u5b9e\u4f53\u5f15\u7528\u7684\u7279\u5236XML\u6587\u6863\u5c31\u53ef\u80fd\u8017\u5c3d\u5927\u91cf\u5185\u5b58\u548cCPU\u8d44\u6e90\u3002\r\n\n\nNeon Client Library < 0.28.6\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nNeon\r\n----\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\nhttp://lists.manyfish.co.uk/pipermail/neon/2009-August/001044.html", "published": "2009-08-26T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.seebug.org/vuldb/ssvid-12116", "cvelist": ["CVE-2009-2473"], "lastseen": "2017-11-19T18:38:40"}], "redhat": [{"id": "RHSA-2013:0131", "type": "redhat", "title": "(RHSA-2013:0131) Low: gnome-vfs2 security and bug fix update", "description": "The gnome-vfs2 packages provide the GNOME Virtual File System, which is the\nfoundation of the Nautilus file manager. neon is an HTTP and WebDAV client\nlibrary embedded in the gnome-vfs2 packages.\n\nA denial of service flaw was found in the neon Extensible Markup Language\n(XML) parser. Visiting a malicious DAV server with an application using\ngnome-vfs2 (such as Nautilus) could possibly cause the application to\nconsume an excessive amount of CPU and memory. (CVE-2009-2473)\n\nThis update also fixes the following bugs:\n\n* When extracted from the Uniform Resource Identifier (URI), gnome-vfs2\nreturned escaped file paths. If a path, as stored in the URI,\ncontained non-ASCII characters or ASCII characters which are parsed as\nsomething other than a file path (for example, spaces), the escaped path\nwas inaccurate. Consequently, files with the described type of URI could\nnot be processed. With this update, gnome-vfs2 properly unescapes paths\nthat are required for a system call. As a result, these paths are parsed\nproperly. (BZ#580855)\n\n* In certain cases, the trash info file was populated by foreign\nentries, pointing to live data. Emptying the trash caused an accidental\ndeletion of valuable data. With this update, a workaround has been applied\nin order to prevent the deletion. As a result, the accidental data loss is\nprevented, however further information is still gathered to fully fix this\nproblem. (BZ#586015)\n\n* Due to a wrong test checking for a destination file system, the Nautilus\nfile manager failed to delete a symbolic link to a folder which was\nresiding in another file system. With this update, a special test has been\nadded. As a result, a symbolic link pointing to another file system can be\ntrashed or deleted properly. (BZ#621394)\n\n* Prior to this update, when directories without a read permission were\nmarked for copy, the Nautilus file manager skipped these unreadable\ndirectories without notification. With this update, Nautilus displays an\nerror message and properly informs the user about the aforementioned\nproblem. (BZ#772307)\n\n* Previously, gnome-vfs2 used the stat() function calls for every file on\nthe MultiVersion File System (MVFS), used for example by IBM Rational\nClearCase. This behavior significantly slowed down file operations. With\nthis update, the unnecessary stat() operations have been limited. As a\nresult, gnome-vfs2 user interfaces, such as Nautilus, are more responsive.\n(BZ#822817)\n\nAll gnome-vfs2 users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues.\n", "published": "2013-01-08T05:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://access.redhat.com/errata/RHSA-2013:0131", "cvelist": ["CVE-2009-2473"], "lastseen": "2017-09-09T07:20:10"}, {"id": "RHSA-2009:1452", "type": "redhat", "title": "(RHSA-2009:1452) Moderate: neon security update", "description": "neon is an HTTP and WebDAV client library, with a C interface. It provides\na high-level interface to HTTP and WebDAV methods along with a low-level\ninterface for HTTP request handling. neon supports persistent connections,\nproxy servers, basic, digest and Kerberos authentication, and has complete\nSSL support.\n\nIt was discovered that neon is affected by the previously published \"null\nprefix attack\", caused by incorrect handling of NULL characters in X.509\ncertificates. If an attacker is able to get a carefully-crafted certificate\nsigned by a trusted Certificate Authority, the attacker could use the\ncertificate during a man-in-the-middle attack and potentially confuse an\napplication using the neon library into accepting it by mistake.\n(CVE-2009-2474)\n\nA denial of service flaw was found in the neon Extensible Markup Language\n(XML) parser. A remote attacker (malicious DAV server) could provide a\nspecially-crafted XML document that would cause excessive memory and CPU\nconsumption if an application using the neon XML parser was tricked into\nprocessing it. (CVE-2009-2473)\n\nAll neon users should upgrade to these updated packages, which contain\nbackported patches to correct these issues. Applications using the neon\nHTTP and WebDAV client library, such as cadaver, must be restarted for this\nupdate to take effect.", "published": "2009-09-21T04:00:00", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://access.redhat.com/errata/RHSA-2009:1452", "cvelist": ["CVE-2009-2473", "CVE-2009-2474"], "lastseen": "2017-09-09T07:20:08"}], "oraclelinux": [{"id": "ELSA-2013-0131", "type": "oraclelinux", "title": "gnome-vfs2 security and bug fix update", "description": "[2.16.2-10.el5]\r\n- Prevent trash applet crashing (#848822)\r\n \n[2.16.2-9.el5]\r\n- Prevent deleting items linking out of the trash (#586015)\r\n- Do not stat every file on an ClearCase mvfs filesystem (#822817)\r\n- Do not silently skip directory having no read permission during copy (#772307)\r\n- Allow trashing symlink to filesystem root that does not support trashing (#621394)\r\n- CVE-2009-2473 gnome-vfs2 embedded neon: billion laughs DoS attack (#540548)", "published": "2013-01-11T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://linux.oracle.com/errata/ELSA-2013-0131.html", "cvelist": ["CVE-2009-2473"], "lastseen": "2016-09-04T11:15:57"}, {"id": "ELSA-2009-1452", "type": "oraclelinux", "title": "neon security update", "description": "[0.25.5-10.el5_4.1]\n- add security fixes for CVE-2009-2473 CVE-2009-2474 (#521788)", "published": "2009-09-21T00:00:00", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://linux.oracle.com/errata/ELSA-2009-1452.html", "cvelist": ["CVE-2009-2473", "CVE-2009-2474"], "lastseen": "2016-09-04T11:17:14"}], "ubuntu": [{"id": "USN-835-1", "type": "ubuntu", "title": "neon vulnerabilities", "description": "Joe Orton discovered that neon did not correctly handle SSL certificates with zero bytes in the Common Name. A remote attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications.", "published": "2009-09-21T00:00:00", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://usn.ubuntu.com/835-1/", "cvelist": ["CVE-2009-2474", "CVE-2008-3746"], "lastseen": "2018-03-29T18:20:02"}]}}
