16 matches found
FreeBSD : neon date parsing vulnerability (8d075001-a9ce-11d8-9c6d-0020ed76ef5a)
Stefan Esser reports : A vulnerability within a libneon date parsing function could cause a heap overflow which could lead to remote code execution, depending on the application using libneon. The vulnerability is in the function nerfc1036parse, which is in turn used by the function...
Gentoo Security Advisory GLSA 200405-13 (neon)
The remote host is missing updates announced in advisory GLSA 200405-13. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
Gentoo Security Advisory GLSA 200405-15 (cadaver)
The remote host is missing updates announced in advisory GLSA 200405-15. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Gentoo Security Advisory GLSA 200405-13 (neon)
The remote host is missing updates announced in advisory GLSA 200405-13. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Gentoo Security Advisory GLSA 200405-25 (tla)
The remote host is missing updates announced in advisory GLSA 200405-25. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
FreeBSD Ports: neon
The remote host is missing an update to the system as announced in the referenced advisory. VID 8d075001-a9ce-11d8-9c6d-0020ed76ef5a OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...
Debian DSA-506-1 : neon - buffer overflow
Stefan Esser discovered a problem in neon, an HTTP and WebDAV client library. User input is copied into variables not large enough for all cases. This can lead to an overflow of a static heap variable. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in...
Mandrake Linux Security Advisory : libneon (MDKSA-2004:049)
It was discovered that in portions of neon, sscanf is used in an unsafe manner. This will result in an overflow of a static heap variable. The updated packages provide a patched libneon to correct these problems. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and packag...
Fedora Core 1 : neon-0.24.5-2.1 (2004-129)
Stefan Esser discovered a flaw in the neon library which allows a heap buffer overflow in a date parsing routine. An attacker could create a malicious WebDAV server in such a way as to allow arbitrary code execution on the client should a user connect to it using a neon-based application which us...
Fedora Core 2 : neon-0.24.5-2.2 (2004-130)
Stefan Esser discovered a flaw in the neon library which allows a heap buffer overflow in a date parsing routine. An attacker could create a malicious WebDAV server in such a way as to allow arbitrary code execution on the client should a user connect to it using a neon-based application which us...
CVE-2004-0398
Heap-based buffer overflow in the nerfc1036parse date parsing function for the neon library libneon 0.24.5 and earlier, as used by cadaver before 0.22, allows remote WebDAV servers to execute arbitrary code on the client...
CVE-2004-0398
Heap-based buffer overflow in the nerfc1036parse date parsing function for the neon library libneon 0.24.5 and earlier, as used by cadaver before 0.22, allows remote WebDAV servers to execute arbitrary code on the client...
CVE-2004-0398
Heap-based buffer overflow in the nerfc1036parse date parsing function for the neon library libneon 0.24.5 and earlier, as used by cadaver before 0.22, allows remote WebDAV servers to execute arbitrary code on the client...
CVE-2004-0398
Heap-based buffer overflow in the nerfc1036parse date parsing function for the neon library libneon 0.24.5 and earlier, as used by cadaver before 0.22, allows remote WebDAV servers to execute arbitrary code on the client...
CVE-2004-0398
CVE-2004-0398 concerns the neon library (libneon) up to version 0.24.5 and cadaver prior to 0.22, where a heap-based overflow occurs in the date parsing function ne_rfc1036_parse. This vulnerability can allow a remote WebDAV server to cause arbitrary code execution on the client. The connected do...
CVE-2004-0398
Heap-based buffer overflow in the nerfc1036parse date parsing function for the neon library libneon 0.24.5 and earlier, as used by cadaver before 0.22, allows remote WebDAV servers to execute arbitrary code on the client...