OPENSUSE-SU-2024:11080-1 libneon-devel-0.31.2-2.6 on GA media

These are all security issues fixed in the libneon-devel-0.31.2-2.6 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:10496-1 libneon-devel-0.30.1-1.11 on GA media

These are all security issues fixed in the libneon-devel-0.30.1-1.11 package on the GA media of openSUSE Tumbleweed...

Mageia: Security Advisory (MGASA-2021-0471)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities in the libneon-dev package of the Debian GNU/Linux operating system may lead to breaches of the confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...

libneon library / svn buffer overflow

Buffer overflow in NTLM authorization implementation...

Mandriva Security Advisory MDVSA-2009:315 (libneon)

The remote host is missing an update to libneon announced via advisory MDVSA-2009:315. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...

Mandriva Security Advisory MDVSA-2009:315 (libneon)

The remote host is missing an update to libneon announced via advisory MDVSA-2009:315. OpenVAS Vulnerability Test $Id: mdksa2009315.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:315 libneon Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft...

Mandriva Linux Security Advisory : libneon (MDVSA-2009:315)

A vulnerability has been found and corrected in libneo : neon before 0.28.6, when OpenSSL is used, does not properly handle a '' NUL character in a domain name in the subject's Common Name CN field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers vi...

SLES11: Security update for libneon

The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: libneon27 neon More details may also be found by searching for the SuSE Enterprise Server 11 patch database located at http://download.novell.com/patch/finde...

openSUSE 10 Security Update : libneon-devel (libneon-devel-6550)

neon did not properly handle embedded NUL characters in X.509 certificates when comparing host names. Attackers could exploit that to spoof SSL servers CVE-2009-2408. Specially crafted XML documents that contain a large number of nested entity references could cause neon to consume large amounts ...

openSUSE Security Update : libneon-devel (libneon-devel-1377)

neon did not properly handle embedded NUL characters in X.509 certificates when comparing host names. Attackers could exploit that to spoof SSL servers CVE-2009-2408. Specially crafted XML documents that contain a large number of nested entity references could cause neon to consume large amounts ...

SuSE 11 Security Update : libneon (SAT Patch Number 1376)

neon did not properly handle embedded NUL characters in X.509 certificates when comparing host names. Attackers could exploit that to spoof SSL servers. CVE-2009-2408 Specially crafted XML documents that contain a large number of nested entity references could cause neon to consume large amounts ...

Mandrake Security Advisory MDVSA-2009:228 (libneon)

The remote host is missing an update to libneon announced via advisory MDVSA-2009:228. OpenVAS Vulnerability Test $Id: mdksa2009228.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:228 libneon Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft...

Mandrake Security Advisory MDVSA-2009:228 (libneon)

The remote host is missing an update to libneon announced via advisory MDVSA-2009:228. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...

libneon certificate spoofing

Invalid NULL character processing in CN field...

FreeBSD : neon date parsing vulnerability (8d075001-a9ce-11d8-9c6d-0020ed76ef5a)

Stefan Esser reports : A vulnerability within a libneon date parsing function could cause a heap overflow which could lead to remote code execution, depending on the application using libneon. The vulnerability is in the function nerfc1036parse, which is in turn used by the function...

Gentoo Security Advisory GLSA 200405-01 (neon)

The remote host is missing updates announced in advisory GLSA 200405-01. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Gentoo Security Advisory GLSA 200405-01 (neon)

The remote host is missing updates announced in advisory GLSA 200405-01. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian Security Advisory DSA 487-1 (neon)

The remote host is missing an update to neon announced via advisory DSA 487-1. OpenVAS Vulnerability Test $Id: deb4871.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 487-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

Debian Security Advisory DSA 487-1 (neon)

The remote host is missing an update to neon announced via advisory DSA 487-1. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...