28 matches found
Malicious code in python-module-installer (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 61bfa181c5afb9e33e0d529138c813fc05d8130062182d9d1a5cb4ef9c8da0ea The package clones a legitimate webdavclient3 library and modifies it to be an installer utility. During installation, the package exfiltrates the current...
EUVD-2008-2630
Malware in sbrugna...
CVE-2003-0438
eldav WebDAV client for Emacs, version 0.7.2 and earlier, allows local users to create or overwrite arbitrary files via a symlink attack on temporary files...
VulnCheck KEV: CVE-2016-0051
The WebDAV client in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka "WebDAV Elevation of Privilege...
CVE-2016-0051
The WebDAV client in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka "WebDAV Elevation of Privilege...
PT-2016-1171 · Microsoft · Windows Server 2012 +8
Name of the Vulnerable Software and Affected Versions: Microsoft Windows versions prior to the fixed version Microsoft WebDAV client in Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511...
Microsoft WebDAV Client Information Disclosure Vulnerability (3076949)
This host is missing an important security update according to Microsoft Bulletin MS15-089. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
RHEL 5 : gnome-vfs2 (RHSA-2013:0131)
Updated gnome-vfs2 packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
Scientific Linux Security Update : neon on SL4.x, SL5.x i386/x86_64
CVE-2009-2473 neon, gnome-vfs2 embedded neon: billion laughs DoS attack CVE-2009-2474 neon: Improper verification of x509v3 certificate with NULL zero byte in certain fields It was discovered that neon is affected by the previously published 'null prefix attack', caused by incorrect handling of...
[SECURITY] Fedora 11 Update: neon-0.28.6-1.fc11
neon is an HTTP and WebDAV client library, with a C interface; providing a high-level interface to HTTP and WebDAV methods along with a low-level interface for HTTP request handling. neon supports persistent connections, proxy servers, basic, digest and Kerberos authentication, and has complete S...
CVE-2008-2635
CVE-2008-2635 describes multiple directory traversal vulnerabilities in BitKinex 2.9.3 that allow remote FTP and WebDAV servers to create or overwrite arbitrary files via a .. sequence in responses to LIST (FTP) and PROPFIND (WebDAV). The note indicates this can be leveraged for code execution by...
Debian: Security Advisory (DSA-506)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian Security Advisory DSA 325-1 (eldav)
The remote host is missing an update to eldav announced via advisory DSA 325-1. OpenVAS Vulnerability Test $Id: deb3251.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 325-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...
Debian DSA-507-1 : cadaver - buffer overflow
Stefan Esser discovered a problem in neon, an HTTP and WebDAV client library, which is also present in cadaver, a command-line client for WebDAV server. User input is copied into variables not large enough for all cases. This can lead to an overflow of a static heap variable. %NASLMINLEVEL 70300 ...
Neon < 0.24.7 WebDAV Client Library Unspecified Vulnerability
Binary data 1781.prm...
Neon < 0.24.5 WebDAV Client Library Format String Vulnerabilities (deprecated)
Binary data 1779.prm...
Neon < 0.24.6 WebDAV Client Library ne_rfc1036_parse Function Heap Overflow
Binary data 1780.prm...
RHEL 2.1 : cadaver (RHSA-2004:157)
An updated cadaver package that fixes a vulnerability in neon exploitable by a malicious DAV server is now available. cadaver is a command-line WebDAV client that uses inbuilt code from neon, an HTTP and WebDAV client library. Versions of the neon client library up to and including 0.24.4 have be...
RHEL 2.1 : cadaver (RHSA-2004:191)
An updated cadaver package is now available that fixes a vulnerability in neon which could be exploitable by a malicious DAV server. cadaver is a command-line WebDAV client that uses inbuilt code from neon, an HTTP and WebDAV client library. Stefan Esser discovered a flaw in the neon library whic...
DSA-487 neon - format string
Bulletin has no description...