5 matches found
CVE-2009-2473
Technical details for CVE-2009-2473 are not publicly available in the provided documents. Monitor for updates from official advisories.
CVE-2004-0398
CVE-2004-0398 concerns the neon library (libneon) up to version 0.24.5 and cadaver prior to 0.22, where a heap-based overflow occurs in the date parsing function ne_rfc1036_parse. This vulnerability can allow a remote WebDAV server to cause arbitrary code execution on the client. The connected do...
CVE-2009-2474
CVE-2009-2474 affects neon prior to 0.28.6 when using OpenSSL or GnuTLS. The root cause is improper handling of a '\0' character in the domain name in the X.509 certificate CN field, enabling MITM spoofing of SSL servers via a certificate issued by a legitimate CA. Impact per the entry is partial...
CVE-2008-3746
CVE-2008-3746 - neon vulnerability details (supported by connected docs) Affected software: neon 0.28.0 through 0.28.2. The issue is described across multiple advisories as a denial of service caused by a NULL pointer dereference in the digest authentication code, related to Digest authentication...
CVE-2004-0179
CVE-2004-0179 involves multiple format-string vulnerabilities in neon 0.24.4 and earlier, and in other products that use neon (Cadaver, Subversion, OpenOffice). The underlying issue is format-string bugs in neon’s error reporting code, which could allow a remote attacker—via a malicious WebDAV se...