CVE-2004-0398 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2004-0398
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2004-0398

Description: Heap-based buffer overflow in the ne_rfc1036_parse date parsing function for the neon library (libneon) 0.24.5 and earlier, as used by cadaver before 0.22, allows remote WebDAV servers to execute arbitrary code on the client.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/16192 SAID Secunia Advisory: SA11650 Secunia Advisory: SA11638 Secunia Advisory: SA11673 REDHAT http://www.redhat.com/support/errata/RHSA-2004-191.html OSVDB 6302 MANDRAKE http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:049 GENTOO http://security.gentoo.org/glsa/glsa-200405-15.xml http://security.gentoo.org/glsa/glsa-200405-13.xml FULLDISC http://archives.neohapsis.com/archives/fulldisclosure/2004-05/0982.html FEDORA DEBIAN http://www.debian.org/security/2004/dsa-507 http://www.debian.org/security/2004/dsa-506 CONECTIVA http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000841 CIAC http://www.ciac.org/ciac/bulletins/o-148.shtml BUGTRAQ http://marc.theaimsgroup.com/?l=bugtraq&m=108500057108022&w=2 http://marc.theaimsgroup.com/?l=bugtraq&m=108498433632333&w=2 BID 10385

Return to the previous page.