1. CVE-Search
  2. CVE-2004-0398
ID CVE-2004-0398
Summary Heap-based buffer overflow in the ne_rfc1036_parse date parsing function for the neon library (libneon) 0.24.5 and earlier, as used by cadaver before 0.22, allows remote WebDAV servers to execute arbitrary code on the client.
References
Vulnerable Configurations
  • cpe:2.3:a:webdav:cadaver:*:*:*:*:*:*:*:*
    cpe:2.3:a:webdav:cadaver:*:*:*:*:*:*:*:*
  • cpe:2.3:a:webdav:neon:0.19.0:*:*:*:*:*:*:*
    cpe:2.3:a:webdav:neon:0.19.0:*:*:*:*:*:*:*
  • cpe:2.3:a:webdav:neon:0.24.0:*:*:*:*:*:*:*
    cpe:2.3:a:webdav:neon:0.24.0:*:*:*:*:*:*:*
  • cpe:2.3:a:webdav:neon:0.24.1:*:*:*:*:*:*:*
    cpe:2.3:a:webdav:neon:0.24.1:*:*:*:*:*:*:*
  • cpe:2.3:a:webdav:neon:0.24.2:*:*:*:*:*:*:*
    cpe:2.3:a:webdav:neon:0.24.2:*:*:*:*:*:*:*
  • cpe:2.3:a:webdav:neon:0.24.3:*:*:*:*:*:*:*
    cpe:2.3:a:webdav:neon:0.24.3:*:*:*:*:*:*:*
  • cpe:2.3:a:webdav:neon:0.24.4:*:*:*:*:*:*:*
    cpe:2.3:a:webdav:neon:0.24.4:*:*:*:*:*:*:*
  • cpe:2.3:a:webdav:neon:0.24.5:*:*:*:*:*:*:*
    cpe:2.3:a:webdav:neon:0.24.5:*:*:*:*:*:*:*
  • cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*
    cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*
CVSS
Base: 7.5 (as of 09-10-2020 - 17:06)
Impact:
Exploitability:
CWE CWE-787
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
redhat via4
advisories
rhsa
id RHSA-2004:191
refmap via4
bid 10385
bugtraq
  • 20040519 Advisory 06/2004: libneon date parsing vulnerability
  • 20040519 [OpenPKG-SA-2004.024] OpenPKG Security Advisory (neon)
ciac O-148
conectiva CLA-2004:841
debian
  • DSA-506
  • DSA-507
fedora FEDORA-2004-1552
fulldisc 20040519 Advisory 06/2004: libneon date parsing vulnerability
gentoo
  • GLSA-200405-13
  • GLSA-200405-15
mandrake MDKSA-2004:049
osvdb 6302
secunia
  • 11638
  • 11650
  • 11673
xf neon-library-nerfc1036parse-bo(16192)
Last major update 09-10-2020 - 17:06
Published 07-07-2004 - 04:00
Last modified 09-10-2020 - 17:06
Back to Top