CVE-2004-0398

Description

Heap-based buffer overflow in the ne_rfc1036_parse date parsing function for the neon library (libneon) 0.24.5 and earlier, as used by cadaver before 0.22, allows remote WebDAV servers to execute arbitrary code on the client.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/16192

http://www.securityfocus.com/bid/10385

http://www.redhat.com/support/errata/RHSA-2004-191.html

http://www.mandriva.com/security/advisories?name=MDKSA-2004:049

http://www.debian.org/security/2004/dsa-507

http://www.debian.org/security/2004/dsa-506

http://security.gentoo.org/glsa/glsa-200405-15.xml

http://security.gentoo.org/glsa/glsa-200405-13.xml

http://secunia.com/advisories/11673

http://secunia.com/advisories/11650

http://secunia.com/advisories/11638

http://marc.info/?l=bugtraq&m=108500057108022&w=2

http://marc.info/?l=bugtraq&m=108498433632333&w=2

Details

Source: Mitre, NVD

Risk Information

CVSS v2

CVSS v3