Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-0179

Overview

Vulnerability Score 5.1 5.1
CVE Id CVE-2004-0179
Last Modified 21 Aug 2010 12:19:41
Published 01 Jun 2004 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2004-0179

Summary

Multiple format string vulnerabilities in (1) neon 0.24.4 and earlier, and other products that use neon including (2) Cadaver, (3) Subversion, and (4) OpenOffice, allow remote malicious WebDAV servers to execute arbitrary code.

Vulnerable Systems

Application

  • Cadaver Webdav Client 0.20.0

  • Cadaver Webdav Client 0.20.1

  • Cadaver Webdav Client 0.20.2

  • Cadaver Webdav Client 0.20.3

  • Cadaver Webdav Client 0.20.4

  • Cadaver Webdav Client 0.20.5

  • Cadaver Webdav Client 0.21.0

  • Cadaver Webdav Client 0.22.0

  • Cadaver Webdav Client 0.22.1

  • Neon Client Library 0.19.3

  • Neon Client Library 0.23

  • Neon Client Library 0.23.1

  • Neon Client Library 0.23.2

  • Neon Client Library 0.23.3

  • Neon Client Library 0.23.4

  • Neon Client Library 0.23.5

  • Neon Client Library 0.23.6

  • Neon Client Library 0.23.7

  • Neon Client Library 0.23.8

  • Neon Client Library 0.24

  • Neon Client Library 0.24.1

  • Neon Client Library 0.24.2

  • Neon Client Library 0.24.3

  • Neon Client Library 0.24.4

  • Openoffice 1.1.2

  • Subversion


References

FEDORA - FEDORA-2004-1552

REDHAT - RHSA-2004:160

REDHAT - RHSA-2004:159

REDHAT - RHSA-2004:158

REDHAT - RHSA-2004:157

DEBIAN - DSA-487

GENTOO - GLSA-200405-04

GENTOO - GLSA-200405-01

SECUNIA - 11363

SUSE - SuSE-SA:2004:008

SUSE - SuSE-SA:2004:009

SGI - 20040404-01-U

BID - 10136

OSVDB - 5365

MANDRAKE - MDKSA-2004:032

BUGTRAQ - 20040416 void.at - neon format string bugs

BUGTRAQ - 20040416 [OpenPKG-SA-2004.016] OpenPKG Security Advisory (neon)


Last Updated: 27 May 2016 10:38:30