Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-3746

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2008-3746
Last Modified 01 Sep 2011 12:00:00
Published 27 Aug 2008 11:21:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-3746

Summary

neon 0.28.0 through 0.28.2 allows remote servers to cause a denial of service (NULL pointer dereference and crash) via vectors related to Digest authentication, Digest domain parameter support, and the parse_domain function.

Vulnerable Systems

Application

  • Webdav Neon 0.28.0

  • Webdav Neon 0.28.1

  • Webdav Neon 0.28.2


References

MLIST - [neon] 20080820 neon: release 0.28.3 (SECURITY)

FEDORA - FEDORA-2008-7661

XF - neon-digestauthentication-dos(44511)

VUPEN - ADV-2008-2420

UBUNTU - USN-835-1

SECTRACK - 1020725

BID - 30710

MLIST - [oss-security] 20080820 Re: CVE request for neon

MLIST - [oss-security] 20080815 CVE request for neon

MANDRIVA - MDVSA-2009:074

SECUNIA - 36799

SECUNIA - 32286

SECUNIA - 31687

SECUNIA - 31508

SUSE - SUSE-SR:2008:017

MLIST - [neon] 20080820 CVE-2008-3746: NULL pointer dereference in Digest domain support

CONFIRM - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=476571


Last Updated: 27 May 2016 10:48:18