Vulnerabilities > CVE-2004-0398 - Out-of-bounds Write vulnerability in multiple products

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
webdav
debian
CWE-787
nessus
NVD
Published: 2004-07-07
Updated: 2024-11-20

Summary

Heap-based buffer overflow in the ne_rfc1036_parse date parsing function for the neon library (libneon) 0.24.5 and earlier, as used by cadaver before 0.22, allows remote WebDAV servers to execute arbitrary code on the client.

Vulnerable Configurations

Part Description Count
Application
Webdav
8
OS
Debian
1

Common Weakness Enumeration (CWE)

Nessus

  • NASL familyFreeBSD Local Security Checks
    NASL idFREEBSD_NEON_0245_1.NASL
    descriptionThe following package needs to be updated: neon
    last seen2016-09-26
    modified2004-07-06
    plugin id12586
    published2004-07-06
    reporterTenable
    sourcehttps://www.tenable.com/plugins/index.php?view=single&id=12586
    titleFreeBSD : neon date parsing vulnerability (128)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2004-130.NASL
    descriptionStefan Esser discovered a flaw in the neon library which allows a heap buffer overflow in a date parsing routine. An attacker could create a malicious WebDAV server in such a way as to allow arbitrary code execution on the client should a user connect to it using a neon-based application which uses the date parsing routines, such as cadaver. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-0398 to this issue. This update includes packages with a patch for this issue. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id13705
    published2004-07-23
    reporterThis script is Copyright (C) 2004-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/13705
    titleFedora Core 2 : neon-0.24.5-2.2 (2004-130)
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-200405-15.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-200405-15 (cadaver heap-based buffer overflow) Stefan Esser discovered a vulnerability in the code of the neon library (see GLSA 200405-13). This library is also included in cadaver. Impact : When connected to a malicious WebDAV server, this vulnerability could allow remote execution of arbitrary code with the rights of the user running cadaver. Workaround : There is no known workaround at this time. All users are advised to upgrade to the latest available version of cadaver.
    last seen2020-06-01
    modified2020-06-02
    plugin id14501
    published2004-08-30
    reporterThis script is Copyright (C) 2004-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/14501
    titleGLSA-200405-15 : cadaver heap-based buffer overflow
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2004-191.NASL
    descriptionAn updated cadaver package is now available that fixes a vulnerability in neon which could be exploitable by a malicious DAV server. cadaver is a command-line WebDAV client that uses inbuilt code from neon, an HTTP and WebDAV client library. Stefan Esser discovered a flaw in the neon library which allows a heap buffer overflow in a date parsing routine. An attacker could create a malicious WebDAV server in such a way as to allow arbitrary code execution on the client should a user connect to it using cadaver. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-0398 to this issue. Users of cadaver are advised to upgrade to this updated package, which contains a patch correcting this issue. This issue does not affect Red Hat Enterprise Linux 3.
    last seen2020-06-01
    modified2020-06-02
    plugin id12496
    published2004-07-06
    reporterThis script is Copyright (C) 2004-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/12496
    titleRHEL 2.1 : cadaver (RHSA-2004:191)
  • NASL familyMandriva Local Security Checks
    NASL idMANDRAKE_MDKSA-2004-049.NASL
    descriptionIt was discovered that in portions of neon, sscanf() is used in an unsafe manner. This will result in an overflow of a static heap variable. The updated packages provide a patched libneon to correct these problems.
    last seen2020-06-01
    modified2020-06-02
    plugin id14148
    published2004-07-31
    reporterThis script is Copyright (C) 2004-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/14148
    titleMandrake Linux Security Advisory : libneon (MDKSA-2004:049)
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-200405-13.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-200405-13 (neon heap-based buffer overflow) Stefan Esser discovered a vulnerability in the code of the neon library : if a malicious date string is passed to the ne_rfc1036_parse() function, it can trigger a string overflow into static heap variables. Impact : Depending on the application linked against libneon and when connected to a malicious WebDAV server, this vulnerability could allow execution of arbitrary code with the rights of the user running that application. Workaround : There is no known workaround at this time. All users are advised to upgrade to the latest available version of neon.
    last seen2020-06-01
    modified2020-06-02
    plugin id14499
    published2004-08-30
    reporterThis script is Copyright (C) 2004-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/14499
    titleGLSA-200405-13 : neon heap-based buffer overflow
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2004-129.NASL
    descriptionStefan Esser discovered a flaw in the neon library which allows a heap buffer overflow in a date parsing routine. An attacker could create a malicious WebDAV server in such a way as to allow arbitrary code execution on the client should a user connect to it using a neon-based application which uses the date parsing routines, such as cadaver. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-0398 to this issue. This update includes packages with a patch for this issue. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id13704
    published2004-07-23
    reporterThis script is Copyright (C) 2004-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/13704
    titleFedora Core 1 : neon-0.24.5-2.1 (2004-129)
  • NASL familyMandriva Local Security Checks
    NASL idMANDRAKE_MDKSA-2004-078.NASL
    descriptionThe OpenOffice.org office suite contains an internal libneon library which allows it to connect to WebDAV servers. This internal library is subject to the same vulnerabilities that were fixed in libneon recently. These updated packages contain fixes to libneon to correct the several format string vulnerabilities in it, as well as a heap-based buffer overflow vulnerability.
    last seen2020-06-01
    modified2020-06-02
    plugin id14176
    published2004-07-31
    reporterThis script is Copyright (C) 2004-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/14176
    titleMandrake Linux Security Advisory : OpenOffice.org (MDKSA-2004:078)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-507.NASL
    descriptionStefan Esser discovered a problem in neon, an HTTP and WebDAV client library, which is also present in cadaver, a command-line client for WebDAV server. User input is copied into variables not large enough for all cases. This can lead to an overflow of a static heap variable.
    last seen2020-06-01
    modified2020-06-02
    plugin id15344
    published2004-09-29
    reporterThis script is Copyright (C) 2004-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/15344
    titleDebian DSA-507-1 : cadaver - buffer overflow
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-506.NASL
    descriptionStefan Esser discovered a problem in neon, an HTTP and WebDAV client library. User input is copied into variables not large enough for all cases. This can lead to an overflow of a static heap variable.
    last seen2020-06-01
    modified2020-06-02
    plugin id15343
    published2004-09-29
    reporterThis script is Copyright (C) 2004-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/15343
    titleDebian DSA-506-1 : neon - buffer overflow
  • NASL familyFreeBSD Local Security Checks
    NASL idFREEBSD_PKG_8D075001A9CE11D89C6D0020ED76EF5A.NASL
    descriptionStefan Esser reports : A vulnerability within a libneon date parsing function could cause a heap overflow which could lead to remote code execution, depending on the application using libneon. The vulnerability is in the function ne_rfc1036_parse, which is in turn used by the function ne_httpdate_parse. Applications using either of these neon functions may be vulnerable.
    last seen2020-06-01
    modified2020-06-02
    plugin id38015
    published2009-04-23
    reporterThis script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/38015
    titleFreeBSD : neon date parsing vulnerability (8d075001-a9ce-11d8-9c6d-0020ed76ef5a)

Redhat

advisories
rhsa
idRHSA-2004:191

References