CVE-2009-2473 – Expat 2.0.1 - UTF-8 Character XML Parsing Remote Denial of Service
https://notcve.org/view.php?id=CVE-2009-2473
neon before 0.28.6, when expat is used, does not properly detect recursion during entity expansion, which allows context-dependent attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564. neon, en versiones anteriores a la 0.28.6, cuando se usa expat, no detecta adecuadamente la recursividad en la expansión de una entidad, esto permite a atacantes dependientes del contexto provocar una denegación de servicio (consumo de la memoria y CPU), mediante un documento XML manipulado que contiene un gran número de referencias anidadas a entidades, una cuestión similar a CVE-2003-1564. • https://www.exploit-db.com/exploits/10206 http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html http://lists.manyfish.co.uk/pipermail/neon/2009-August/001044.html http://lists.manyfish.co.uk/pipermail/neon/2009-August/001045.html http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html http://rhn.redhat.com/errata/RHSA-2013-0131.html http://secunia.com/advisories/36371 http://support.apple.com/kb/HT4435 http://www.mandriva.com/security • CWE-399: Resource Management Errors •
CVE-2009-2474 – neon: Improper verification of x509v3 certificate with NULL (zero) byte in certain fields
https://notcve.org/view.php?id=CVE-2009-2474
neon before 0.28.6, when OpenSSL or GnuTLS is used, does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408. neon, en versiones anteriores a la 0.28.6, cuando OpenSSL está habilitado, no maneja adecuadamente un caracter '\0' en un nombre de dominio, en el campo Common Name (CN) del asunto de un certificado X.509, lo cual permite a atacacantes hombre-en-el-medio (man-in-the-middle) suplantar servidores SSL a su elección a través de certificados manipulados expedidos por una Autoridad de Certificación (CA) legítima, una cuestión relacionada con CVE-2009-2408. • http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html http://lists.manyfish.co.uk/pipermail/neon/2009-August/001044.html http://lists.manyfish.co.uk/pipermail/neon/2009-August/001046.html http://secunia.com/advisories/36371 http://secunia.com/advisories/36799 http://support.apple.com/kb/HT4435 http://www.mandriva.com/security/advisories?name=MDVSA-2009:221 http://www.securityfocus.com/bid/36079 http://www.ubuntu.com/usn/usn-835-1 http://www.vupen • CWE-326: Inadequate Encryption Strength •
CVE-2008-3746
https://notcve.org/view.php?id=CVE-2008-3746
neon 0.28.0 through 0.28.2 allows remote servers to cause a denial of service (NULL pointer dereference and crash) via vectors related to Digest authentication, Digest domain parameter support, and the parse_domain function. neon versiones 0.28.0 hasta 0.28.2, permite a servidores remotos causar una denegación de servicio (desreferencia del puntero NULL y bloqueo de aplicación) por medio de vectores relacionados con la autenticación de Digest, el soporte del parámetro domain de Digest y la función parse_domain. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=476571 http://lists.manyfish.co.uk/pipermail/neon/2008-August/000038.html http://lists.manyfish.co.uk/pipermail/neon/2008-August/000040.html http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html http://secunia.com/advisories/31508 http://secunia.com/advisories/31687 http://secunia.com/advisories/32286 http://secunia.com/advisories/36799 http://www.mandriva.com/security/advisories?name=MDVSA-2009:074 http://w •
CVE-2004-0398
https://notcve.org/view.php?id=CVE-2004-0398
Heap-based buffer overflow in the ne_rfc1036_parse date parsing function for the neon library (libneon) 0.24.5 and earlier, as used by cadaver before 0.22, allows remote WebDAV servers to execute arbitrary code on the client. Desbordamiento de búfer en la función de proceso de de fecha ne_rfc1036_parse de la librería neon (libneon) 0.24.5 y anteriores, usada en cadaver 0.22 permite a servidores WebDAV ejecutar código arbitrario en el cliente. • http://archives.neohapsis.com/archives/fulldisclosure/2004-05/0982.html http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000841 http://marc.info/?l=bugtraq&m=108498433632333&w=2 http://marc.info/?l=bugtraq&m=108500057108022&w=2 http://secunia.com/advisories/11638 http://secunia.com/advisories/11650 http://secunia.com/advisories/11673 http://security.gentoo.org/glsa/glsa-200405-13.xml http://security.gentoo.org/glsa/glsa-200405-15.xml http://www.ciac.org/ci • CWE-787: Out-of-bounds Write •
CVE-2004-0179 – Neon WebDAV Client Library 0.2x - Format String
https://notcve.org/view.php?id=CVE-2004-0179
Multiple format string vulnerabilities in (1) neon 0.24.4 and earlier, and other products that use neon including (2) Cadaver, (3) Subversion, and (4) OpenOffice, allow remote malicious WebDAV servers to execute arbitrary code. Multiples vulenerabilidades de cadena de formato en (1) neon 0.24.4 y anteriores, y otros productos que usan neon incluyendo (2) Cadaver, (3) Subversion, o (4) OpenOffice, permite a servidores remotos WebDAV maliciosos ejecutar código arbitrario. • https://www.exploit-db.com/exploits/23999 ftp://patches.sgi.com/support/free/security/advisories/20040404-01-U.asc http://lists.suse.com/archive/suse-security-announce/2004-Apr/0002.html http://lists.suse.com/archive/suse-security-announce/2004-Apr/0003.html http://marc.info/?l=bugtraq&m=108213873203477&w=2 http://marc.info/?l=bugtraq&m=108214147022626&w=2 http://secunia.com/advisories/11363 http://security.gentoo.org/glsa/glsa-200405-01.xml http://security.gentoo. • CWE-134: Use of Externally-Controlled Format String •