CVE-2004-0179

Webdav Neon < 0.24.5 - Format String Vulnerability

Title source: rule

Description

Multiple format string vulnerabilities in (1) neon 0.24.4 and earlier, and other products that use neon including (2) Cadaver, (3) Subversion, and (4) OpenOffice, allow remote malicious WebDAV servers to execute arbitrary code.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Thomas Wana · textdoslinux

https://www.exploit-db.com/exploits/23999

View Code ZIP pw:eip

References (19)

Core 19

Core References

Broken Link vdb-entry x_refsource_osvdb

http://www.osvdb.org/5365

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/10136

Third Party Advisory vendor-advisory x_refsource_gentoo

http://security.gentoo.org/glsa/glsa-200405-04.xml

Third Party Advisory vendor-advisory x_refsource_redhat

http://www.redhat.com/support/errata/RHSA-2004-157.html

Issue Tracking, Third Party Advisory mailing-list x_refsource_bugtraq

http://marc.info/?l=bugtraq&m=108213873203477&w=2

Third Party Advisory vendor-advisory x_refsource_gentoo

http://security.gentoo.org/glsa/glsa-200405-01.xml

Third Party Advisory vendor-advisory x_refsource_redhat

http://www.redhat.com/support/errata/RHSA-2004-160.html

Third Party Advisory vendor-advisory x_refsource_mandrake

http://www.mandriva.com/security/advisories?name=MDKSA-2004:032

Third Party Advisory vendor-advisory x_refsource_debian

http://www.debian.org/security/2004/dsa-487

Third Party Advisory vdb-entry signature x_refsource_oval

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1065

Third Party Advisory vdb-entry signature x_refsource_oval

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10913

Broken Link vendor-advisory x_refsource_suse

http://lists.suse.com/archive/suse-security-announce/2004-Apr/0002.html

Broken Link vendor-advisory x_refsource_sgi

ftp://patches.sgi.com/support/free/security/advisories/20040404-01-U.asc

Third Party Advisory vendor-advisory x_refsource_redhat

http://www.redhat.com/support/errata/RHSA-2004-158.html

Third Party Advisory vendor-advisory x_refsource_redhat

http://www.redhat.com/support/errata/RHSA-2004-159.html

Issue Tracking, Third Party Advisory mailing-list x_refsource_bugtraq

http://marc.info/?l=bugtraq&m=108214147022626&w=2

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/11363

Broken Link vendor-advisory x_refsource_suse

http://lists.suse.com/archive/suse-security-announce/2004-Apr/0003.html

Broken Link vendor-advisory x_refsource_fedora

https://bugzilla.fedora.us/show_bug.cgi?id=1552

Scores

EPSS 0.0814

EPSS Percentile 92.2%

Details

CWE

CWE-134

Status published

Products (2)

debian/debian_linux 3.0

webdav/neon 0.19.0 - 0.24.5

Published Jun 01, 2004

Tracked Since Feb 18, 2026