CVE-2004-0398
cadaver < 0.22.0 - Remote Code Execution via ne_rfc1036_parse Date Parsing
Title source: llmDescription
Heap-based buffer overflow in the ne_rfc1036_parse date parsing function for the neon library (libneon) 0.24.5 and earlier, as used by cadaver before 0.22, allows remote WebDAV servers to execute arbitrary code on the client.
References (18)
Core 18
Core References
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/11638
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/11673
Broken Link vdb-entry
x_refsource_osvdb
http://www.osvdb.org/6302
Broken Link mailing-list
x_refsource_fulldisc
http://archives.neohapsis.com/archives/fulldisclosure/2004-05/0982.html
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/11650
Third Party Advisory mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=108500057108022&w=2
Third Party Advisory vendor-advisory
x_refsource_gentoo
http://security.gentoo.org/glsa/glsa-200405-13.xml
Broken Link third-party-advisory
government-resource
x_refsource_ciac
http://www.ciac.org/ciac/bulletins/o-148.shtml
Third Party Advisory vendor-advisory
x_refsource_gentoo
http://security.gentoo.org/glsa/glsa-200405-15.xml
Third Party Advisory vendor-advisory
x_refsource_mandrake
http://www.mandriva.com/security/advisories?name=MDKSA-2004:049
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/10385
Third Party Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2004/dsa-506
Broken Link vendor-advisory
x_refsource_fedora
https://bugzilla.fedora.us/show_bug.cgi?id=1552
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/16192
Third Party Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2004/dsa-507
Broken Link vendor-advisory
x_refsource_conectiva
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000841
Third Party Advisory mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=108498433632333&w=2
Third Party Advisory vendor-advisory
x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2004-191.html
Scores
EPSS
0.0502
EPSS Percentile
91.3%
Details
CWE
CWE-787
Status
published
Products (3)
debian/debian_linux
3.0
webdav/cadaver
< 0.22.0
webdav/neon
< 0.24.5
Published
Jul 07, 2004
Tracked Since
Feb 18, 2026