Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for cadaver by webdav

    CVE-2004-0398 (GCVE-0-2004-0398)

    Vulnerability from nvd – Published: 2004-05-20 04:00 – Updated: 2024-08-08 00:17
    VLAI
    Summary
    Heap-based buffer overflow in the ne_rfc1036_parse date parsing function for the neon library (libneon) 0.24.5 and earlier, as used by cadaver before 0.22, allows remote WebDAV servers to execute arbitrary code on the client.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://secunia.com/advisories/11638 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/11673 third-party-advisoryx_refsource_SECUNIA
    http://www.osvdb.org/6302 vdb-entryx_refsource_OSVDB
    http://archives.neohapsis.com/archives/fulldisclo… mailing-listx_refsource_FULLDISC
    http://secunia.com/advisories/11650 third-party-advisoryx_refsource_SECUNIA
    http://marc.info/?l=bugtraq&m=108500057108022&w=2 mailing-listx_refsource_BUGTRAQ
    http://security.gentoo.org/glsa/glsa-200405-13.xml vendor-advisoryx_refsource_GENTOO
    http://www.ciac.org/ciac/bulletins/o-148.shtml third-party-advisorygovernment-resourcex_refsource_CIAC
    http://security.gentoo.org/glsa/glsa-200405-15.xml vendor-advisoryx_refsource_GENTOO
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRAKE
    http://www.securityfocus.com/bid/10385 vdb-entryx_refsource_BID
    http://www.debian.org/security/2004/dsa-506 vendor-advisoryx_refsource_DEBIAN
    https://bugzilla.fedora.us/show_bug.cgi?id=1552 vendor-advisoryx_refsource_FEDORA
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.debian.org/security/2004/dsa-507 vendor-advisoryx_refsource_DEBIAN
    http://distro.conectiva.com.br/atualizacoes/?id=a… vendor-advisoryx_refsource_CONECTIVA
    http://marc.info/?l=bugtraq&m=108498433632333&w=2 mailing-listx_refsource_BUGTRAQ
    http://www.redhat.com/support/errata/RHSA-2004-191.html vendor-advisoryx_refsource_REDHAT
    Date Public
    2004-05-19 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T00:17:14.623Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "11638",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/11638"
              },
              {
                "name": "11673",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/11673"
              },
              {
                "name": "6302",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/6302"
              },
              {
                "name": "20040519 Advisory 06/2004: libneon date parsing vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-05/0982.html"
              },
              {
                "name": "11650",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/11650"
              },
              {
                "name": "20040519 [OpenPKG-SA-2004.024] OpenPKG Security Advisory (neon)",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=108500057108022\u0026w=2"
              },
              {
                "name": "GLSA-200405-13",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-200405-13.xml"
              },
              {
                "name": "O-148",
                "tags": [
                  "third-party-advisory",
                  "government-resource",
                  "x_refsource_CIAC",
                  "x_transferred"
                ],
                "url": "http://www.ciac.org/ciac/bulletins/o-148.shtml"
              },
              {
                "name": "GLSA-200405-15",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-200405-15.xml"
              },
              {
                "name": "MDKSA-2004:049",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRAKE",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:049"
              },
              {
                "name": "10385",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/10385"
              },
              {
                "name": "DSA-506",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2004/dsa-506"
              },
              {
                "name": "FEDORA-2004-1552",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://bugzilla.fedora.us/show_bug.cgi?id=1552"
              },
              {
                "name": "neon-library-nerfc1036parse-bo(16192)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16192"
              },
              {
                "name": "DSA-507",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2004/dsa-507"
              },
              {
                "name": "CLA-2004:841",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CONECTIVA",
                  "x_transferred"
                ],
                "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000841"
              },
              {
                "name": "20040519 Advisory 06/2004: libneon date parsing vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=108498433632333\u0026w=2"
              },
              {
                "name": "RHSA-2004:191",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2004-191.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2004-05-19T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Heap-based buffer overflow in the ne_rfc1036_parse date parsing function for the neon library (libneon) 0.24.5 and earlier, as used by cadaver before 0.22, allows remote WebDAV servers to execute arbitrary code on the client."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-10T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "11638",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/11638"
            },
            {
              "name": "11673",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/11673"
            },
            {
              "name": "6302",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/6302"
            },
            {
              "name": "20040519 Advisory 06/2004: libneon date parsing vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-05/0982.html"
            },
            {
              "name": "11650",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/11650"
            },
            {
              "name": "20040519 [OpenPKG-SA-2004.024] OpenPKG Security Advisory (neon)",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=108500057108022\u0026w=2"
            },
            {
              "name": "GLSA-200405-13",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-200405-13.xml"
            },
            {
              "name": "O-148",
              "tags": [
                "third-party-advisory",
                "government-resource",
                "x_refsource_CIAC"
              ],
              "url": "http://www.ciac.org/ciac/bulletins/o-148.shtml"
            },
            {
              "name": "GLSA-200405-15",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-200405-15.xml"
            },
            {
              "name": "MDKSA-2004:049",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRAKE"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:049"
            },
            {
              "name": "10385",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/10385"
            },
            {
              "name": "DSA-506",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2004/dsa-506"
            },
            {
              "name": "FEDORA-2004-1552",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://bugzilla.fedora.us/show_bug.cgi?id=1552"
            },
            {
              "name": "neon-library-nerfc1036parse-bo(16192)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16192"
            },
            {
              "name": "DSA-507",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2004/dsa-507"
            },
            {
              "name": "CLA-2004:841",
              "tags": [
                "vendor-advisory",
                "x_refsource_CONECTIVA"
              ],
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000841"
            },
            {
              "name": "20040519 Advisory 06/2004: libneon date parsing vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=108498433632333\u0026w=2"
            },
            {
              "name": "RHSA-2004:191",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2004-191.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2004-0398",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Heap-based buffer overflow in the ne_rfc1036_parse date parsing function for the neon library (libneon) 0.24.5 and earlier, as used by cadaver before 0.22, allows remote WebDAV servers to execute arbitrary code on the client."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "11638",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/11638"
                },
                {
                  "name": "11673",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/11673"
                },
                {
                  "name": "6302",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/6302"
                },
                {
                  "name": "20040519 Advisory 06/2004: libneon date parsing vulnerability",
                  "refsource": "FULLDISC",
                  "url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-05/0982.html"
                },
                {
                  "name": "11650",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/11650"
                },
                {
                  "name": "20040519 [OpenPKG-SA-2004.024] OpenPKG Security Advisory (neon)",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=108500057108022\u0026w=2"
                },
                {
                  "name": "GLSA-200405-13",
                  "refsource": "GENTOO",
                  "url": "http://security.gentoo.org/glsa/glsa-200405-13.xml"
                },
                {
                  "name": "O-148",
                  "refsource": "CIAC",
                  "url": "http://www.ciac.org/ciac/bulletins/o-148.shtml"
                },
                {
                  "name": "GLSA-200405-15",
                  "refsource": "GENTOO",
                  "url": "http://security.gentoo.org/glsa/glsa-200405-15.xml"
                },
                {
                  "name": "MDKSA-2004:049",
                  "refsource": "MANDRAKE",
                  "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:049"
                },
                {
                  "name": "10385",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/10385"
                },
                {
                  "name": "DSA-506",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2004/dsa-506"
                },
                {
                  "name": "FEDORA-2004-1552",
                  "refsource": "FEDORA",
                  "url": "https://bugzilla.fedora.us/show_bug.cgi?id=1552"
                },
                {
                  "name": "neon-library-nerfc1036parse-bo(16192)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16192"
                },
                {
                  "name": "DSA-507",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2004/dsa-507"
                },
                {
                  "name": "CLA-2004:841",
                  "refsource": "CONECTIVA",
                  "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000841"
                },
                {
                  "name": "20040519 Advisory 06/2004: libneon date parsing vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=108498433632333\u0026w=2"
                },
                {
                  "name": "RHSA-2004:191",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2004-191.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2004-0398",
        "datePublished": "2004-05-20T04:00:00.000Z",
        "dateReserved": "2004-04-13T00:00:00.000Z",
        "dateUpdated": "2024-08-08T00:17:14.623Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2004-0398 (GCVE-0-2004-0398)

    Vulnerability from cvelistv5 – Published: 2004-05-20 04:00 – Updated: 2024-08-08 00:17
    VLAI
    Summary
    Heap-based buffer overflow in the ne_rfc1036_parse date parsing function for the neon library (libneon) 0.24.5 and earlier, as used by cadaver before 0.22, allows remote WebDAV servers to execute arbitrary code on the client.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://secunia.com/advisories/11638 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/11673 third-party-advisoryx_refsource_SECUNIA
    http://www.osvdb.org/6302 vdb-entryx_refsource_OSVDB
    http://archives.neohapsis.com/archives/fulldisclo… mailing-listx_refsource_FULLDISC
    http://secunia.com/advisories/11650 third-party-advisoryx_refsource_SECUNIA
    http://marc.info/?l=bugtraq&m=108500057108022&w=2 mailing-listx_refsource_BUGTRAQ
    http://security.gentoo.org/glsa/glsa-200405-13.xml vendor-advisoryx_refsource_GENTOO
    http://www.ciac.org/ciac/bulletins/o-148.shtml third-party-advisorygovernment-resourcex_refsource_CIAC
    http://security.gentoo.org/glsa/glsa-200405-15.xml vendor-advisoryx_refsource_GENTOO
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRAKE
    http://www.securityfocus.com/bid/10385 vdb-entryx_refsource_BID
    http://www.debian.org/security/2004/dsa-506 vendor-advisoryx_refsource_DEBIAN
    https://bugzilla.fedora.us/show_bug.cgi?id=1552 vendor-advisoryx_refsource_FEDORA
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.debian.org/security/2004/dsa-507 vendor-advisoryx_refsource_DEBIAN
    http://distro.conectiva.com.br/atualizacoes/?id=a… vendor-advisoryx_refsource_CONECTIVA
    http://marc.info/?l=bugtraq&m=108498433632333&w=2 mailing-listx_refsource_BUGTRAQ
    http://www.redhat.com/support/errata/RHSA-2004-191.html vendor-advisoryx_refsource_REDHAT
    Date Public
    2004-05-19 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T00:17:14.623Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "11638",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/11638"
              },
              {
                "name": "11673",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/11673"
              },
              {
                "name": "6302",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/6302"
              },
              {
                "name": "20040519 Advisory 06/2004: libneon date parsing vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-05/0982.html"
              },
              {
                "name": "11650",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/11650"
              },
              {
                "name": "20040519 [OpenPKG-SA-2004.024] OpenPKG Security Advisory (neon)",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=108500057108022\u0026w=2"
              },
              {
                "name": "GLSA-200405-13",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-200405-13.xml"
              },
              {
                "name": "O-148",
                "tags": [
                  "third-party-advisory",
                  "government-resource",
                  "x_refsource_CIAC",
                  "x_transferred"
                ],
                "url": "http://www.ciac.org/ciac/bulletins/o-148.shtml"
              },
              {
                "name": "GLSA-200405-15",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-200405-15.xml"
              },
              {
                "name": "MDKSA-2004:049",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRAKE",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:049"
              },
              {
                "name": "10385",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/10385"
              },
              {
                "name": "DSA-506",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2004/dsa-506"
              },
              {
                "name": "FEDORA-2004-1552",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://bugzilla.fedora.us/show_bug.cgi?id=1552"
              },
              {
                "name": "neon-library-nerfc1036parse-bo(16192)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16192"
              },
              {
                "name": "DSA-507",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2004/dsa-507"
              },
              {
                "name": "CLA-2004:841",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CONECTIVA",
                  "x_transferred"
                ],
                "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000841"
              },
              {
                "name": "20040519 Advisory 06/2004: libneon date parsing vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=108498433632333\u0026w=2"
              },
              {
                "name": "RHSA-2004:191",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2004-191.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2004-05-19T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Heap-based buffer overflow in the ne_rfc1036_parse date parsing function for the neon library (libneon) 0.24.5 and earlier, as used by cadaver before 0.22, allows remote WebDAV servers to execute arbitrary code on the client."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-10T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "11638",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/11638"
            },
            {
              "name": "11673",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/11673"
            },
            {
              "name": "6302",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/6302"
            },
            {
              "name": "20040519 Advisory 06/2004: libneon date parsing vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-05/0982.html"
            },
            {
              "name": "11650",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/11650"
            },
            {
              "name": "20040519 [OpenPKG-SA-2004.024] OpenPKG Security Advisory (neon)",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=108500057108022\u0026w=2"
            },
            {
              "name": "GLSA-200405-13",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-200405-13.xml"
            },
            {
              "name": "O-148",
              "tags": [
                "third-party-advisory",
                "government-resource",
                "x_refsource_CIAC"
              ],
              "url": "http://www.ciac.org/ciac/bulletins/o-148.shtml"
            },
            {
              "name": "GLSA-200405-15",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-200405-15.xml"
            },
            {
              "name": "MDKSA-2004:049",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRAKE"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:049"
            },
            {
              "name": "10385",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/10385"
            },
            {
              "name": "DSA-506",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2004/dsa-506"
            },
            {
              "name": "FEDORA-2004-1552",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://bugzilla.fedora.us/show_bug.cgi?id=1552"
            },
            {
              "name": "neon-library-nerfc1036parse-bo(16192)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16192"
            },
            {
              "name": "DSA-507",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2004/dsa-507"
            },
            {
              "name": "CLA-2004:841",
              "tags": [
                "vendor-advisory",
                "x_refsource_CONECTIVA"
              ],
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000841"
            },
            {
              "name": "20040519 Advisory 06/2004: libneon date parsing vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=108498433632333\u0026w=2"
            },
            {
              "name": "RHSA-2004:191",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2004-191.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2004-0398",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Heap-based buffer overflow in the ne_rfc1036_parse date parsing function for the neon library (libneon) 0.24.5 and earlier, as used by cadaver before 0.22, allows remote WebDAV servers to execute arbitrary code on the client."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "11638",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/11638"
                },
                {
                  "name": "11673",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/11673"
                },
                {
                  "name": "6302",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/6302"
                },
                {
                  "name": "20040519 Advisory 06/2004: libneon date parsing vulnerability",
                  "refsource": "FULLDISC",
                  "url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-05/0982.html"
                },
                {
                  "name": "11650",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/11650"
                },
                {
                  "name": "20040519 [OpenPKG-SA-2004.024] OpenPKG Security Advisory (neon)",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=108500057108022\u0026w=2"
                },
                {
                  "name": "GLSA-200405-13",
                  "refsource": "GENTOO",
                  "url": "http://security.gentoo.org/glsa/glsa-200405-13.xml"
                },
                {
                  "name": "O-148",
                  "refsource": "CIAC",
                  "url": "http://www.ciac.org/ciac/bulletins/o-148.shtml"
                },
                {
                  "name": "GLSA-200405-15",
                  "refsource": "GENTOO",
                  "url": "http://security.gentoo.org/glsa/glsa-200405-15.xml"
                },
                {
                  "name": "MDKSA-2004:049",
                  "refsource": "MANDRAKE",
                  "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:049"
                },
                {
                  "name": "10385",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/10385"
                },
                {
                  "name": "DSA-506",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2004/dsa-506"
                },
                {
                  "name": "FEDORA-2004-1552",
                  "refsource": "FEDORA",
                  "url": "https://bugzilla.fedora.us/show_bug.cgi?id=1552"
                },
                {
                  "name": "neon-library-nerfc1036parse-bo(16192)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16192"
                },
                {
                  "name": "DSA-507",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2004/dsa-507"
                },
                {
                  "name": "CLA-2004:841",
                  "refsource": "CONECTIVA",
                  "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000841"
                },
                {
                  "name": "20040519 Advisory 06/2004: libneon date parsing vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=108498433632333\u0026w=2"
                },
                {
                  "name": "RHSA-2004:191",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2004-191.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2004-0398",
        "datePublished": "2004-05-20T04:00:00.000Z",
        "dateReserved": "2004-04-13T00:00:00.000Z",
        "dateUpdated": "2024-08-08T00:17:14.623Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }