Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 531
Alerts This Week
Warning Icon 1 531

Gentoo GLSA-200405-13 Normal: Neon Heap-Based Buffer Overflow

gentoo
Calendar Grey May 20, 2004
Scroller Gentoo Esm H88
An important security flaw in the neon framework permits unauthorized remote execution of custom code on Gentoo operating systems.
A vulnerability potentially allowing remote execution of arbitrary code has been discovered in the neon library.

Summary

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Gentoo Linux Security Advisory                           GLSA 200405-13
                                            https://security.gentoo.org/

Severity: Normal Title: neon heap-based buffer overflow Date: May 20, 2004 Bugs: #51490 ID: 200405-13

Synopsis ======= A vulnerability potentially allowing remote execution of arbitrary code has been discovered in the neon library.
Background ========= neon provides an HTTP and WebDAV client library.
Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-misc/neon <= 0.24.5 >= 0.24.6
========== Stefan Esser discovered a vulnerability in the code of the neon library : if a malicious date string is passed to the ne_rfc1036_parse() function, it can trigger a string overflow in...

Read the Full Advisory

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround