Gentoo: 200405-15 Normal: Cadaver Heap-Based Buffer Overflow Exploit Risk
gentoo
May 20, 2004
There is a heap-based buffer overflow vulnerability in the neon library used in cadaver, possibly leading to execution of arbitrary code when connected to a malicious server
Summary
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Gentoo Linux Security Advisory GLSA 200405-15
https://security.gentoo.org/
Severity: Normal
Title: cadaver heap-based buffer overflow
Date: May 20, 2004
Bugs: #51461
ID: 200405-15
Synopsis
=======
There is a heap-based buffer overflow vulnerability in the neon library
used in cadaver, possibly leading to execution of arbitrary code when
connected to a malicious server.
Background
=========
cadaver is a command-line WebDAV client.
Affected packages
================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-misc/cadaver <= 0.22.1 >= 0.22.2
==========
Stefan Esser discovered a vulnerability in the code of the neon library
(see GLSA 200405-13). This library is also include...Read the Full Advisory
Topics Covered
Resolution
References
Availability
style>.gentoo_availability{display:block;}
Concerns
PREVIOUS
NEXT
Topics Covered
Background
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Affected Packages
Impact
Workaround
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!