Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 580
Alerts This Week
Warning Icon 1 580

Gentoo: 200405-15 Normal: Cadaver Heap-Based Buffer Overflow Exploit Risk

gentoo
Calendar Grey May 20, 2004
Dist Gentoo Esm H88
A critical buffer overflow vulnerability in Cadaver could allow unauthorized code execution. Users must update their systems immediately to maintain security
There is a heap-based buffer overflow vulnerability in the neon library used in cadaver, possibly leading to execution of arbitrary code when connected to a malicious server

Summary

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Gentoo Linux Security Advisory                           GLSA 200405-15
                                            https://security.gentoo.org/

Severity: Normal Title: cadaver heap-based buffer overflow Date: May 20, 2004 Bugs: #51461 ID: 200405-15

Synopsis ======= There is a heap-based buffer overflow vulnerability in the neon library used in cadaver, possibly leading to execution of arbitrary code when connected to a malicious server.
Background ========= cadaver is a command-line WebDAV client.
Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-misc/cadaver <= 0.22.1 >= 0.22.2
========== Stefan Esser discovered a vulnerability in the code of the neon library (see GLSA 200405-13). This library is also include...

Read the Full Advisory

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround