Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 0 articles for you...
200
security advisorymoderatedenial of serviceScientific Linux: Moderate Neon Security Update for DoS and MITM Issues
Moderate: neon security update. Date: Tue, 22 Sep 2009 14:25:14 -0500 Reply-To: Troy Dawson Sender: Security Errata for Scientific Linux From: Troy Dawson Subject: Security ERRATA Moderate: neon on SL4.x, SL5.x i386/x86_64 Comments: To: "
Sep 22, 2009
•Important
Scientific Linux
172
security advisoryremote exploitUbuntuUbuntu 8.04 LTS: USN-835-1 High: Neon Man-In-The-Middle Attack
Joe Orton discovered that neon did not correctly handle SSL certificateswith zero bytes in the Common Name. A remote attacker could exploit thisto perform a man in the middle attack to view sensitive information oralter encrypted communications. [More...]. ==========================================================Ubuntu Security Notice USN-835-1 September 21, 2009 neon, neon27 vulnerabilities CVE-2008-3746, CVE-2009-2474 ========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 8.04 LTS Ubuntu 8.10 Ubuntu 9.04 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: libneon25 0.25.5.dfsg-5ubuntu0.1 Ubuntu 8.04 LTS: libneon27 0.27.2-1ubuntu0.1 libneon27-gnutls 0.27.2-1ubuntu0.1 Ubuntu 8.10: libneon27 0.28.2-2ubuntu0.1 libneon27-gnutls 0.28.2-2ubuntu0.1 Ubuntu 9.04: libneon27 0.28.2-6.1ubuntu0.1 libneon27-gnutls 0.28.2-6.1ubuntu0.1 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: Joe Orton discovered that neon did not correctly handle SSL certificates with zero bytes in the Common Name. A remote attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications. Updated packages for Ubuntu 6.06 LTS: Source archives: Size/MD5: 21241 816587e0cf93ab4a4b83facb7768962f Size/MD5: 789 883a571edfb6ca2f265b6cc830b92cec Size/MD5: 633438 32ed43bea8568f8f592266c6ff6acf0f amd64 architecture (Athlon64, Opteron, EM64T Xeon): Size/MD5: 150072 8fe35489f1bf3c0d9dc029c737a3b400 Size/MD5: 139964 1fc960e8c8d23498f73651158c5fed88 Size/MD5: 105972718aab24299009494603f217d680343e i386 architecture (x86 compatible Intel/AMD): Size/MD5: 129460 850a2dcae6650b6cd360d8fd5e260306 Size/MD5: 127282 b29d4d5725a2b166a65317b39d927a2d Size/MD5: 98742 d925ff133a28cd973197e22b2e0d18e4 powerpc architecture (Apple Macintosh G3/G4/G5): Size/MD5: 149668 037f23da1f9566622a018632fe610c2d Size/MD5: 139344 f1fe92c7c7f59ca0968a1bb87d585717 Size/MD5: 102650 38eff65b3cb36fdf18b1a9c508ebbd56 sparc architecture (Sun SPARC/UltraSPARC): Size/MD5: 131338 e204e6cb89e1bf96d3367c3bbf1487c1 Size/MD5: 133516 213211b48418ed7388bb9235130efa9a Size/MD5: 101588 3cb88debbc07258d7ee434b32262128e Updated packages for Ubuntu 8.04 LTS: Source archives: Size/MD5: 20712 20939a5349b3b1d57c6ce3660e362f42 Size/MD5: 939 a8ad0b6b6c520828fd7d00749897f26a Size/MD5: 812750 24d434a4d5d4b6ce8f076039688f60ce amd64 architecture (Athlon64, Opteron, EM64T Xeon): Size/MD5: 176652 ed7021e0f6b21df0851aab43e6c008d3 Size/MD5: 402820 9f302f4e9031233a43d49b636706e13f Size/MD5: 157874 ff25752134f938896a7b146169ddee49 Size/MD5: 376918 2615e14d72ec90aa8b42cf6ca0b379b2 Size/MD5: 108292 2539874993245e5a3e34fbc6ecf29fda Size/MD5: 133262 70d032dcdcac2b62d0279504990f5d3e i386 architecture (x86 compatible Intel/AMD): Size/MD5: 170324 916695eae648a04716d6decd5afd454e Size/MD5: 369116 6a079f855afcbf62debaec5b6d924d78 Size/MD5: 151426 654b963a71dcb4e96e4f37bf858a498f Size/MD5: 344216 42923c3cd16536839d33e91391afe58a Size/MD5: 103146 85cbd67c28eed802c146f49266986793 Size/MD5: 127926 99fa358256515f29eab2057538cf3ee1 lpia architecture (Low Power Intel Architecture): Size/MD5: 172252 eab88350f2284d5f9d74f8788555fc81 Size/MD5: 371158 8e97b2cc49f5213f127848b9bf760324 Size/MD5: 153228191f3882e96d175eb9f58df4db377cdd Size/MD5: 345646 026e6d7570cfcd8452aabc1aa4e430c5 Size/MD5: 102114 96bc6e6b22ca0c87c4542d447ef87f6c Size/MD5: 127030 4e55fd691c2349280efceb57448dba6a powerpc architecture (Apple Macintosh G3/G4/G5): Size/MD5: 176704 c5cb99ca83490774d54ca181d537ead2 Size/MD5: 421734 a1465902d5fce2a81631971b3e7158a7 Size/MD5: 157946 a983b5baf576d1f065176ba12166cc19 Size/MD5: 391658 4a9785df166703eb6fa7c8132a98a3b1 Size/MD5: 110220 d885beccb5d7db7aace902b39ebd2cb5 Size/MD5: 134874 bdc0bd129db2bc565b514a86eff5aaef sparc architecture (Sun SPARC/UltraSPARC): Size/MD5: 162998 ff3ed6431bffadfc57c3f8a9d4cac74e Size/MD5: 371204 fced2fe9f2cc105203c9fe518408c12c Size/MD5: 144480 5d79c57d41605ab64dd46500e42e0843 Size/MD5: 343442 94b1d72e42b52c2164168f8d377773e8 Size/MD5: 103374 8c77263ab7d6181405005208022a1b06 Size/MD5: 128486 e272c8dddd67ce4d87afbd4c90fedffa Updated packages for Ubuntu 8.10: Source archives: Size/MD5: 23815 6f6b1e6ada9a523896127613b1f2a217 Size/MD5: 1379 7ea5e427b97085cc7511afcdcedf857d Size/MD5: 797944 b99b3f44e8507ae2d17362f1b34aaf02 amd64 architecture (Athlon64, Opteron, EM64T Xeon): Size/MD5: 191520 f6ab3ecad18b6cd3d05e2751ffa7a5a9 Size/MD5: 428176 5830845f7612a0dba4efbe2a8021e4c4 Size/MD5: 172890 97942efd1db0a758e97bcdf37f0d8f76 Size/MD5: 402762 892c4c6fb330a202e7c3bb6202bb0a02 Size/MD5: 119264 d313c4dc3a6b379fbe4e2f973b5947e6 Size/MD5: 144902 7d580f2550b264fada435ec7597a5742 i386 architecture (x86 compatible Intel/AMD): Size/MD5: 184370 3d50415bf133d4dfe276dfc03e71e020 Size/MD5: 393130 29bd3b6e83c131e6900c031805ba34fa Size/MD5: 166050 f65eddb05aa5d975a7e122c84d7b7845 Size/MD5: 368212 eb7020e74a0311d2104976e1772b641a Size/MD5: 114122 035e3b754e87e0cf46a8ec136caaa026 Size/MD5: 139584 cfc9ceb5dcc52610fde529ffe5604da7 lpia architecture (Low Power Intel Architecture): Size/MD5: 185900 17a1d4d1f1ab9708aa18e034fb7b29e1 Size/MD5: 394742 24f17a926e8a8c17b0273dab1c24a70e Size/MD5: 167492 2c73ae4810ba0742f849803620595c74 Size/MD5: 370226 f7ff770cfcfd9a624db80a2c8100e436 Size/MD5: 113006 4e7446c38f409381e44fa3348d9cf16d Size/MD5: 138624 a2de6a9c1ec02a3970f01052caccef64 powerpc architecture (Apple Macintosh G3/G4/G5): Size/MD5: 191006 d2ae675e1836a76db2974ca4bb10a6d2 Size/MD5: 445778 75977229ba9371115dd80bd77b078230 Size/MD5: 173002 265636356f24a9fea8be60ca92938b37 Size/MD5: 415936 5f87a783c030a936ce9535a06f627785 Size/MD5: 120452 c543de922280e517454db6bdef402cde Size/MD5: 145836 cc66be766fd9275d137edd4ec11ed625 sparc architecture (Sun SPARC/UltraSPARC): Size/MD5: 175622 3ba09f3066863bdf0520c2a8f8eb45ac Size/MD5: 392552 359ede258a11a7d17457e24a98986775 Size/MD5: 156452 0ffb01d9c0bbfe97fe114af0d331fd3e Size/MD5: 365460 79920f83cac355effe18b7bdc872c634 Size/MD5: 113430 f603e40fb8ec979f617a3d45b4bf5ce0 Size/MD5: 139032 0ec4017b6acb3ef39f2a6f6d2447844b Updated packages for Ubuntu 9.04: Source archives: Size/MD5: 24132 da9be21a19b61748eda43f41a1aca91c Size/MD5: 1411 bae9926bff7220064db056ba7ce726f9 Size/MD5: 797944 b99b3f44e8507ae2d17362f1b34aaf02 amd64 architecture (Athlon64, Opteron, EM64T Xeon): Size/MD5: 51354 8617736f3540ceb2c7fdd1b2a54d3dda Size/MD5: 191964 1dd150f8babcfce047b839607bcac0f7 Size/MD5: 428610 00f874c335002728e868f365db185b04 Size/MD5: 173350 71cfa13feebdde24f2332a5bd0e73c0c Size/MD5: 403366 a4e0c48c548fef1014e604e59c15b027 Size/MD5: 11968452876e4cecf3b1ec6d8192eea3da2778 Size/MD5: 145328 3b6f9fe274456465097f4f41ac265e13 i386 architecture (x86 compatible Intel/AMD): Size/MD5: 51354 93dde95d793a6ce061cb3af2db75a271 Size/MD5: 184882 8000f55c371f25d1ee87f91f9ca7f364 Size/MD5: 393574 b5ed91f1b2cc9306b482cd936cc5c78c Size/MD5: 166604 b21c479d09f7e88e0510c12190d87296 Size/MD5: 368756 ee65f90a0496ed8128526a338ffd7fe7 Size/MD5: 114522 96bc36544b43d5e65727725e85b75ff0 Size/MD5: 140030 267bdfbc9b9784baf73857798a99967d lpia architecture (Low Power Intel Architecture): Size/MD5: 51352 97c0f618e1a8da22999f9904f78c573d Size/MD5: 186410 5e20424a69ce45d3a66db001e5efb2dc Size/MD5: 395242 372ebcd1dd210f2d5c136e9129b08ace Size/MD5: 168082 cbe9aede94ebf50f2ba0ff571429efc8 Size/MD5: 370768 b9f57bf4900fa9ffe18a07fd71da3b8a Size/MD5: 113406 1846871ab639b8a0bc919a65c1d09e6e Size/MD5: 139088 66b63223d36d97786e6174173d267dcb powerpc architecture (Apple Macintosh G3/G4/G5): Size/MD5: 51354 07ee535da3df9885366f770800bd6598 Size/MD5: 191494 e7843d2987691be6246d6d1041dc4ca6 Size/MD5: 446240 b47ea0b823d1118a71591e83cbe0eb48 Size/MD5: 173578 a295423d33a38e5420988e1dac86e9b4 Size/MD5: 416384 5ea6c1bdb3c729500216f4deedad8dfc Size/MD5: 120876 68ec1ef141c84bcad4ac4f84c547db17 Size/MD5: 146292 0984c79035eb76183dc9be0b79cbd721 sparc architecture (Sun SPARC/UltraSPARC): Size/MD5: 51354 2024b1b2d5b26aef5fb0572e2daa8359 Size/MD5: 176196 4913aebd8db013e216c5e15fa4484ea9 Size/MD5: 393056 318c10bfa9e933e6b899608b48e1f8ce Size/MD5: 156960 a3f9117577059313afe62e30ae9ca3d4 Size/MD5: 365968 45a35f598143a009cd432e1c5f146f36 Size/MD5: 113806 ed7d45494f5bc5749abef18218b5c697 Size/MD5: 139408 a5248c13c20456a323f932f8cd32b04c . Criticalneon vulnerabilities exposed through SSL handling require attention to prevent man-in-the-middle attacks. Fix promptly.. ubuntu vulnerabilities, neon threat, man-in-the-middle, ssl exploit. . Severity: Important. LinuxSecurity.com Team
Sep 21, 2009
•Important
Ubuntu
98
security advisoryDoS attackRed Hat Enterprise LinuxRed Hat Enterprise Linux: RHSA-2009-1452-01 Moderate: DoS and Cert Issues
Updated neon packages that fix two security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team.. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: neon security update Advisory ID: RHSA-2009:1452-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2009:1452.html Issue date: 2009-09-21 CVE Names: CVE-2009-2473 CVE-2009-2474 ==================================================================== 1. Summary: Updated neon packages that fix two security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 3. Description: neon is an HTTP and WebDAV client library, with a C interface. It provides a high-level interface to HTTP and WebDAV methods along with a low-level interface for HTTP request handling. neon supports persistent connections, proxy servers, basic, digest and Kerberos authentication, and has complete SSL support. It was discovered that neon is affected by the previously published "null prefix attack", caused by incorrect handling of NULL characters in X.509 certificates. If an attacker is able to get a carefully-crafted certificate signed by a trusted Certificate Authority, the attacker could usethe certificate during a man-in-the-middle attack and potentially confuse an application using the neon library into accepting it by mistake. (CVE-2009-2474) A denial of service flaw was found in the neon Extensible Markup Language (XML) parser. A remote attacker (malicious DAV server) could provide a specially-crafted XML document that would cause excessive memory and CPU consumption if an application using the neon XML parser was tricked into processing it. (CVE-2009-2473) All neon users should upgrade to these updated packages, which contain backported patches to correct these issues. Applications using the neon HTTP and WebDAV client library, such as cadaver, must be restarted for this update to take effect. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at 5. Bugs fixed (http://bugzilla.redhat.com/): 518215 - CVE-2009-2473 neon, gnome-vfs2 embedded neon: billion laughs DoS attack 518223 - CVE-2009-2474 neon: Improper verification of x509v3 certificate with NULL (zero) byte in certain fields 6. Package List: Red Hat Enterprise Linux AS version4: Source: i386: neon-0.24.7-4.el4_8.2.i386.rpm neon-debuginfo-0.24.7-4.el4_8.2.i386.rpm neon-devel-0.24.7-4.el4_8.2.i386.rpm ia64: neon-0.24.7-4.el4_8.2.i386.rpm neon-0.24.7-4.el4_8.2.ia64.rpm neon-debuginfo-0.24.7-4.el4_8.2.i386.rpm neon-debuginfo-0.24.7-4.el4_8.2.ia64.rpm neon-devel-0.24.7-4.el4_8.2.ia64.rpm ppc: neon-0.24.7-4.el4_8.2.ppc.rpm neon-0.24.7-4.el4_8.2.ppc64.rpm neon-debuginfo-0.24.7-4.el4_8.2.ppc.rpm neon-debuginfo-0.24.7-4.el4_8.2.ppc64.rpm neon-devel-0.24.7-4.el4_8.2.ppc.rpm s390: neon-0.24.7-4.el4_8.2.s390.rpm neon-debuginfo-0.24.7-4.el4_8.2.s390.rpm neon-devel-0.24.7-4.el4_8.2.s390.rpm s390x: neon-0.24.7-4.el4_8.2.s390.rpm neon-0.24.7-4.el4_8.2.s390x.rpm neon-debuginfo-0.24.7-4.el4_8.2.s390.rpm neon-debuginfo-0.24.7-4.el4_8.2.s390x.rpm neon-devel-0.24.7-4.el4_8.2.s390x.rpm x86_64: neon-0.24.7-4.el4_8.2.i386.rpm neon-0.24.7-4.el4_8.2.x86_64.rpm neon-debuginfo-0.24.7-4.el4_8.2.i386.rpm neon-debuginfo-0.24.7-4.el4_8.2.x86_64.rpm neon-devel-0.24.7-4.el4_8.2.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: Source: i386: neon-0.24.7-4.el4_8.2.i386.rpm neon-debuginfo-0.24.7-4.el4_8.2.i386.rpm neon-devel-0.24.7-4.el4_8.2.i386.rpm x86_64: neon-0.24.7-4.el4_8.2.i386.rpm neon-0.24.7-4.el4_8.2.x86_64.rpm neon-debuginfo-0.24.7-4.el4_8.2.i386.rpm neon-debuginfo-0.24.7-4.el4_8.2.x86_64.rpm neon-devel-0.24.7-4.el4_8.2.x86_64.rpm Red Hat Enterprise Linux ES version 4: Source: i386: neon-0.24.7-4.el4_8.2.i386.rpm neon-debuginfo-0.24.7-4.el4_8.2.i386.rpm neon-devel-0.24.7-4.el4_8.2.i386.rpm ia64: neon-0.24.7-4.el4_8.2.i386.rpm neon-0.24.7-4.el4_8.2.ia64.rpm neon-debuginfo-0.24.7-4.el4_8.2.i386.rpm neon-debuginfo-0.24.7-4.el4_8.2.ia64.rpm neon-devel-0.24.7-4.el4_8.2.ia64.rpm x86_64: neon-0.24.7-4.el4_8.2.i386.rpm neon-0.24.7-4.el4_8.2.x86_64.rpm neon-debuginfo-0.24.7-4.el4_8.2.i386.rpm neon-debuginfo-0.24.7-4.el4_8.2.x86_64.rpm neon-devel-0.24.7-4.el4_8.2.x86_64.rpm Red Hat Enterprise Linux WS version4: Source: i386: neon-0.24.7-4.el4_8.2.i386.rpm neon-debuginfo-0.24.7-4.el4_8.2.i386.rpm neon-devel-0.24.7-4.el4_8.2.i386.rpm ia64: neon-0.24.7-4.el4_8.2.i386.rpm neon-0.24.7-4.el4_8.2.ia64.rpm neon-debuginfo-0.24.7-4.el4_8.2.i386.rpm neon-debuginfo-0.24.7-4.el4_8.2.ia64.rpm neon-devel-0.24.7-4.el4_8.2.ia64.rpm x86_64: neon-0.24.7-4.el4_8.2.i386.rpm neon-0.24.7-4.el4_8.2.x86_64.rpm neon-debuginfo-0.24.7-4.el4_8.2.i386.rpm neon-debuginfo-0.24.7-4.el4_8.2.x86_64.rpm neon-devel-0.24.7-4.el4_8.2.x86_64.rpm Red Hat Enterprise Linux Desktop (v. 5 client): Source: i386: neon-0.25.5-10.el5_4.1.i386.rpm neon-debuginfo-0.25.5-10.el5_4.1.i386.rpm x86_64: neon-0.25.5-10.el5_4.1.i386.rpm neon-0.25.5-10.el5_4.1.x86_64.rpm neon-debuginfo-0.25.5-10.el5_4.1.i386.rpm neon-debuginfo-0.25.5-10.el5_4.1.x86_64.rpm RHEL Desktop Workstation (v. 5 client): Source: i386: neon-debuginfo-0.25.5-10.el5_4.1.i386.rpm neon-devel-0.25.5-10.el5_4.1.i386.rpm x86_64: neon-debuginfo-0.25.5-10.el5_4.1.i386.rpm neon-debuginfo-0.25.5-10.el5_4.1.x86_64.rpm neon-devel-0.25.5-10.el5_4.1.i386.rpm neon-devel-0.25.5-10.el5_4.1.x86_64.rpm Red Hat Enterprise Linux (v. 5server): Source: i386: neon-0.25.5-10.el5_4.1.i386.rpm neon-debuginfo-0.25.5-10.el5_4.1.i386.rpm neon-devel-0.25.5-10.el5_4.1.i386.rpm ia64: neon-0.25.5-10.el5_4.1.ia64.rpm neon-debuginfo-0.25.5-10.el5_4.1.ia64.rpm neon-devel-0.25.5-10.el5_4.1.ia64.rpm ppc: neon-0.25.5-10.el5_4.1.ppc.rpm neon-0.25.5-10.el5_4.1.ppc64.rpm neon-debuginfo-0.25.5-10.el5_4.1.ppc.rpm neon-debuginfo-0.25.5-10.el5_4.1.ppc64.rpm neon-devel-0.25.5-10.el5_4.1.ppc.rpm neon-devel-0.25.5-10.el5_4.1.ppc64.rpm s390x: neon-0.25.5-10.el5_4.1.s390.rpm neon-0.25.5-10.el5_4.1.s390x.rpm neon-debuginfo-0.25.5-10.el5_4.1.s390.rpm neon-debuginfo-0.25.5-10.el5_4.1.s390x.rpm neon-devel-0.25.5-10.el5_4.1.s390.rpm neon-devel-0.25.5-10.el5_4.1.s390x.rpm x86_64: neon-0.25.5-10.el5_4.1.i386.rpm neon-0.25.5-10.el5_4.1.x86_64.rpm neon-debuginfo-0.25.5-10.el5_4.1.i386.rpm neon-debuginfo-0.25.5-10.el5_4.1.x86_64.rpm neon-devel-0.25.5-10.el5_4.1.i386.rpm neon-devel-0.25.5-10.el5_4.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key#package 7. References: https://www.cve.org/CVERecord?id=CVE-2009-2473 https://www.cve.org/CVERecord?id=CVE-2009-2474 https://access.redhat.com/security/updates/classification#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2009 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFKt6HwXlSAg2UNWIIRAu2oAJ4risB4IoARBXb5EmGa3lM7hMUMvwCgh54a EWt982isJFdvbWrsh48+Ypg=u2Hw -----END PGP SIGNATURE----- -- Enterprise-watch-list mailing list
Sep 21, 2009
Red Hat
98
security advisorymoderatedenial of serviceRed Hat Enterprise Linux 4 & 5 RHSA-2009:1452-01 Moderate: Neon Update
Updated neon packages that fix two security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team.. ==================================================================== Red Hat Security Advisory Synopsis: Moderate: neon security update Advisory ID: RHSA-2009:1452-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2009:1452.html Issue date: 2009-09-21 CVE Names: CVE-2009-2473 CVE-2009-2474 ==================================================================== 1. Summary: Updated neon packages that fix two security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 3. Description: neon is an HTTP and WebDAV client library, with a C interface. It provides a high-level interface to HTTP and WebDAV methods along with a low-level interface for HTTP request handling. neon supports persistent connections, proxy servers, basic, digest and Kerberos authentication, and has complete SSL support. It was discovered that neon is affected by the previously published "null prefix attack", caused by incorrect handling of NULL characters in X.509 certificates. If an attacker is able to get a carefully-crafted certificate signed by a trusted Certificate Authority, the attacker could use the certificate during a man-in-the-middle attackand potentially confuse an application using the neon library into accepting it by mistake. (CVE-2009-2474) A denial of service flaw was found in the neon Extensible Markup Language (XML) parser. A remote attacker (malicious DAV server) could provide a specially-crafted XML document that would cause excessive memory and CPU consumption if an application using the neon XML parser was tricked into processing it. (CVE-2009-2473) All neon users should upgrade to these updated packages, which contain backported patches to correct these issues. Applications using the neon HTTP and WebDAV client library, such as cadaver, must be restarted for this update to take effect. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at 5. Bugs fixed (http://bugzilla.redhat.com/): 518215 - CVE-2009-2473 neon, gnome-vfs2 embedded neon: billion laughs DoS attack 518223 - CVE-2009-2474 neon: Improper verification of x509v3 certificate with NULL (zero) byte in certain fields 6. Package List: Red Hat Enterprise Linux AS version4: Source: i386: neon-0.24.7-4.el4_8.2.i386.rpm neon-debuginfo-0.24.7-4.el4_8.2.i386.rpm neon-devel-0.24.7-4.el4_8.2.i386.rpm ia64: neon-0.24.7-4.el4_8.2.i386.rpm neon-0.24.7-4.el4_8.2.ia64.rpm neon-debuginfo-0.24.7-4.el4_8.2.i386.rpm neon-debuginfo-0.24.7-4.el4_8.2.ia64.rpm neon-devel-0.24.7-4.el4_8.2.ia64.rpm ppc: neon-0.24.7-4.el4_8.2.ppc.rpm neon-0.24.7-4.el4_8.2.ppc64.rpm neon-debuginfo-0.24.7-4.el4_8.2.ppc.rpm neon-debuginfo-0.24.7-4.el4_8.2.ppc64.rpm neon-devel-0.24.7-4.el4_8.2.ppc.rpm s390: neon-0.24.7-4.el4_8.2.s390.rpm neon-debuginfo-0.24.7-4.el4_8.2.s390.rpm neon-devel-0.24.7-4.el4_8.2.s390.rpm s390x: neon-0.24.7-4.el4_8.2.s390.rpm neon-0.24.7-4.el4_8.2.s390x.rpm neon-debuginfo-0.24.7-4.el4_8.2.s390.rpm neon-debuginfo-0.24.7-4.el4_8.2.s390x.rpm neon-devel-0.24.7-4.el4_8.2.s390x.rpm x86_64: neon-0.24.7-4.el4_8.2.i386.rpm neon-0.24.7-4.el4_8.2.x86_64.rpm neon-debuginfo-0.24.7-4.el4_8.2.i386.rpm neon-debuginfo-0.24.7-4.el4_8.2.x86_64.rpm neon-devel-0.24.7-4.el4_8.2.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: Source: i386: neon-0.24.7-4.el4_8.2.i386.rpm neon-debuginfo-0.24.7-4.el4_8.2.i386.rpm neon-devel-0.24.7-4.el4_8.2.i386.rpm x86_64: neon-0.24.7-4.el4_8.2.i386.rpm neon-0.24.7-4.el4_8.2.x86_64.rpm neon-debuginfo-0.24.7-4.el4_8.2.i386.rpm neon-debuginfo-0.24.7-4.el4_8.2.x86_64.rpm neon-devel-0.24.7-4.el4_8.2.x86_64.rpm Red Hat Enterprise Linux ES version 4: Source: i386: neon-0.24.7-4.el4_8.2.i386.rpm neon-debuginfo-0.24.7-4.el4_8.2.i386.rpm neon-devel-0.24.7-4.el4_8.2.i386.rpm ia64: neon-0.24.7-4.el4_8.2.i386.rpm neon-0.24.7-4.el4_8.2.ia64.rpm neon-debuginfo-0.24.7-4.el4_8.2.i386.rpm neon-debuginfo-0.24.7-4.el4_8.2.ia64.rpm neon-devel-0.24.7-4.el4_8.2.ia64.rpm x86_64: neon-0.24.7-4.el4_8.2.i386.rpm neon-0.24.7-4.el4_8.2.x86_64.rpm neon-debuginfo-0.24.7-4.el4_8.2.i386.rpm neon-debuginfo-0.24.7-4.el4_8.2.x86_64.rpm neon-devel-0.24.7-4.el4_8.2.x86_64.rpm Red Hat Enterprise Linux WS version4: Source: i386: neon-0.24.7-4.el4_8.2.i386.rpm neon-debuginfo-0.24.7-4.el4_8.2.i386.rpm neon-devel-0.24.7-4.el4_8.2.i386.rpm ia64: neon-0.24.7-4.el4_8.2.i386.rpm neon-0.24.7-4.el4_8.2.ia64.rpm neon-debuginfo-0.24.7-4.el4_8.2.i386.rpm neon-debuginfo-0.24.7-4.el4_8.2.ia64.rpm neon-devel-0.24.7-4.el4_8.2.ia64.rpm x86_64: neon-0.24.7-4.el4_8.2.i386.rpm neon-0.24.7-4.el4_8.2.x86_64.rpm neon-debuginfo-0.24.7-4.el4_8.2.i386.rpm neon-debuginfo-0.24.7-4.el4_8.2.x86_64.rpm neon-devel-0.24.7-4.el4_8.2.x86_64.rpm Red Hat Enterprise Linux Desktop (v. 5 client): Source: i386: neon-0.25.5-10.el5_4.1.i386.rpm neon-debuginfo-0.25.5-10.el5_4.1.i386.rpm x86_64: neon-0.25.5-10.el5_4.1.i386.rpm neon-0.25.5-10.el5_4.1.x86_64.rpm neon-debuginfo-0.25.5-10.el5_4.1.i386.rpm neon-debuginfo-0.25.5-10.el5_4.1.x86_64.rpm RHEL Desktop Workstation (v. 5 client): Source: i386: neon-debuginfo-0.25.5-10.el5_4.1.i386.rpm neon-devel-0.25.5-10.el5_4.1.i386.rpm x86_64: neon-debuginfo-0.25.5-10.el5_4.1.i386.rpm neon-debuginfo-0.25.5-10.el5_4.1.x86_64.rpm neon-devel-0.25.5-10.el5_4.1.i386.rpm neon-devel-0.25.5-10.el5_4.1.x86_64.rpm Red Hat Enterprise Linux (v. 5server): Source: i386: neon-0.25.5-10.el5_4.1.i386.rpm neon-debuginfo-0.25.5-10.el5_4.1.i386.rpm neon-devel-0.25.5-10.el5_4.1.i386.rpm ia64: neon-0.25.5-10.el5_4.1.ia64.rpm neon-debuginfo-0.25.5-10.el5_4.1.ia64.rpm neon-devel-0.25.5-10.el5_4.1.ia64.rpm ppc: neon-0.25.5-10.el5_4.1.ppc.rpm neon-0.25.5-10.el5_4.1.ppc64.rpm neon-debuginfo-0.25.5-10.el5_4.1.ppc.rpm neon-debuginfo-0.25.5-10.el5_4.1.ppc64.rpm neon-devel-0.25.5-10.el5_4.1.ppc.rpm neon-devel-0.25.5-10.el5_4.1.ppc64.rpm s390x: neon-0.25.5-10.el5_4.1.s390.rpm neon-0.25.5-10.el5_4.1.s390x.rpm neon-debuginfo-0.25.5-10.el5_4.1.s390.rpm neon-debuginfo-0.25.5-10.el5_4.1.s390x.rpm neon-devel-0.25.5-10.el5_4.1.s390.rpm neon-devel-0.25.5-10.el5_4.1.s390x.rpm x86_64: neon-0.25.5-10.el5_4.1.i386.rpm neon-0.25.5-10.el5_4.1.x86_64.rpm neon-debuginfo-0.25.5-10.el5_4.1.i386.rpm neon-debuginfo-0.25.5-10.el5_4.1.x86_64.rpm neon-devel-0.25.5-10.el5_4.1.i386.rpm neon-devel-0.25.5-10.el5_4.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.cve.org/CVERecord?id=CVE-2009-2473 https://www.cve.org/CVERecord?id=CVE-2009-2474 https://access.redhat.com/security/updates/classification#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2009 Red Hat, Inc. . Ubuntu issues a critical patch for quartz focusing on various vulnerabilities affecting LTS 16.04 and 18.04 deployments.. Red Hat Enterprise Linux, neon security, HTTP client, moderate update. . LinuxSecurity.com Team
Sep 21, 2009
Red Hat
89
security advisorymoderateupdateFedora 10 FEDORA-2009-8794 Moderate: SSL and DoS Issues
This update includes the latest release of neon, version 0.28.6. This fixes two security issues: * the "billion laughs" attack against expat could allow a Denial of Service attack by a malicious server. (CVE-2009-2473) * an embedded NUL byte in a certificate subject name could allow an undetected MITM attack against an SSL server if a trusted CA issues such a cert. Several bug fixes are also included, notably: * X.509v1 CA certificates are trusted by default * Fix handling of some PKCS#12 certificates. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2009-8794 2009-08-20 20:33:40 -------------------------------------------------------------------------------- Name : neon Product : Fedora 10 Version : 0.28.6 Release : 1.fc10 URL : Summary : An HTTP and WebDAV client library Description : neon is an HTTP and WebDAV client library, with a C interface; providing a high-level interface to HTTP and WebDAV methods along with a low-level interface for HTTP request handling. neon supports persistent connections, proxy servers, basic, digest and Kerberos authentication, and has complete SSL support. -------------------------------------------------------------------------------- Update Information: This update includes the latest release of neon, version 0.28.6. This fixes two security issues: * the "billion laughs" attack against expat could allow a Denial of Service attack by a malicious server. (CVE-2009-2473) * an embedded NUL byte in a certificate subject name could allow an undetected MITM attack against an SSL server if a trusted CA issues such a cert. Several bug fixes are also included, notably: * X.509v1 CA certificates are trusted by default * Fix handling of some PKCS#12 certificates -------------------------------------------------------------------------------- ChangeLog: * Wed Aug 19 2009 Joe Orton 0.28.6-1 - update to 0.28.6 * Fri May 29 2009 Joe Orton 0.28.4-1.1 - trust V1 CA certs by default (#502451) * Fri Mar 6 2009 Joe Orton 0.28.4-1 - update to 0.28.4 * Mon Jan 19 2009 Joe Orton 0.28.3-3 - use install-p in "make install" (Robert Scheck, #226189) -------------------------------------------------------------------------------- References: [ 1 ] Bug #502451 - X509v1 CA certificate is not trusted https://bugzilla.redhat.com/show_bug.cgi?id=502451 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update neon' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ Fedora-package-announce mailing list
Aug 20, 2009
•Important
Fedora
98
security advisoryRed HatcriticalRed Hat Enterprise Linux: RHSA-2004:191-01 Critical: Cadaver Heap Overflow
An updated cadaver package is now available that fixes a vulnerability in neon which could be exploitable by a malicious DAV server.. Red Hat Security Advisory Synopsis: Updated cadaver package fixes security vulnerability in neon Advisory ID: RHSA-2004:191-01 Issue date: 2004-05-19 Updated on: 2004-05-19 Product: Red Hat Enterprise Linux Keywords: cadaver neon sscanf Cross references: Obsoletes: CVE Names: CAN-2004-0398 - --------------------------------------------------------------------- 1. Topic: An updated cadaver package is now available that fixes a vulnerability in neon which could be exploitable by a malicious DAV server. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 Red Hat Enterprise Linux ES version 2.1 - i386 Red Hat Enterprise Linux WS version 2.1 - i386 3. Problem description: cadaver is a command-line WebDAV client that uses inbuilt code from neon, an HTTP and WebDAV client library. Stefan Esser discovered a flaw in the neon library which allows a heap buffer overflow in a date parsing routine. An attacker could create a malicious WebDAV server in such a way as to allow arbitrary code execution on the client should a user connect to it using cadaver. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0398 to this issue. Users of cadaver are advised to upgrade to this updated package, which contains a patch correcting this issue. This issue does not affect Red Hat Enterprise Linux 3. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. To update all RPMs for your particular architecture, run: rpm -Fvh [filenames] where [filenames] is a list of the RPMs you wish to upgrade. Only those RPMs which are currently installed will be updated. Those RPMs which are not installed but included inthe list will not be updated. Note that you can also use wildcards (*.rpm) if your current directory *only* contains the desired RPMs. Please note that this update is also available via Red Hat Network. Many people find this an easier way to apply updates. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. If up2date fails to connect to Red Hat Network due to SSL Certificate Errors, you need to install a version of the up2date client with an updated certificate. The latest version of up2date is available from the Red Hat FTP site and may also be downloaded directly from the RHN website: https://access.redhat.com 5. Bug IDs fixed ( for more info): 122497 - CAN-2004-0398 heap overflow in neon affects cadaver 6. RPMs required: Red Hat Enterprise Linux AS (Advanced Server) version 2.1: SRPMS: i386: Available from Red Hat Network: cadaver-0.22.1-1.0.i386.rpm ia64: Available from Red Hat Network: cadaver-0.22.1-1.0.ia64.rpm Red Hat Linux Advanced Workstation 2.1: SRPMS: ia64: Available from Red Hat Network: cadaver-0.22.1-1.0.ia64.rpm Red Hat Enterprise Linux ES version 2.1: SRPMS: i386: Available from Red Hat Network: cadaver-0.22.1-1.0.i386.rpm Red Hat Enterprise Linux WS version 2.1: SRPMS: i386: Available from Red Hat Network: cadaver-0.22.1-1.0.i386.rpm 7. Verification: MD5 sum Package Name - -------------------------------------------------------------------------- 74352b500efc9fe95b932db561a97301 cadaver-0.22.1-1.0.i386.rpm 504c70514d6fe70edd342fe05809f059 cadaver-0.22.1-1.0.ia64.rpm f61038fc22fd38899ee8366ed77c99a6 cadaver-0.22.1-1.0.src.rpm These packages are GPG signed by Red Hat for security. Our key is available from You can verify each package with the following command: rpm --checksig -v If you only wish to verify that each package has not been corrupted or tampered with,examine only the md5sum with the following command: md5sum 8. References: CVE -CVE-2004-0398 9. Contact: The Red Hat security contact is . More contact details at Copyright 2004 Red Hat, Inc. . The updated mortuary chamber addresses a significant stack overflow flaw in the luminescence module, potentially allowing for unapproved program execution.. cadaver Security Advisory, Red Hat Patch, Heap Overflow Fix, WebDAV Exploit. . Severity: Critical. LinuxSecurity.com Team
May 19, 2004
•Critical
Red Hat
89
security advisorycriticalFedoraFedora: 2004-103 Critical: Remote Code Execution in Neon Library
Exploiting these bugs may allow remote malicious WebDAV servers to execute arbitrary code.. Fedora Update Notification FEDORA-2004-103 2004-04-14 --------------------------------------------------------------------- Name : neon Version : 0.24.5 Release : 1 Summary : An HTTP and WebDAV client library Description : neon is an HTTP and WebDAV client library, with a C interface; providing a high-level interface to HTTP and WebDAV methods along with a low-level interface for HTTP request handling. neon supports persistent connections, proxy servers, basic, digest and Kerberos authentication, and has complete SSL support. --------------------------------------------------------------------- Update Information: Multiple format string vulnerabilities in neon 0.24.4 and earlier allow remote malicious WebDAV servers to execute arbitrary code. Updated packages were made available in April 2004 however the original update notification email did not make it to fedora-announce-list at that time. --------------------------------------------------------------------- * Wed Apr 14 2004 Joe Orton 0.24.5-1 - update to 0.24.5 for CAN 2004-0179 fix * Thu Mar 25 2004 Joe Orton 0.24.4-4 - implement the Negotate auth scheme, and only over SSL * Tue Mar 02 2004 Elliot Lee - rebuilt * Wed Feb 25 2004 Joe Orton 0.24.4-3 - use BuildRequires not BuildPrereq, drop autoconf, libtool; -devel requires {openssl,zlib}-devel (#116744) * Fri Feb 13 2004 Elliot Lee 0.24.4-2 - rebuilt * Mon Feb 09 2004 Joe Orton 0.24.4-1 - update to 0.24.4 --------------------------------------------------------------------- This update can be downloaded from: f34a346e0d945707e888874699ed958a SRPMS/neon-0.24.5-1.src.rpm 4c3c9a53a1916566c3822e5ac9eed67d i386/neon-0.24.5-1.i386.rpm c00098bf0548dcf7e3f8ad1db90c78e8 i386/neon-devel-0.24.5-1.i386.rpm c6faddb460bff55de5571630324f5381 i386/debug/neon-debuginfo-0.24.5-1.i386.rpm e192a575ff1184e7ba35326a0ba84b5c x86_64/neon-0.24.5-1.x86_64.rpm 50d3157693574508440893e5dcf48ac3 x86_64/neon-devel-0.24.5-1.x86_64.rpm eb12e5f3ed12849c26b949ce7c3c5aa0 x86_64/debug/neon-debuginfo-0.24.5-1.x86_64.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. . Multiple format string weaknesses discovered in neon version 0.24.5 may allow an attacker to execute remote code via WebDAV services.. Remote Code Execution, WebDAV Exploit, Neon Library. . Severity: Critical. LinuxSecurity.com Team
May 18, 2004
•Critical
Fedora
98
security advisorymoderateRed HatRed Hat 9 OpenOffice RHSA-2004:163-01 Moderate: Code Execution Risk
An attacker could create a malicious WebDAV server in such a way as to allow arbitrary code execution on the client should a user connect to it using OpenOffice.. Red Hat Security Advisory Synopsis: Updated OpenOffice packages fix security vulnerability in neon Advisory ID: RHSA-2004:163-01 Issue date: 2004-04-30 Updated on: 2004-04-30 Product: Red Hat Linux Keywords: Cross references: Obsoletes: CVE Names: CAN-2004-0179 - --------------------------------------------------------------------- 1. Topic: Updated OpenOffice packages that fix a vulnerability in neon exploitable by a malicious DAV server are now available. 2. Relevant releases/architectures: Red Hat Linux 9 - i386 3. Problem description: OpenOffice.org is an Open Source, community-developed, multi-platform office productivity suite. OpenOffice internally uses inbuilt code from neon, an HTTP and WebDAV client library. Versions of the neon client library up to and including 0.24.4 have been found to contain a number of format string bugs. An attacker could create a malicious WebDAV server in such a way as to allow arbitrary code execution on the client should a user connect to it using OpenOffice. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0179 to this issue. Users of OpenOffice are advised to upgrade to these updated packages, which contain a patch correcting this issue. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. To update all RPMs for your particular architecture, run: rpm -Fvh [filenames] where [filenames] is a list of the RPMs you wish to upgrade. Only those RPMs which are currently installed will be updated. Those RPMs which are not installed but included in the list will not be updated. Note that you can also use wildcards (*.rpm) if your current directory *only* contains the desired RPMs. Please note that this update isalso available via Red Hat Network. Many people find this an easier way to apply updates. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. If up2date fails to connect to Red Hat Network due to SSL Certificate Errors, you need to install a version of the up2date client with an updated certificate. The latest version of up2date is available from the Red Hat FTP site and may also be downloaded directly from the RHN website: https://access.redhat.com 5. RPMs required: Red Hat Linux 9: SRPMS: i386: 6. Verification: MD5 sum Package Name - -------------------------------------------------------------------------- af902345797936b7dad0bf309ff47aac 9/en/os/SRPMS/openoffice-1.0.2-11.src.rpm e5b3f1bab7554ec921ea8d3d3b6faafa 9/en/os/i386/openoffice-1.0.2-11.i386.rpm e6a783eb40931756ce3806136e960432 9/en/os/i386/openoffice-i18n-1.0.2-11.i386.rpm 1e8820359aed61e36fb9adbe91aba1a7 9/en/os/i386/openoffice-libs-1.0.2-11.i386.rpm These packages are GPG signed by Red Hat for security. Our key is available from You can verify each package with the following command: rpm --checksig -v If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command: md5sum 7. References: CVE -CVE-2004-0179 8. Contact: The Red Hat security contact is . More contact details at Copyright 2004 Red Hat, Inc. . Canonical announces updates for LibreOffice to fix performance issues in coral. Users are urged to update to maintain application integrity.. OpenOffice Update, Red Hat Security, WebDAV Threat. . LinuxSecurity.com Team
May 10, 2004
Red Hat
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!