Debian Security Advisory DSA 487-1 (neon) Network Vulnerability

Summary

The remote host is missing an update to neon announced via advisory DSA 487-1.

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20487-1

Insight

Multiple format string vulnerabilities were discovered in neon, an HTTP and WebDAV client library. These vulnerabilities could potentially be exploited by a malicious WebDAV server to execute arbitrary code with the privileges of the process using libneon. For the current stable distribution (woody) these problems have been fixed in version 0.19.3-2woody3. For the unstable distribution (sid), these problems have been fixed in version 0.24.5-1. We recommend that you update your neon package.

Severity

Classification

CVE CVE-2004-0179

CVSS	Base Score: 5.1 AV:N/AC:H/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Debian Security Advisory DSA 1066-1 (phpbb2)
Debian Security Advisory DSA 001-1 (ed)
Debian Security Advisory DSA 1102-1 (pinball)
Debian Security Advisory DSA 088-1 (fml)
Debian Security Advisory DSA 1154-1 (squirrelmail)

Take action and discover your vulnerabilities