CVE-2004-0398 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2004-0398 Interim 1 4 2023-12-09T02:25:24Z current 2021-05-30T12:30:00Z 2023-12-09T02:25:24Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2004-0398 Heap-based buffer overflow in the ne_rfc1036_parse date parsing function for the neon library (libneon) 0.24.5 and earlier, as used by cadaver before 0.22, allows remote WebDAV servers to execute arbitrary code on the client. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/M7VFEJ4OKXBQ4ECAIKMUSDBJ5FAUJQWF/#M7VFEJ4OKXBQ4ECAIKMUSDBJ5FAUJQWF E-Mail link for SUSE-SA:2004:020 https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/AWOKTSRU2ZEDF4E3KXV7ZSMXPB2NXSXO/#AWOKTSRU2ZEDF4E3KXV7ZSMXPB2NXSXO E-Mail link for SUSE-SA:2004:021 https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/RODWU2BBPMD2PAC55BGGCP6MNSUECFUJ/#RODWU2BBPMD2PAC55BGGCP6MNSUECFUJ E-Mail link for SUSE-SA:2004:022 https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/Q645NBXAZO7WEXRNY55MUKAY3J62CN37/#Q645NBXAZO7WEXRNY55MUKAY3J62CN37 E-Mail link for SuSE-SA:2004:013 https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/7NXFRH4HDLDFCIBG4LSP5LHIIZ4N3EBW/#7NXFRH4HDLDFCIBG4LSP5LHIIZ4N3EBW E-Mail link for SuSE-SA:2004:015 https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/DJ4PIOAKB7WF7RPQWYFQ6HGRRYHXOWIW/#DJ4PIOAKB7WF7RPQWYFQ6HGRRYHXOWIW E-Mail link for SuSE-SA:2004:016 https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/HX7M2R4VK6M2AVVVJEORQBCDOKVBC25G/#HX7M2R4VK6M2AVVVJEORQBCDOKVBC25G E-Mail link for SuSE-SA:2004:017 https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5VFK45SZGLKQTY7ZM4EMG7ON43MR44UQ/#5VFK45SZGLKQTY7ZM4EMG7ON43MR44UQ E-Mail link for SuSE-SA:2004:018 https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/HC5PFLMGF5DUERY3T2VUVFQXXKNJXKPC/#HC5PFLMGF5DUERY3T2VUVFQXXKNJXKPC E-Mail link for SuSE-SA:2004:019 https://www.suse.com/support/security/rating/ SUSE Security Ratings Heap-based buffer overflow in the ne_rfc1036_parse date parsing function for the neon library (libneon) 0.24.5 and earlier, as used by cadaver before 0.22, allows remote WebDAV servers to execute arbitrary code on the client. CVE-2004-0398 important 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P