icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

Neon < 0.24.6 WebDAV Client Library ne_rfc1036_parse Function Heap Overflow

High

Synopsis

The remote host is vulnerable to a buffer overflow.

Description

The remote host is using software based on a vulnerable version of the Neon Library, an open-source HTTP and WebDAV client library. Depending of the application using the library, an attacker running a malicious WebDAV server may execute arbitrary code on the host or create a denial of service.

Solution

Upgrade to Neon library 0.24.6 or higher.