Multiple buffer overflows in the nd WebDAV interface 0.8.2 and earlier allows remote web servers to execute arbitrary code via certain long strings.
https://exchange.xforce.ibmcloud.com/vulnerabilities/14141
http://www.securitytracker.com/id?1008616
http://www.securityfocus.com/bid/9365
http://www.debian.org/security/2004/dsa-412