FreeBSD : neon date parsing vulnerability (8d075001-a9ce-11d8-9c6d-0020ed76ef5a)
High Nessus Plugin ID 38015
SynopsisThe remote FreeBSD host is missing one or more security-related updates.
DescriptionStefan Esser reports :
A vulnerability within a libneon date parsing function could cause a heap overflow which could lead to remote code execution, depending on the application using libneon.
The vulnerability is in the function ne_rfc1036_parse, which is in turn used by the function ne_httpdate_parse. Applications using either of these neon functions may be vulnerable.
SolutionUpdate the affected packages.