SuSE 11 Security Update : libneon (SAT Patch Number 1376)
Medium Nessus Plugin ID 42301
The remote SuSE 11 host is missing one or more security updates.
neon did not properly handle embedded NUL characters in X.509 certificates when comparing host names. Attackers could exploit that to spoof SSL servers. (CVE-2009-2408) Specially crafted XML documents that contain a large number of nested entity references could cause neon to consume large amounts of CPU and memory. (CVE-2009-2473)