Neon < 0.24.5 WebDAV Client Library Format String Vulnerabilities (deprecated)

High Nessus Network Monitor Plugin ID 1779

Synopsis

The remote host is using software based on a vulnerable version of the Neon Library, an open-source HTTP and WebDAV client library.

Description

The remote host is using software based on a vulnerable version of the Neon Library, an open-source HTTP and WebDAV client library. An attacker running a malicious WebDAV server may execute arbitrary code on the host.

Solution

Upgrade to Neon library 0.24.5 or higher.

Plugin Details

Severity: High

ID: 1779

File Name: 1779.prm

Family: Web Clients

Published: 2004/08/20

Modified: 2015/06/01

Dependencies: 1735, 8314

Risk Information

Risk Factor: High

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Reference Information

CVE: CVE-2004-0398, CVE-2004-0179

BID: 10136, 10385