CVE-2004-0398

Name of the Vulnerable Software and Affected Versions libneon versions 0.24.5 and earlier

Description The issue is related to a heap-based buffer overflow in the ne rfc1036 parse date parsing function of the neon library. This allows remote WebDAV servers to execute arbitrary code on the client. Multiple vulnerabilities in the libneon package can lead to disruption of confidentiality, integrity, and availability of protected information. These vulnerabilities can be exploited remotely.

Recommendations For libneon versions 0.24.5 and earlier, update to a version later than 0.24.5 to resolve the issue. As a temporary workaround, consider restricting access to the ne rfc1036 parse function until a patch is available.