CVE-2004-0179
Summary
| CVE | CVE-2004-0179 |
|---|---|
| State | PUBLISHED |
| Assigner | mitre |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2004-06-01 04:00:00 UTC |
| Updated | 2025-04-03 01:03:51 UTC |
| Description | Multiple format string vulnerabilities in (1) neon 0.24.4 and earlier, and other products that use neon including (2) Cadaver, (3) Subversion, and (4) OpenOffice, allow remote malicious WebDAV servers to execute arbitrary code. |
Risk And Classification
CVSS v2.0 Breakdown
Access Vector
NetworkAccess Complexity
MediumAuthentication
NoneConfidentiality
PartialIntegrity
PartialAvailability
PartialAV:N/AC:M/Au:N/C:P/I:P/A:P
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Apache | Openoffice | All | All | All | All |
| Application | Apache | Subversion | All | All | All | All |
| Operating System | Debian | Debian Linux | 3.0 | All | All | All |
| Application | Webdav | Cadaver | All | All | All | All |
| Application | Webdav | Neon | All | All | All | All |
Vendor Declared Affected Products
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Gentoo Linux Documentation -- OpenOffice.org vulnerability when using DAV servers | af854a3a-2127-422b-91ae-364da2661108 | security.gentoo.org | Third Party Advisory |
| Gentoo Linux Documentation -- Multiple format string vulnerabilities in neon 0.24.4 and earlier | af854a3a-2127-422b-91ae-364da2661108 | security.gentoo.org | Third Party Advisory |
| Debian -- Security Information -- DSA-487-1 neon | af854a3a-2127-422b-91ae-364da2661108 | www.debian.org | Third Party Advisory |
| redhat.com | Red Hat Support | af854a3a-2127-422b-91ae-364da2661108 | www.redhat.com | Third Party Advisory |
| redhat.com | Red Hat Support | af854a3a-2127-422b-91ae-364da2661108 | www.redhat.com | Third Party Advisory |
| SuSE Security announcements: [suse-security-announce] SUSE Security Announcement: Linux Kernel (SuSE-SA:2004:009) | af854a3a-2127-422b-91ae-364da2661108 | lists.suse.com | Broken Link |
| bugzilla.fedora.us/show_bug.cgi | af854a3a-2127-422b-91ae-364da2661108 | bugzilla.fedora.us | Broken Link |
| Repository / Oval Repository | af854a3a-2127-422b-91ae-364da2661108 | oval.cisecurity.org | Third Party Advisory |
| patches.sgi.com/support/free/security/advisories/20040404-01-U.asc | af854a3a-2127-422b-91ae-364da2661108 | patches.sgi.com | Broken Link |
| Repository / Oval Repository | af854a3a-2127-422b-91ae-364da2661108 | oval.cisecurity.org | Third Party Advisory |
| redhat.com | Red Hat Support | af854a3a-2127-422b-91ae-364da2661108 | www.redhat.com | Third Party Advisory |
| '[OpenPKG-SA-2004.016] OpenPKG Security Advisory (neon)' - MARC | af854a3a-2127-422b-91ae-364da2661108 | marc.info | Issue Tracking, Third Party Advisory |
| 'void.at - neon format string bugs' - MARC | af854a3a-2127-422b-91ae-364da2661108 | marc.info | Issue Tracking, Third Party Advisory |
| redhat.com | Red Hat Support | af854a3a-2127-422b-91ae-364da2661108 | www.redhat.com | Third Party Advisory |
| Advisories - Mandriva | af854a3a-2127-422b-91ae-364da2661108 | www.mandriva.com | Third Party Advisory |
| www.osvdb.org/5365 | af854a3a-2127-422b-91ae-364da2661108 | www.osvdb.org | Broken Link |
| Neon WebDAV Client Library Format String Vulnerabilities | af854a3a-2127-422b-91ae-364da2661108 | www.securityfocus.com | Third Party Advisory, VDB Entry |
| SuSE Security announcements: [suse-security-announce] SUSE Security Announcement: cvs (SuSE-SA:2004:008) | af854a3a-2127-422b-91ae-364da2661108 | lists.suse.com | Broken Link |
| Secunia - Advisories - Neon Client Library Format String Vulnerabilities | af854a3a-2127-422b-91ae-364da2661108 | secunia.com | Third Party Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.