|
|
Family: Fedora Local Security Checks --> Category: infos
Fedora Core 1 2004-103: neon Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the neon package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory FEDORA-2004-103 (neon).
neon is an HTTP and WebDAV client library, with a C interface
providing a high-level interface to HTTP and WebDAV methods along
with a low-level interface for HTTP request handling. neon
supports persistent connections, proxy servers, basic, digest and
Kerberos authentication, and has complete SSL support.
Update Information:
Multiple format string vulnerabilities in neon 0.24.4 and earlier
allow remote malicious WebDAV servers to execute arbitrary code.
Updated packages were made available in April 2004 however the original
update notification email did not make it to fedora-announce-list at
that time.
Solution : http://www.fedoranews.org/updates/FEDORA-2004-103.shtml
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|
