Neon 'ne_xml*' expat XML Parsing Denial of Service Vulnerability

Bugtraq ID: 36080
Class: Design Error
CVE: CVE-2009-2473
Remote: Yes
Local: No
Published: Aug 18 2009 12:00AM
Updated: Apr 13 2015 09:19PM
Credit: Joe Orton
Vulnerable: S.u.S.E. openSUSE 11.0
S.u.S.E. openSUSE 10.3
S.u.S.E. Linux 9
S.u.S.E. Linux 11
S.u.S.E. Linux 10.0
Redhat Enterprise Linux WS 4
Redhat Enterprise Linux EUS 5.4.z server
Redhat Enterprise Linux ES 4.8.z
Redhat Enterprise Linux ES 4
Redhat Enterprise Linux Desktop Workstation 5 client
Redhat Enterprise Linux Desktop 5 client
Redhat Enterprise Linux AS 4.8.z
Redhat Enterprise Linux AS 4
Redhat Enterprise Linux Desktop version 4
Redhat Enterprise Linux 5 Server
Pardus Linux 2009 0
Oracle Enterprise Linux 5
Neon Neon 0.28.5
Neon Neon 0.28.3
Neon Neon 0.28.2
Neon Neon 0.28.1
Neon Neon 0.28
Neon Client Library 0.26.3
Neon Client Library 0.26.2
Neon Client Library 0.26.1
Neon Client Library 0.26
Neon Client Library 0.24.6
Neon Client Library 0.24.5
Neon Client Library 0.24.4
Neon Client Library 0.24.3
Neon Client Library 0.24.2
Neon Client Library 0.24.1
Neon Client Library 0.24
Neon Client Library 0.23.8
Neon Client Library 0.23.7
Neon Client Library 0.23.6
Neon Client Library 0.23.5
Neon Client Library 0.23.4
Neon Client Library 0.23.3
Neon Client Library 0.23.2
Neon Client Library 0.23.1
Neon Client Library 0.23
Neon Client Library 0.19.3
- Debian Linux 3.0 sparc
- Debian Linux 3.0 s/390
- Debian Linux 3.0 ppc
- Debian Linux 3.0 mipsel
- Debian Linux 3.0 mips
- Debian Linux 3.0 m68k
- Debian Linux 3.0 ia-64
- Debian Linux 3.0 ia-32
- Debian Linux 3.0 hppa
- Debian Linux 3.0 arm
- Debian Linux 3.0 alpha
- Debian Linux 3.0
Mandriva Linux Mandrake 2009.1 x86_64
Mandriva Linux Mandrake 2009.1
Mandriva Linux Mandrake 2009.0 x86_64
Mandriva Linux Mandrake 2009.0
Mandriva Linux Mandrake 2008.1 x86_64
Mandriva Linux Mandrake 2008.1
MandrakeSoft Enterprise Server 5 x86_64
MandrakeSoft Enterprise Server 5
MandrakeSoft Corporate Server 4.0 x86_64
MandrakeSoft Corporate Server 4.0
CentOS CentOS 5
Avaya Voice Portal 5.0 SP2
Avaya Voice Portal 5.0 SP1
Avaya Voice Portal 5.0
Avaya Messaging Storage Server 3.1
Avaya Message Networking 3.1
Avaya Intuity AUDIX LX 2.0 SP2
Avaya Intuity AUDIX LX 2.0 SP1
Avaya Intuity AUDIX LX 2.0
Apple Mac OS X Server 10.6.4
Apple Mac OS X Server 10.6.3
Apple Mac OS X Server 10.6.2
Apple Mac OS X Server 10.6.1
Apple Mac OS X Server 10.6
Apple Mac OS X 10.6.4
Apple Mac OS X 10.6.3
Apple Mac OS X 10.6.2
Apple Mac OS X 10.6.1
Apple Mac OS X 10.6
Not Vulnerable: Neon Neon 0.28.6
Apple Mac OS X Server 10.6.5
Apple Mac OS X 10.6.5


 

Privacy Statement
Copyright 2010, SecurityFocus