Neon 'ne_xml*' expat XML Parsing Denial of Service Vulnerability

Bugtraq ID: 36080
Class: Design Error
CVE: CVE-2009-2473
Remote: Yes
Local: No
Published: Aug 18 2009 12:00AM
Updated: Jan 30 2013 07:20PM
Credit: Joe Orton
Vulnerable: SuSE openSUSE 10.3
SuSE Linux 9
SuSE Linux 11
S.u.S.E. openSUSE 11.0
S.u.S.E. Linux 10.0
RedHat Enterprise Linux WS 4
RedHat Enterprise Linux ES 4.8.z
RedHat Enterprise Linux ES 4
RedHat Enterprise Linux Desktop Workstation 5 client
RedHat Enterprise Linux Desktop version 4
Red Hat Fedora 11
Red Hat Fedora 10
Red Hat Enterprise Linux EUS 5.4.z server
Red Hat Enterprise Linux Desktop 5 client
Red Hat Enterprise Linux AS 4.8.z
Red Hat Enterprise Linux AS 4
Red Hat Enterprise Linux 5 Server
Pardus Linux 2009 0
Oracle Enterprise Linux 5
Neon Neon 0.28.5
Neon Neon 0.28.3
Neon Neon 0.28.2
Neon Neon 0.28.1
Neon Neon 0.28
Neon Client Library 0.26.3
Neon Client Library 0.26.2
Neon Client Library 0.26.1
Neon Client Library 0.26
Neon Client Library 0.24.6
Neon Client Library 0.24.5
Neon Client Library 0.24.4
Neon Client Library 0.24.3
Neon Client Library 0.24.2
Neon Client Library 0.24.1
Neon Client Library 0.24
Neon Client Library 0.23.8
Neon Client Library 0.23.7
Neon Client Library 0.23.6
Neon Client Library 0.23.5
Neon Client Library 0.23.4
Neon Client Library 0.23.3
Neon Client Library 0.23.2
Neon Client Library 0.23.1
Neon Client Library 0.23
Neon Client Library 0.19.3
- Debian Linux 3.0 sparc
- Debian Linux 3.0 s/390
- Debian Linux 3.0 ppc
- Debian Linux 3.0 mipsel
- Debian Linux 3.0 mips
- Debian Linux 3.0 m68k
- Debian Linux 3.0 ia-64
- Debian Linux 3.0 ia-32
- Debian Linux 3.0 hppa
- Debian Linux 3.0 arm
- Debian Linux 3.0 alpha
- Debian Linux 3.0
Mandriva Linux Mandrake 2009.1 x86_64
Mandriva Linux Mandrake 2009.1
Mandriva Linux Mandrake 2009.0 x86_64
Mandriva Linux Mandrake 2009.0
Mandriva Linux Mandrake 2008.1 x86_64
Mandriva Linux Mandrake 2008.1
MandrakeSoft Enterprise Server 5 x86_64
MandrakeSoft Enterprise Server 5
MandrakeSoft Corporate Server 4.0 x86_64
MandrakeSoft Corporate Server 4.0
CentOS CentOS 5
Avaya Voice Portal 5.0 SP2
Avaya Voice Portal 5.0 SP1
Avaya Voice Portal 5.0
Avaya Messaging Storage Server 3.1
Avaya Message Networking 3.1
Avaya Intuity AUDIX LX 2.0 SP2
Avaya Intuity AUDIX LX 2.0 SP1
Avaya Intuity AUDIX LX 2.0
Apple Mac OS X Server 10.6.4
Apple Mac OS X Server 10.6.3
Apple Mac OS X Server 10.6.2
Apple Mac OS X Server 10.6.1
Apple Mac OS X Server 10.6
Apple Mac OS X 10.6.4
Apple Mac OS X 10.6.3
Apple Mac OS X 10.6.2
Apple Mac OS X 10.6.1
Apple Mac OS X 10.6
Not Vulnerable: Neon Neon 0.28.6
Apple Mac OS X Server 10.6.5


 

Privacy Statement
Copyright 2010, SecurityFocus