Denial of Service : Neon Certificate Spoofing / DoS Vulnerability

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.900828

Categoría: Denial of Service

Título: Neon Certificate Spoofing / DoS Vulnerability

Resumen: Neon is prone to certificate spoofing and denial of service (DoS) vulnerabilities.

Descripción: Summary:
Neon is prone to certificate spoofing and denial of service (DoS) vulnerabilities.

Vulnerability Insight:
- When OpenSSL is used, neon does not properly handle a '&qt?&qt' character
in a domain name in the 'subject&qts' Common Name (CN) field of an X.509
certificate via a crafted certificate issued by a legitimate Certification Authority.

- When expat is used, neon does not properly detect recursion during entity
expansion via a crafted XML document containing a large number of nested entity references.

Vulnerability Impact:
Attacker may leverage this issue to conduct man-in-the-middle attacks to
spoof arbitrary SSL servers, and can deny the service by memory or CPU
consumption on the affected application.

Affected Software/OS:
WebDAV, Neon version prior to 0.28.6 on Linux.

Solution:
Upgrade to version 0.28.6 or later.

CVSS Score:
5.8

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:N

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2009-2473
36371
http://secunia.com/advisories/36371
ADV-2009-2341
http://www.vupen.com/english/advisories/2009/2341
APPLE-SA-2010-11-10-1
http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html
FEDORA-2009-8794
https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00924.html
FEDORA-2009-8815
https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00945.html
MDVSA-2009:221
http://www.mandriva.com/security/advisories?name=MDVSA-2009:221
RHSA-2013:0131
http://rhn.redhat.com/errata/RHSA-2013-0131.html
SUSE-SR:2009:018
http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html
[neon] 20090818 CVE-2009-2473: fix for "billion laughs" attack against expat
http://lists.manyfish.co.uk/pipermail/neon/2009-August/001045.html
[neon] 20090818 neon: release 0.28.6 (SECURITY)
http://lists.manyfish.co.uk/pipermail/neon/2009-August/001044.html
http://support.apple.com/kb/HT4435
neon-xml-dos(52633)
https://exchange.xforce.ibmcloud.com/vulnerabilities/52633
oval:org.mitre.oval:def:9461
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9461
Common Vulnerability Exposure (CVE) ID: CVE-2009-2474
36079
http://www.securityfocus.com/bid/36079
36799
http://secunia.com/advisories/36799
USN-835-1
http://www.ubuntu.com/usn/usn-835-1
[neon] 20090818 CVE-2009-2474: fix handling of NUL in SSL cert subject names
http://lists.manyfish.co.uk/pipermail/neon/2009-August/001046.html
oval:org.mitre.oval:def:11721
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11721

Copyright Copyright (C) 2009 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.900828
Categoría:	Denial of Service
Título:	Neon Certificate Spoofing / DoS Vulnerability
Resumen:	Neon is prone to certificate spoofing and denial of service (DoS) vulnerabilities.
Descripción:	Summary: Neon is prone to certificate spoofing and denial of service (DoS) vulnerabilities. Vulnerability Insight: - When OpenSSL is used, neon does not properly handle a '&qt?&qt' character in a domain name in the 'subject&qts' Common Name (CN) field of an X.509 certificate via a crafted certificate issued by a legitimate Certification Authority. - When expat is used, neon does not properly detect recursion during entity expansion via a crafted XML document containing a large number of nested entity references. Vulnerability Impact: Attacker may leverage this issue to conduct man-in-the-middle attacks to spoof arbitrary SSL servers, and can deny the service by memory or CPU consumption on the affected application. Affected Software/OS: WebDAV, Neon version prior to 0.28.6 on Linux. Solution: Upgrade to version 0.28.6 or later. CVSS Score: 5.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-2473 36371 http://secunia.com/advisories/36371 ADV-2009-2341 http://www.vupen.com/english/advisories/2009/2341 APPLE-SA-2010-11-10-1 http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html FEDORA-2009-8794 https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00924.html FEDORA-2009-8815 https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00945.html MDVSA-2009:221 http://www.mandriva.com/security/advisories?name=MDVSA-2009:221 RHSA-2013:0131 http://rhn.redhat.com/errata/RHSA-2013-0131.html SUSE-SR:2009:018 http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html [neon] 20090818 CVE-2009-2473: fix for "billion laughs" attack against expat http://lists.manyfish.co.uk/pipermail/neon/2009-August/001045.html [neon] 20090818 neon: release 0.28.6 (SECURITY) http://lists.manyfish.co.uk/pipermail/neon/2009-August/001044.html http://support.apple.com/kb/HT4435 neon-xml-dos(52633) https://exchange.xforce.ibmcloud.com/vulnerabilities/52633 oval:org.mitre.oval:def:9461 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9461 Common Vulnerability Exposure (CVE) ID: CVE-2009-2474 36079 http://www.securityfocus.com/bid/36079 36799 http://secunia.com/advisories/36799 USN-835-1 http://www.ubuntu.com/usn/usn-835-1 [neon] 20090818 CVE-2009-2474: fix handling of NUL in SSL cert subject names http://lists.manyfish.co.uk/pipermail/neon/2009-August/001046.html oval:org.mitre.oval:def:11721 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11721
Copyright	Copyright (C) 2009 Greenbone AG