U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Vulnerability Change Records for CVE-2004-0179

Change History

Modified Analysis by NIST 10/13/2020 12:52:07 PM

Action Type Old Value New Value
Added CVSS V2

								
							
							
						
NIST (AV:N/AC:M/Au:N/C:P/I:P/A:P)
Removed CVSS V2
NIST (AV:N/AC:H/Au:N/C:P/I:P/A:P)

								
						
Added CWE

								
							
							
						
NIST CWE-134
Removed CWE
NIST NVD-CWE-Other

								
						
Changed CPE Configuration
OR
     *cpe:2.3:a:cadaver:cadaver_webdav_client:0.20.0:*:*:*:*:*:*:*
     *cpe:2.3:a:cadaver:cadaver_webdav_client:0.20.1:*:*:*:*:*:*:*
     *cpe:2.3:a:cadaver:cadaver_webdav_client:0.20.2:*:*:*:*:*:*:*
     *cpe:2.3:a:cadaver:cadaver_webdav_client:0.20.3:*:*:*:*:*:*:*
     *cpe:2.3:a:cadaver:cadaver_webdav_client:0.20.4:*:*:*:*:*:*:*
     *cpe:2.3:a:cadaver:cadaver_webdav_client:0.20.5:*:*:*:*:*:*:*
     *cpe:2.3:a:cadaver:cadaver_webdav_client:0.21.0:*:*:*:*:*:*:*
     *cpe:2.3:a:cadaver:cadaver_webdav_client:0.22.0:*:*:*:*:*:*:*
     *cpe:2.3:a:cadaver:cadaver_webdav_client:0.22.1:*:*:*:*:*:*:*
     *cpe:2.3:a:neon:neon_client_library:0.19.3:*:*:*:*:*:*:*
     *cpe:2.3:a:neon:neon_client_library:0.23:*:*:*:*:*:*:*
     *cpe:2.3:a:neon:neon_client_library:0.23.1:*:*:*:*:*:*:*
     *cpe:2.3:a:neon:neon_client_library:0.23.2:*:*:*:*:*:*:*
     *cpe:2.3:a:neon:neon_client_library:0.23.3:*:*:*:*:*:*:*
     *cpe:2.3:a:neon:neon_client_library:0.23.4:*:*:*:*:*:*:*
     *cpe:2.3:a:neon:neon_client_library:0.23.5:*:*:*:*:*:*:*
     *cpe:2.3:a:neon:neon_client_library:0.23.6:*:*:*:*:*:*:*
     *cpe:2.3:a:neon:neon_client_library:0.23.7:*:*:*:*:*:*:*
     *cpe:2.3:a:neon:neon_client_library:0.23.8:*:*:*:*:*:*:*
     *cpe:2.3:a:neon:neon_client_library:0.24:*:*:*:*:*:*:*
     *cpe:2.3:a:neon:neon_client_library:0.24.1:*:*:*:*:*:*:*
     *cpe:2.3:a:neon:neon_client_library:0.24.2:*:*:*:*:*:*:*
     *cpe:2.3:a:neon:neon_client_library:0.24.3:*:*:*:*:*:*:*
     *cpe:2.3:a:neon:neon_client_library:0.24.4:*:*:*:*:*:*:*
     *cpe:2.3:a:openoffice:openoffice:1.1.2:*:*:*:*:*:*:*
     *cpe:2.3:a:subversion:subversion:*:*:*:*:*:*:*:*
AND
     OR
          *cpe:2.3:a:webdav:neon:*:*:*:*:*:*:*:* versions from (including) 0.19.0 up to (excluding) 0.24.5
     OR
          cpe:2.3:a:apache:openoffice:*:*:*:*:*:*:*:*
          cpe:2.3:a:apache:subversion:*:*:*:*:*:*:*:*
          cpe:2.3:a:webdav:cadaver:*:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*
Changed Reference Type
ftp://patches.sgi.com/support/free/security/advisories/20040404-01-U.asc Patch, Vendor Advisory
ftp://patches.sgi.com/support/free/security/advisories/20040404-01-U.asc Broken Link
Changed Reference Type
http://lists.suse.com/archive/suse-security-announce/2004-Apr/0002.html Patch, Vendor Advisory
http://lists.suse.com/archive/suse-security-announce/2004-Apr/0002.html Broken Link
Changed Reference Type
http://lists.suse.com/archive/suse-security-announce/2004-Apr/0003.html Patch, Vendor Advisory
http://lists.suse.com/archive/suse-security-announce/2004-Apr/0003.html Broken Link
Changed Reference Type
http://marc.info/?l=bugtraq&m=108213873203477&w=2 No Types Assigned
http://marc.info/?l=bugtraq&m=108213873203477&w=2 Issue Tracking, Third Party Advisory
Changed Reference Type
http://marc.info/?l=bugtraq&m=108214147022626&w=2 No Types Assigned
http://marc.info/?l=bugtraq&m=108214147022626&w=2 Issue Tracking, Third Party Advisory
Changed Reference Type
http://secunia.com/advisories/11363 Patch, Vendor Advisory
http://secunia.com/advisories/11363 Third Party Advisory
Changed Reference Type
http://security.gentoo.org/glsa/glsa-200405-01.xml Patch, Vendor Advisory
http://security.gentoo.org/glsa/glsa-200405-01.xml Third Party Advisory
Changed Reference Type
http://security.gentoo.org/glsa/glsa-200405-04.xml Patch, Vendor Advisory
http://security.gentoo.org/glsa/glsa-200405-04.xml Third Party Advisory
Changed Reference Type
http://www.debian.org/security/2004/dsa-487 Patch, Vendor Advisory
http://www.debian.org/security/2004/dsa-487 Third Party Advisory
Changed Reference Type
http://www.mandriva.com/security/advisories?name=MDKSA-2004:032 Vendor Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2004:032 Third Party Advisory
Changed Reference Type
http://www.osvdb.org/5365 No Types Assigned
http://www.osvdb.org/5365 Broken Link
Changed Reference Type
http://www.redhat.com/support/errata/RHSA-2004-157.html Patch, Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2004-157.html Third Party Advisory
Changed Reference Type
http://www.redhat.com/support/errata/RHSA-2004-158.html Patch
http://www.redhat.com/support/errata/RHSA-2004-158.html Third Party Advisory
Changed Reference Type
http://www.redhat.com/support/errata/RHSA-2004-159.html Patch
http://www.redhat.com/support/errata/RHSA-2004-159.html Third Party Advisory
Changed Reference Type
http://www.redhat.com/support/errata/RHSA-2004-160.html Patch
http://www.redhat.com/support/errata/RHSA-2004-160.html Third Party Advisory
Changed Reference Type
http://www.securityfocus.com/bid/10136 No Types Assigned
http://www.securityfocus.com/bid/10136 Third Party Advisory, VDB Entry
Changed Reference Type
https://bugzilla.fedora.us/show_bug.cgi?id=1552 Patch
https://bugzilla.fedora.us/show_bug.cgi?id=1552 Broken Link
Changed Reference Type
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1065 No Types Assigned
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1065 Third Party Advisory
Changed Reference Type
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10913 No Types Assigned
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10913 Third Party Advisory
Removed CVSS V2 Metadata
Victim must voluntarily interact with attack mechanism