MitreCVELIST:CVE-2004-0396CVE-2004-0396
Heap-based buffer overflow in CVS 1.11.x up to 1.11.15, and 1.12.x up to 1.12.7, when using the pserver mechanism allows remote attackers to execute arbitrary code via Entry lines.
References
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:10.cvs.asc
ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2004-008.txt.asc
archives.neohapsis.com/archives/fulldisclosure/2004-05/0980.html
cert.uni-stuttgart.de/archive/bugtraq/2004/05/msg00219.html
lists.grok.org.uk/pipermail/full-disclosure/2004-May/021742.html
marc.info/?l=bugtraq&m=108498454829020&w=2
marc.info/?l=bugtraq&m=108500040719512&w=2
marc.info/?l=bugtraq&m=108636445031613&w=2
marc.info/?l=openbsd-security-announce&m=108508894405639&w=2
secunia.com/advisories/11641
secunia.com/advisories/11647
secunia.com/advisories/11651
secunia.com/advisories/11652
secunia.com/advisories/11674
security.e-matters.de/advisories/072004.html
security.gentoo.org/glsa/glsa-200405-12.xml
www.ciac.org/ciac/bulletins/o-147.shtml
www.debian.org/security/2004/dsa-505
www.kb.cert.org/vuls/id/192038
www.mandriva.com/security/advisories?name=MDKSA-2004:048
www.osvdb.org/6305
www.redhat.com/support/errata/RHSA-2004-190.html
www.securityfocus.com/bid/10384
www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.395865
www.us-cert.gov/cas/techalerts/TA04-147A.html
exchange.xforce.ibmcloud.com/vulnerabilities/16193
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9058
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A970
Related
