Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2004-0414HistoryAug 06, 2004 - 4:00 a.m.
CVE-2004-0414
2004-08-0604:00:00
Debian Security Bug Tracker
security-tracker.debian.org
9
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.016 Low
EPSS
Percentile
87.6%
CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle malformed “Entry” lines, which prevents a NULL terminator from being used and may lead to a denial of service (crash), modification of critical program data, or arbitrary code execution.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | cvs | < 1:1.12.9-1 | cvs_1:1.12.9-1_all.deb |
| Debian | 11 | all | cvs | < 1:1.12.9-1 | cvs_1:1.12.9-1_all.deb |
| Debian | 999 | all | cvs | < 1:1.12.9-1 | cvs_1:1.12.9-1_all.deb |
| Debian | 13 | all | cvs | < 1:1.12.9-1 | cvs_1:1.12.9-1_all.deb |
Related
ubuntucve
ubuntucve
CVE-2004-0414
2004-08-06 00:00:00
cve
cve
CVE-2004-0414
2004-08-06 04:00:00
nvd
nvd
CVE-2004-0414
2004-08-06 04:00:00
openvas
openvas
Debian Security Advisory DSA 517-1 (cvs)
2008-01-17 00:00:00
Debian Security Advisory DSA 517-1 (cvs)
2008-01-17 00:00:00
CVS malformed entry lines flaw
2005-11-03 00:00:00
cvelist
cvelist
CVE-2004-0414
2004-06-11 04:00:00
altlinux
altlinux
Security fix for the ALT Linux 5 package cvs version 1.11.15-alt3
2004-05-25 00:00:00
Security fix for the ALT Linux 5 package cvs version 1.11.15-alt4
2004-06-08 00:00:00
debian
debian
[SECURITY] [DSA 517-1] New CVS packages fix buffer overflow
2004-06-10 10:00:39
[SECURITY] [DSA 517-1] New CVS packages fix buffer overflow
2004-06-10 10:00:39
osv
osv
cvs - buffer overflow
2004-06-10 00:00:00
nessus
nessus
GLSA-200406-06 : CVS: additional DoS and arbitrary code execution vulnerabilities
2004-08-30 00:00:00
Slackware 8.1 / 9.0 / 9.1 / current : cvs (SSA:2004-161-01)
2005-07-13 00:00:00
Mandrake Linux Security Advisory : cvs (MDKSA-2004:058)
2004-07-31 00:00:00
securityvulns
securityvulns
[Full-Disclosure] Advisory 09/2004: More CVS remote vulnerabilities
2004-06-09 00:00:00
gentoo
gentoo
CVS: additional DoS and arbitrary code execution vulnerabilities
2004-06-10 00:00:00
slackware
slackware
cvs
2004-06-09 14:05:46
redhat
redhat
(RHSA-2004:233) cvs security update
2004-06-09 00:00:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-04:14.cvs
2004-09-19 00:00:00
freebsd
freebsd
cvs -- numerous vulnerabilities
2004-05-20 00:00:00
suse
suse
remote command execution in cvs
2004-06-09 13:52:11
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.016 Low
EPSS
Percentile
87.6%
Related for DEBIANCVE:CVE-2004-0414