Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2004-0418HistoryAug 06, 2004 - 4:00 a.m.
CVE-2004-0418
2004-08-0604:00:00
Debian Security Bug Tracker
security-tracker.debian.org
11
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.761 High
EPSS
Percentile
98.2%
serve_notify in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle empty data lines, which may allow remote attackers to perform an “out-of-bounds” write for a single byte to execute arbitrary code or modify critical program data.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | cvs | < 1:1.12.9-1 | cvs_1:1.12.9-1_all.deb |
| Debian | 11 | all | cvs | < 1:1.12.9-1 | cvs_1:1.12.9-1_all.deb |
| Debian | 999 | all | cvs | < 1:1.12.9-1 | cvs_1:1.12.9-1_all.deb |
| Debian | 13 | all | cvs | < 1:1.12.9-1 | cvs_1:1.12.9-1_all.deb |
Related
cve
cve
CVE-2004-0418
2004-08-06 04:00:00
ubuntucve
ubuntucve
CVE-2004-0418
2004-08-06 00:00:00
nvd
nvd
CVE-2004-0418
2004-08-06 04:00:00
cvelist
cvelist
CVE-2004-0418
2004-06-11 04:00:00
openvas
openvas
Debian Security Advisory DSA 519-1 (cvs)
2008-01-17 00:00:00
Debian: Security Advisory (DSA-519)
2008-01-17 00:00:00
CVS malformed entry lines flaw
2005-11-03 00:00:00
debian
debian
osv
osv
cvs - several vulnerabilities
2004-06-15 00:00:00
nessus
nessus
Debian DSA-517-1 : cvs - buffer overflow
2004-09-29 00:00:00
Fedora Core 2 : cvs-1.11.17-2 (2004-170)
2004-07-23 00:00:00
Slackware 8.1 / 9.0 / 9.1 / current : cvs (SSA:2004-161-01)
2005-07-13 00:00:00
gentoo
gentoo
CVS: additional DoS and arbitrary code execution vulnerabilities
2004-06-10 00:00:00
slackware
slackware
cvs
2004-06-09 14:05:46
securityvulns
securityvulns
[Full-Disclosure] Advisory 09/2004: More CVS remote vulnerabilities
2004-06-09 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 5 package cvs version 1.11.15-alt4
2004-06-08 00:00:00
freebsd
freebsd
cvs -- numerous vulnerabilities
2004-05-20 00:00:00
redhat
redhat
(RHSA-2004:233) cvs security update
2004-06-09 00:00:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-04:14.cvs
2004-09-19 00:00:00
suse
suse
remote command execution in cvs
2004-06-09 13:52:11
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.761 High
EPSS
Percentile
98.2%
Related for DEBIANCVE:CVE-2004-0418