Immunity Canvas: PSERVERD

2004-06-14T00:00:00
ID PSERVERD
Type canvas
Reporter Immunity Canvas
Modified 2004-06-14T00:00:00

Description

Name| pserverd
---|---
CVE| CVE-2004-0396
Exploit Pack| CANVAS
Description| CVS pserverd
Notes| CVE Name: CVE-2004-0396
VENDOR: nongnu.org
Notes:
This overflow impacts CVS feature versions 1.12.7 and earlier, and
stable versions
1.11.15 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0396).

ab note: cvsd running as root setuid's to login user .. so if you add a
root:cryptpass combo to the CVSROOT/passwd file .. then re-own for the
root user .. will get you a root shell. \o/

Date public: 03/2004
CERT Advisory:
CVE Url: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0396
CVSS: 7.5