Lucene search

MitreCVELIST:CVE-2004-0180

HistoryApr 16, 2004 - 4:00 a.m.

CVE-2004-0180

2004-04-1604:00:00

mitre

www.cve.org

6.4 Medium

AI Score

Confidence

Low

0.011 Low

EPSS

Percentile

84.5%

JSON

The client for CVS before 1.11 allows a remote malicious CVS server to create arbitrary files using certain RCS diff files that use absolute pathnames during checkouts or updates, a different vulnerability than CVE-2004-0405.

References

ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:07.cvs.asc

ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.5/common/002_cvs.patch

ftp://patches.sgi.com/support/free/security/advisories/20040404-01-U.asc

marc.info/?l=bugtraq&m=108636445031613&w=2

secunia.com/advisories/11368

secunia.com/advisories/11371

secunia.com/advisories/11374

secunia.com/advisories/11375

secunia.com/advisories/11377

secunia.com/advisories/11380

secunia.com/advisories/11391

secunia.com/advisories/11400

secunia.com/advisories/11405

secunia.com/advisories/11548

security.gentoo.org/glsa/glsa-200404-13.xml

www.debian.org/security/2004/dsa-486

www.mandriva.com/security/advisories?name=MDKSA-2004:028

www.redhat.com/support/errata/RHSA-2004-153.html

www.redhat.com/support/errata/RHSA-2004-154.html

www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.400181

exchange.xforce.ibmcloud.com/vulnerabilities/15864

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1042

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9462