Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2004-0396HistoryJun 14, 2004 - 4:00 a.m.
CVE-2004-0396
2004-06-1404:00:00
Debian Security Bug Tracker
security-tracker.debian.org
14
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.97 High
EPSS
Percentile
99.7%
Heap-based buffer overflow in CVS 1.11.x up to 1.11.15, and 1.12.x up to 1.12.7, when using the pserver mechanism allows remote attackers to execute arbitrary code via Entry lines.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | cvs | < 1:1.12.5-6 | cvs_1:1.12.5-6_all.deb |
| Debian | 11 | all | cvs | < 1:1.12.5-6 | cvs_1:1.12.5-6_all.deb |
| Debian | 10 | all | cvs | < 1:1.12.5-6 | cvs_1:1.12.5-6_all.deb |
| Debian | 999 | all | cvs | < 1:1.12.5-6 | cvs_1:1.12.5-6_all.deb |
| Debian | 13 | all | cvs | < 1:1.12.5-6 | cvs_1:1.12.5-6_all.deb |
Related
osv
osv
cvs - heap overflow
2004-05-19 00:00:00
securityvulns
securityvulns
Advisory 07/2004: CVS remote vulnerability
2004-05-19 00:00:00
nessus
nessus
Fedora Core 2 : cvs-1.11.15-6 (2004-131)
2004-07-23 00:00:00
GLSA-200405-12 : CVS heap overflow vulnerability
2004-08-30 00:00:00
CVS pserver Line Entry Handling Overflow
2004-05-19 00:00:00
openvas
openvas
Debian Security Advisory DSA 505-1 (cvs)
2008-01-17 00:00:00
FreeBSD Security Advisory (FreeBSD-SA-04:10.cvs.asc)
2008-09-04 00:00:00
Slackware Advisory SSA:2004-140-01 cvs
2012-09-11 00:00:00
debian
debian
[SECURITY] [DSA 505-1] New cvs packages fix remote exploit
2004-05-19 08:58:27
[SECURITY] [DSA 505-1] New cvs packages fix remote exploit
2004-05-19 08:58:27
ubuntucve
ubuntucve
CVE-2004-0396
2004-06-14 00:00:00
canvas
canvas
Immunity Canvas: PSERVERD
2004-06-14 04:00:00
checkpoint_advisories
checkpoint_advisories
CVS Entry Line Flag Remote Heap Overflow - Ver2 (CVE-2004-0396)
2014-12-28 00:00:00
CVS Entry Line Flag Remote Heap Overflow - Ver2 (CVE-2004-0396)
2014-12-28 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 5 package cvs version 1.11.15-alt2
2004-05-10 00:00:00
slackware
slackware
cvs
2004-05-19 19:14:49
freebsd
freebsd
cvs pserver remote heap buffer overflow
2004-05-02 00:00:00
redhat
redhat
(RHSA-2004:190) cvs security update
2004-05-19 00:00:00
cve
cve
CVE-2004-0396
2004-06-14 04:00:00
cert
cert
CVS contains a heap overflow in the handling of flag insertion
2004-05-19 00:00:00
gentoo
gentoo
CVS heap overflow vulnerability
2004-05-20 00:00:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-04:10.cvs
2004-05-19 00:00:00
suse
suse
remote command execution in cvs
2004-05-19 11:10:20
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.97 High
EPSS
Percentile
99.7%
Related for DEBIANCVE:CVE-2004-0396