Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2004-0915
HistoryJan 10, 2005 - 5:00 a.m.

CVE-2004-0915

2005-01-1005:00:00
[email protected]
web.nvd.nist.gov
5

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.8

Confidence

Low

EPSS

0.003

Percentile

66.2%

JSON

Multiple unknown vulnerabilities in viewcvs before 0.9.2, when exporting a repository as a tar archive, does not properly implement the hide_cvsroot and forbidden settings, which could allow remote attackers to gain sensitive information.

Affected configurations

Nvd
Node
viewcvsviewcvsMatch0.9.2
Node
debiandebian_linuxMatch3.0
OR
debiandebian_linuxMatch3.0alpha
OR
debiandebian_linuxMatch3.0arm
OR
debiandebian_linuxMatch3.0hppa
OR
debiandebian_linuxMatch3.0ia-32
OR
debiandebian_linuxMatch3.0ia-64
OR
debiandebian_linuxMatch3.0m68k
OR
debiandebian_linuxMatch3.0mips
OR
debiandebian_linuxMatch3.0mipsel
OR
debiandebian_linuxMatch3.0ppc
OR
debiandebian_linuxMatch3.0s-390
OR
debiandebian_linuxMatch3.0sparc
VendorProductVersionCPE
viewcvsviewcvs0.9.2cpe:2.3:a:viewcvs:viewcvs:0.9.2:*:*:*:*:*:*:*
debiandebian_linux3.0cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*
debiandebian_linux3.0cpe:2.3:o:debian:debian_linux:3.0:*:alpha:*:*:*:*:*
debiandebian_linux3.0cpe:2.3:o:debian:debian_linux:3.0:*:arm:*:*:*:*:*
debiandebian_linux3.0cpe:2.3:o:debian:debian_linux:3.0:*:hppa:*:*:*:*:*
debiandebian_linux3.0cpe:2.3:o:debian:debian_linux:3.0:*:ia-32:*:*:*:*:*
debiandebian_linux3.0cpe:2.3:o:debian:debian_linux:3.0:*:ia-64:*:*:*:*:*
debiandebian_linux3.0cpe:2.3:o:debian:debian_linux:3.0:*:m68k:*:*:*:*:*
debiandebian_linux3.0cpe:2.3:o:debian:debian_linux:3.0:*:mips:*:*:*:*:*
debiandebian_linux3.0cpe:2.3:o:debian:debian_linux:3.0:*:mipsel:*:*:*:*:*
Rows per page:
1-10 of 131

Related

nessus 3
freebsd 1
openvas 6
debian 2
ubuntucve 1
securityvulns 1
cvelist 1
cve 1
osv 1
gentoo 1
nessus
nessus
Debian DSA-605-1 : viewcvs - settings not honored
2004-12-06 00:00:00
FreeBSD : viewcvs -- information leakage (323784cf-48a6-11d9-a9e7-0001020eed82)
2005-07-13 00:00:00
GLSA-200412-26 : ViewCVS: Information leak and XSS vulnerabilities
2004-12-28 00:00:00
freebsd
freebsd
viewcvs -- information leakage
2004-11-25 00:00:00
openvas
openvas
FreeBSD Ports: viewcvs
2008-09-04 00:00:00
Debian Security Advisory DSA 605-1 (viewcvs)
2008-01-17 00:00:00
FreeBSD Ports: viewcvs
2008-09-04 00:00:00
debian
debian
[SECURITY] [DSA 605-1] New viewcvs packages fix information leak
2004-12-06 10:18:18
[SECURITY] [DSA 605-1] New viewcvs packages fix information leak
2004-12-06 10:18:18
ubuntucve
ubuntucve
CVE-2004-0915
2005-01-10 00:00:00
securityvulns
securityvulns
[Full-Disclosure] [SECURITY] [DSA 605-1] New viewcvs packages fix information leak
2004-12-06 00:00:00
cvelist
cvelist
CVE-2004-0915
2004-12-10 05:00:00
cve
cve
CVE-2004-0915
2005-01-10 05:00:00
osv
osv
viewcvs - settings not honored
2004-12-06 00:00:00
gentoo
gentoo
ViewCVS: Information leak and XSS vulnerabilities
2004-12-28 00:00:00

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.8

Confidence

Low

EPSS

0.003

Percentile

66.2%

JSON
Related for NVD:CVE-2004-0915
nessus3freebsd1openvas6debian2ubuntucve1securityvulns1cvelist1cve1osv1gentoo1