31 matches found
security flaw
Buffer overflow in CVS before 1.11.20 allows remote attackers to execute arbitrary code...
DEBIAN-CVE-2005-0753
Buffer overflow in CVS before 1.11.20 allows remote attackers to execute arbitrary code...
DEBIAN-CVE-2004-1343
CVS 1.12 and earlier on Debian GNU/Linux does not properly handle when a mapping for the current repository does not exist in the cvs-repouids file, which allows remote attackers to cause a denial of service server crash...
DEBIAN-CVE-2004-1471
Format string vulnerability in wrapper.c in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16 allows remote attackers with CVSROOT commit access to cause a denial of service application crash and possibly execute arbitrary code via format string specifiers in a wrapper line...
PT-2004-1852 · Cvs · Cvs
Name of the Vulnerable Software and Affected Versions: CVS versions 1.11.x through 1.11.16 CVS versions 1.12.x through 1.12.8 Description: The issue allows remote attackers to determine the existence of arbitrary files and directories. This is achieved via the -X command for an alternate history...
security flaw
Double free vulnerability for the errorprogname string in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to execute arbitrary code...
DEBIAN-CVE-2004-0405
CVS before 1.11 allows CVS clients to read arbitrary files via .. dot dot sequences in filenames via CVS client requests, a different vulnerability than CVE-2004-0180...
DEBIAN-CVE-2004-0180
The client for CVS before 1.11 allows a remote malicious CVS server to create arbitrary files using certain RCS diff files that use absolute pathnames during checkouts or updates, a different vulnerability than CVE-2004-0405...
security flaw
The client for CVS before 1.11 allows a remote malicious CVS server to create arbitrary files using certain RCS diff files that use absolute pathnames during checkouts or updates, a different vulnerability than CVE-2004-0405...
security flaw
CVS server before 1.11.10 may allow attackers to cause the CVS server to create directories and files in the file system root directory via malformed module requests...
DEBIAN-CVE-2003-0977
CVS server before 1.11.10 may allow attackers to cause the CVS server to create directories and files in the file system root directory via malformed module requests...