FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2004-0396

This CVE name corresponds to:

Entered Topic
2004-05-19 cvs pserver remote heap buffer overflow

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2004-0396 at cve.mitre.org

Details

Type Candidate
Name CVE-2004-0396
Phase Assigned(20040413)

Description

Heap-based buffer overflow in CVS 1.11.x up to 1.11.15, and 1.12.x up to 1.12.7, when using the pserver mechanism allows remote attackers to execute arbitrary code via Entry lines.

References

Source Reference
BUGTRAQ 20040519 Advisory 07/2004: CVS remote vulnerability
FULLDISC 20040519 Advisory 07/2004: CVS remote vulnerability
MISC http://security.e-matters.de/advisories/072004.html
CERT TA04-147A
CERT-VN VU#192038
OPENBSD 20040520 cvs server buffer overflow vulnerability
DEBIAN DSA-505
FEDORA FEDORA-2004-1620
FREEBSD FreeBSD-SA-04:10
GENTOO GLSA-200405-12
MANDRAKE MDKSA-2004:048
NETBSD NetBSD-SA2004-008
REDHAT RHSA-2004:190
SLACKWARE SSA:2004-140-01
SUSE SuSE-SA:2004:013
BUGTRAQ 20040519 Advisory 07/2004: CVS remote vulnerability
BUGTRAQ 20040519 [OpenPKG-SA-2004.022] OpenPKG Security Advisory (cvs)
CIAC O-147
BID 10384
OVAL oval:org.mitre.oval:def:9058
SECUNIA 11641
SECUNIA 11647
SECUNIA 11651
SECUNIA 11652
SECUNIA 11674
OSVDB 6305
OVAL oval:org.mitre.oval:def:970
XF cvs-entry-line-bo(16193)

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.