Vulnerabilites related to cvs - cvs
Vulnerability from fkie_nvd
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | http://www.securityfocus.com/bid/1523 | Exploit, Vendor Advisory | |
cve@mitre.org | http://www.securityfocus.com/frames/?content=/templates/archive.pike%3Flist%3D1%26msg%3Dhvou2daoebb.fsf%40serein.m17n.org | Exploit, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/1523 | Exploit, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/frames/?content=/templates/archive.pike%3Flist%3D1%26msg%3Dhvou2daoebb.fsf%40serein.m17n.org | Exploit, Vendor Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cvs:cvs:1.10.8:*:*:*:*:*:*:*", matchCriteriaId: "62135DD0-140D-42C2-9302-31B5E2DE1A4A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The CVS 1.10.8 client trusts pathnames that are provided by the CVS server, which allows the server to force the client to create arbitrary files.", }, ], id: "CVE-2000-0679", lastModified: "2024-11-20T23:33:02.963", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2000-10-20T04:00:00.000", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Vendor Advisory", ], url: "http://www.securityfocus.com/bid/1523", }, { source: "cve@mitre.org", tags: [ "Exploit", "Vendor Advisory", ], url: "http://www.securityfocus.com/frames/?content=/templates/archive.pike%3Flist%3D1%26msg%3Dhvou2daoebb.fsf%40serein.m17n.org", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Vendor Advisory", ], url: "http://www.securityfocus.com/bid/1523", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Vendor Advisory", ], url: "http://www.securityfocus.com/frames/?content=/templates/archive.pike%3Flist%3D1%26msg%3Dhvou2daoebb.fsf%40serein.m17n.org", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
cvs | cvs | 1.10.7 | |
cvs | cvs | 1.10.8 | |
cvs | cvs | 1.11 | |
cvs | cvs | 1.11.1 | |
cvs | cvs | 1.11.1_p1 | |
cvs | cvs | 1.11.2 | |
cvs | cvs | 1.11.3 | |
cvs | cvs | 1.11.4 | |
cvs | cvs | 1.11.5 | |
cvs | cvs | 1.11.6 | |
cvs | cvs | 1.11.10 | |
cvs | cvs | 1.11.11 | |
cvs | cvs | 1.11.14 | |
cvs | cvs | 1.11.15 | |
cvs | cvs | 1.11.16 | |
cvs | cvs | 1.12.1 | |
cvs | cvs | 1.12.2 | |
cvs | cvs | 1.12.5 | |
cvs | cvs | 1.12.7 | |
cvs | cvs | 1.12.8 | |
openpkg | openpkg | * | |
openpkg | openpkg | 1.3 | |
openpkg | openpkg | 2.0 | |
sgi | propack | 2.4 | |
sgi | propack | 3.0 | |
gentoo | linux | 1.4 | |
openbsd | openbsd | * | |
openbsd | openbsd | 3.4 | |
openbsd | openbsd | 3.5 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cvs:cvs:1.10.7:*:*:*:*:*:*:*", matchCriteriaId: "C9F7CA6E-7D45-46C9-A437-0D0C4D3F25CC", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.10.8:*:*:*:*:*:*:*", matchCriteriaId: "62135DD0-140D-42C2-9302-31B5E2DE1A4A", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11:*:*:*:*:*:*:*", matchCriteriaId: "D92B456C-5F8E-4DC2-940C-AE06B42DD3A9", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.1:*:*:*:*:*:*:*", matchCriteriaId: "37B53C85-AA0E-40DD-B477-058586197714", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.1_p1:*:*:*:*:*:*:*", matchCriteriaId: "D1D1234F-1BB0-432B-B7B7-A97E3ADD5561", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.2:*:*:*:*:*:*:*", matchCriteriaId: "6D472B97-F7C2-4973-9D71-AB3CF1F8774D", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.3:*:*:*:*:*:*:*", matchCriteriaId: "9D0DCF26-59A8-46AC-99D7-97C203A0D702", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.4:*:*:*:*:*:*:*", matchCriteriaId: "B31BAACA-7518-48D2-ADEE-F59F4569D3BF", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.5:*:*:*:*:*:*:*", matchCriteriaId: "9D2748A8-5047-4338-A08E-986497AE4B1C", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.6:*:*:*:*:*:*:*", matchCriteriaId: "525C4E91-2186-4D3A-9DF0-1C6A75A3F919", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.10:*:*:*:*:*:*:*", matchCriteriaId: "EB231E7F-1A6F-4A79-8ED2-F6CAD311A5A6", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.11:*:*:*:*:*:*:*", matchCriteriaId: "FF7105E4-25F8-4AE3-9EDD-D44BF3E17145", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.14:*:*:*:*:*:*:*", matchCriteriaId: "7C22BAF3-7B9C-4B2E-B5C6-1F37B896C301", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.15:*:*:*:*:*:*:*", matchCriteriaId: "4AFFAE96-873A-4253-BCC7-1049DA81D9CA", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.16:*:*:*:*:*:*:*", matchCriteriaId: "D1163535-583A-4504-BE7B-8919143CDF9F", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.12.1:*:*:*:*:*:*:*", matchCriteriaId: "766053F7-A174-4716-BF49-76B50FC79FD8", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.12.2:*:*:*:*:*:*:*", matchCriteriaId: "C7D2623F-167A-4976-B757-DAC4CCFAFE64", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.12.5:*:*:*:*:*:*:*", matchCriteriaId: "FAEC4477-D040-450E-A850-8B03C937A600", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.12.7:*:*:*:*:*:*:*", matchCriteriaId: "2848AA51-9AF1-448D-955F-50B5203F7229", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.12.8:*:*:*:*:*:*:*", matchCriteriaId: "7B66BE64-E340-4777-B877-483FEAA66988", vulnerable: true, }, { criteria: "cpe:2.3:a:openpkg:openpkg:*:*:*:*:*:*:*:*", matchCriteriaId: "F74941A0-97CA-44D4-B55B-9224F051D40F", vulnerable: true, }, { criteria: "cpe:2.3:a:openpkg:openpkg:1.3:*:*:*:*:*:*:*", matchCriteriaId: "46B96764-9241-4586-9FA5-77D8D8EBE3BD", vulnerable: true, }, { criteria: "cpe:2.3:a:openpkg:openpkg:2.0:*:*:*:*:*:*:*", matchCriteriaId: "48A4B336-2D5B-4D9B-AA87-E5266FED05BD", vulnerable: true, }, { criteria: "cpe:2.3:a:sgi:propack:2.4:*:*:*:*:*:*:*", matchCriteriaId: "0702A32E-E577-403C-B4D9-15037D7100A5", vulnerable: true, }, { criteria: "cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*", matchCriteriaId: "29DC217F-C257-4A3C-9CBD-08010C30BEC3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:gentoo:linux:1.4:*:*:*:*:*:*:*", matchCriteriaId: "65ED9D8C-604D-4B0B-A192-C0DA4D2E9AEB", vulnerable: true, }, { criteria: "cpe:2.3:o:openbsd:openbsd:*:*:*:*:*:*:*:*", matchCriteriaId: "CA3CDD3C-DBA6-4BA2-967D-AD746822F3CF", vulnerable: true, }, { criteria: "cpe:2.3:o:openbsd:openbsd:3.4:*:*:*:*:*:*:*", matchCriteriaId: "9496279F-AB43-4B53-81A6-87C651ABC4BA", vulnerable: true, }, { criteria: "cpe:2.3:o:openbsd:openbsd:3.5:*:*:*:*:*:*:*", matchCriteriaId: "BDA160D4-5CAB-44E7-880A-59DD98FEAD62", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Double free vulnerability for the error_prog_name string in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to execute arbitrary code.", }, { lang: "es", value: "Vulnerabilidad de doble liberación en la cadena error_prog_name en CVS 1.12.x a 1.12.8, y 1.11.x a 1.11.16, puede permitir a atacantes remotos ejecutar código arbitrario.", }, ], id: "CVE-2004-0416", lastModified: "2024-11-20T23:48:32.687", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 10, obtainAllPrivilege: true, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2004-08-06T04:00:00.000", references: [ { source: "cve@mitre.org", url: "ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc", }, { source: "cve@mitre.org", url: "ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc", }, { source: "cve@mitre.org", url: "http://lists.grok.org.uk/pipermail/full-disclosure/2004-June/022441.html", }, { source: "cve@mitre.org", url: "http://marc.info/?l=bugtraq&m=108716553923643&w=2", }, { source: "cve@mitre.org", url: "http://security.e-matters.de/advisories/092004.html", }, { source: "cve@mitre.org", url: "http://security.gentoo.org/glsa/glsa-200406-06.xml", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.debian.org/security/2004/dsa-519", }, { source: "cve@mitre.org", url: "http://www.mandriva.com/security/advisories?name=MDKSA-2004:058", }, { source: "cve@mitre.org", url: "http://www.redhat.com/support/errata/RHSA-2004-233.html", }, { source: "cve@mitre.org", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10070", }, { source: "cve@mitre.org", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A994", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.grok.org.uk/pipermail/full-disclosure/2004-June/022441.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://marc.info/?l=bugtraq&m=108716553923643&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://security.e-matters.de/advisories/092004.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://security.gentoo.org/glsa/glsa-200406-06.xml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.debian.org/security/2004/dsa-519", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.mandriva.com/security/advisories?name=MDKSA-2004:058", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.redhat.com/support/errata/RHSA-2004-233.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10070", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A994", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cvs:cvs:1.10.7:*:*:*:*:*:*:*", matchCriteriaId: "C9F7CA6E-7D45-46C9-A437-0D0C4D3F25CC", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.10.8:*:*:*:*:*:*:*", matchCriteriaId: "62135DD0-140D-42C2-9302-31B5E2DE1A4A", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11:*:*:*:*:*:*:*", matchCriteriaId: "D92B456C-5F8E-4DC2-940C-AE06B42DD3A9", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.1:*:*:*:*:*:*:*", matchCriteriaId: "37B53C85-AA0E-40DD-B477-058586197714", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.1_p1:*:*:*:*:*:*:*", matchCriteriaId: "D1D1234F-1BB0-432B-B7B7-A97E3ADD5561", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.2:*:*:*:*:*:*:*", matchCriteriaId: "6D472B97-F7C2-4973-9D71-AB3CF1F8774D", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.3:*:*:*:*:*:*:*", matchCriteriaId: "9D0DCF26-59A8-46AC-99D7-97C203A0D702", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.4:*:*:*:*:*:*:*", matchCriteriaId: "B31BAACA-7518-48D2-ADEE-F59F4569D3BF", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.5:*:*:*:*:*:*:*", matchCriteriaId: "9D2748A8-5047-4338-A08E-986497AE4B1C", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.6:*:*:*:*:*:*:*", matchCriteriaId: "525C4E91-2186-4D3A-9DF0-1C6A75A3F919", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.10:*:*:*:*:*:*:*", matchCriteriaId: "EB231E7F-1A6F-4A79-8ED2-F6CAD311A5A6", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.11:*:*:*:*:*:*:*", matchCriteriaId: "FF7105E4-25F8-4AE3-9EDD-D44BF3E17145", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.14:*:*:*:*:*:*:*", matchCriteriaId: "7C22BAF3-7B9C-4B2E-B5C6-1F37B896C301", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.15:*:*:*:*:*:*:*", matchCriteriaId: "4AFFAE96-873A-4253-BCC7-1049DA81D9CA", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.16:*:*:*:*:*:*:*", matchCriteriaId: "D1163535-583A-4504-BE7B-8919143CDF9F", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.12.1:*:*:*:*:*:*:*", matchCriteriaId: "766053F7-A174-4716-BF49-76B50FC79FD8", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.12.2:*:*:*:*:*:*:*", matchCriteriaId: "C7D2623F-167A-4976-B757-DAC4CCFAFE64", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.12.5:*:*:*:*:*:*:*", matchCriteriaId: "FAEC4477-D040-450E-A850-8B03C937A600", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.12.7:*:*:*:*:*:*:*", matchCriteriaId: "2848AA51-9AF1-448D-955F-50B5203F7229", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.12.8:*:*:*:*:*:*:*", matchCriteriaId: "7B66BE64-E340-4777-B877-483FEAA66988", vulnerable: true, }, { criteria: "cpe:2.3:a:openpkg:openpkg:1.3:*:*:*:*:*:*:*", matchCriteriaId: "46B96764-9241-4586-9FA5-77D8D8EBE3BD", vulnerable: true, }, { criteria: "cpe:2.3:a:openpkg:openpkg:2.0:*:*:*:*:*:*:*", matchCriteriaId: "48A4B336-2D5B-4D9B-AA87-E5266FED05BD", vulnerable: true, }, { criteria: "cpe:2.3:a:openpkg:openpkg:current:*:*:*:*:*:*:*", matchCriteriaId: "D342447B-5233-45FD-B1CF-8D84921402AD", vulnerable: true, }, { criteria: "cpe:2.3:a:sgi:propack:2.4:*:*:*:*:*:*:*", matchCriteriaId: "0702A32E-E577-403C-B4D9-15037D7100A5", vulnerable: true, }, { criteria: "cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*", matchCriteriaId: "29DC217F-C257-4A3C-9CBD-08010C30BEC3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:freebsd:freebsd:1.1.5.1:*:*:*:*:*:*:*", matchCriteriaId: "C496B665-70DA-4B98-A5D1-E2935C0CE840", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:2.0:*:*:*:*:*:*:*", matchCriteriaId: "F1F098C1-D09E-49B4-9B51-E84B6C4EA6CD", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:2.0.5:*:*:*:*:*:*:*", matchCriteriaId: "34797660-41F5-4358-B70F-2A40DE48F182", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:2.1.0:*:*:*:*:*:*:*", matchCriteriaId: "27C9E23D-AB82-4AE1-873E-C5493BB96AA1", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:2.1.5:*:*:*:*:*:*:*", matchCriteriaId: "4054D69F-596F-4EB4-BE9A-E2478343F55A", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:2.1.6:*:*:*:*:*:*:*", matchCriteriaId: "CA26ABBE-9973-45FA-9E9B-82170B751219", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:2.1.6.1:*:*:*:*:*:*:*", matchCriteriaId: "7891202C-62AF-4590-9E5F-3514FDA2B38E", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:2.1.7.1:*:*:*:*:*:*:*", matchCriteriaId: "BF8F9B2F-E898-4F87-A245-32A41748587B", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:2.2:*:*:*:*:*:*:*", matchCriteriaId: "183667CA-6DF1-4BFB-AE32-9ABF55B7283A", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:2.2.2:*:*:*:*:*:*:*", matchCriteriaId: "EBDDEC3F-52EB-4E1E-84C4-B472600059EC", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:2.2.3:*:*:*:*:*:*:*", matchCriteriaId: "B58E02AE-38B4-466E-BF73-2F0B80AF7BA5", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:2.2.4:*:*:*:*:*:*:*", matchCriteriaId: "3928D5CF-6FC0-434C-8A80-ABDBF346C2C9", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:2.2.5:*:*:*:*:*:*:*", matchCriteriaId: "314BA420-4C74-4060-8ACE-D7A7C041CF2B", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:2.2.6:*:*:*:*:*:*:*", matchCriteriaId: "2EAD7613-A5B3-4621-B981-290C7C6B8BA0", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:2.2.8:*:*:*:*:*:*:*", matchCriteriaId: "D1CA3337-9BEE-49C5-9EDE-8CDBE5580537", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:3.0:*:*:*:*:*:*:*", matchCriteriaId: "EE38C50A-81FE-412E-9717-3672FAE6A6F4", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:3.0:releng:*:*:*:*:*:*", matchCriteriaId: "A0A3F7B6-2878-40C0-B59C-EBA8D171D2F7", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:3.1:*:*:*:*:*:*:*", matchCriteriaId: "263F3734-7076-4EA8-B4C0-F37CFC4E979E", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:3.2:*:*:*:*:*:*:*", matchCriteriaId: "0419DD66-FF66-48BC-AD3B-F6AFD0551E36", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:3.3:*:*:*:*:*:*:*", matchCriteriaId: "C3518628-08E5-4AD7-AAF6-A4E38F1CDE2C", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:3.4:*:*:*:*:*:*:*", matchCriteriaId: "B982342C-1981-4C55-8044-AFE4D87623DF", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:3.5:*:*:*:*:*:*:*", matchCriteriaId: "47E02BE6-4800-4940-B269-385B66AC5077", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:3.5:stable:*:*:*:*:*:*", matchCriteriaId: "0EB09993-B837-4352-B09D-3656F62638A8", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:3.5.1:*:*:*:*:*:*:*", matchCriteriaId: "7C283AD7-1C58-4CE8-A6CD-502FFE0B18BB", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:3.5.1:release:*:*:*:*:*:*", matchCriteriaId: "0361EA35-FBD7-4E8F-8625-C8100ED7BB7C", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:3.5.1:stable:*:*:*:*:*:*", matchCriteriaId: "29EAA113-2404-4ABB-826B-3AA2AA858D02", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.0:*:*:*:*:*:*:*", matchCriteriaId: "D0A585A1-FF82-418F-90F8-072458DB7816", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.0:alpha:*:*:*:*:*:*", matchCriteriaId: "E3F7EB61-55A5-4776-B0E7-3508920A6CEA", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.0:releng:*:*:*:*:*:*", matchCriteriaId: "A442DE97-4485-4D95-B95D-58947585E455", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.1:*:*:*:*:*:*:*", matchCriteriaId: "AE31DFF8-06AB-489D-A0C5-509C090283B5", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.1.1:*:*:*:*:*:*:*", matchCriteriaId: "3BE1E3D8-2BB1-4FFA-9BC9-7AF347D26190", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.1.1:release:*:*:*:*:*:*", matchCriteriaId: "1E8A6564-129A-4555-A5ED-6F65C56AE7B4", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.1.1:stable:*:*:*:*:*:*", matchCriteriaId: "237174A4-E030-4A0B-AD0B-5C463603EAA4", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.2:*:*:*:*:*:*:*", matchCriteriaId: "DF49BF03-C25E-4737-84D5-892895C86C58", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.2:stable:*:*:*:*:*:*", matchCriteriaId: "5D7F8F11-1869-40E2-8478-28B4E946D3CC", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.3:*:*:*:*:*:*:*", matchCriteriaId: "D2019E0E-426B-43AF-8904-1B811AE171E8", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.3:release:*:*:*:*:*:*", matchCriteriaId: "9062BAB5-D437-49BE-A384-39F62434B70B", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.3:release_p38:*:*:*:*:*:*", matchCriteriaId: "3BA1504C-14FE-4C21-A801-944041F2946F", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.3:releng:*:*:*:*:*:*", matchCriteriaId: "21B69535-4FB6-4FAD-AAA6-C790FF82EFAF", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.3:stable:*:*:*:*:*:*", matchCriteriaId: "6E53C673-9D6D-42C8-A502-033E1FC28D97", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.4:*:*:*:*:*:*:*", matchCriteriaId: "55C5FC1A-1253-4390-A4FC-573BB14EA937", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.4:release_p42:*:*:*:*:*:*", matchCriteriaId: "6F4AC452-6042-409D-8673-ACAD108EE3B5", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.4:releng:*:*:*:*:*:*", matchCriteriaId: "2FE1009B-371A-48E2-A456-935A1F0B7D0D", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.4:stable:*:*:*:*:*:*", matchCriteriaId: "C844A170-B5A7-4703-AF3B-67366D44EA8B", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.5:*:*:*:*:*:*:*", matchCriteriaId: "44308D13-D935-4FF8-AB52-F0E115ED1AD2", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.5:release:*:*:*:*:*:*", matchCriteriaId: "3D41CB12-7894-4D25-80EC-23C56171D973", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.5:release_p32:*:*:*:*:*:*", matchCriteriaId: "9BCD9C12-EDAB-473F-9CC5-04F06B413720", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.5:releng:*:*:*:*:*:*", matchCriteriaId: "58EBC5C8-5CA8-4881-A036-179FDEBA3CA4", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.5:stable:*:*:*:*:*:*", matchCriteriaId: "09789843-6A1A-4CDB-97E8-89E82B79DDB5", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.6:*:*:*:*:*:*:*", matchCriteriaId: "9C001822-FDF8-497C-AC2C-B59A00E9ACD2", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.6:release:*:*:*:*:*:*", matchCriteriaId: "118211EF-CED7-4EB5-9669-F54C8169D4AE", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.6:release_p20:*:*:*:*:*:*", matchCriteriaId: "58288F0F-B4CE-445C-AD93-DA73E3AD6FC3", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.6:releng:*:*:*:*:*:*", matchCriteriaId: "CC96FBA9-6A65-4CC7-BE68-ADAF450ABE21", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.6:stable:*:*:*:*:*:*", matchCriteriaId: "9A405AE2-ECC4-4BB0-80DD-4736394FB217", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.6.2:*:*:*:*:*:*:*", matchCriteriaId: "4AB4AD26-6AF2-4F3A-B602-F231FAABA73E", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.7:*:*:*:*:*:*:*", matchCriteriaId: "B86C77AB-B8FF-4376-9B4E-C88417396F3D", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.7:release:*:*:*:*:*:*", matchCriteriaId: "E5612FB0-8403-4A7E-B89A-D7BDFAC00078", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.7:release_p17:*:*:*:*:*:*", matchCriteriaId: "FA699BB4-94AA-40E6-A6B6-33E3D416CDA7", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.7:releng:*:*:*:*:*:*", matchCriteriaId: "AFDA151E-E614-4A24-A34D-B6D5309110CC", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.7:stable:*:*:*:*:*:*", matchCriteriaId: "A7818E11-1BEB-4DAA-BA7A-A278454BA4B3", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.8:*:*:*:*:*:*:*", matchCriteriaId: "441BE3A0-20F4-4972-B279-19B3DB5FA14D", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.8:pre-release:*:*:*:*:*:*", matchCriteriaId: "09BFA20B-2F31-4246-8F74-63DF1DB884EE", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.8:release_p6:*:*:*:*:*:*", matchCriteriaId: "5F3B4BA2-8A61-4F9A-8E46-7FA80E7F5514", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.8:releng:*:*:*:*:*:*", matchCriteriaId: "2D33C6EF-DBE1-4943-83E4-1F10670DAC6E", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.9:*:*:*:*:*:*:*", matchCriteriaId: "00EAEA17-033A-4A50-8E39-D61154876D2F", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.9:pre-release:*:*:*:*:*:*", matchCriteriaId: "4AE93D3D-34B4-47B7-A784-61F4479FF5A2", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.9:releng:*:*:*:*:*:*", matchCriteriaId: "E6288144-0CD7-45B6-B5A7-09B1DF14FBE8", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.10:*:*:*:*:*:*:*", matchCriteriaId: "9FFD9D1C-A459-47AD-BC62-15631417A32F", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.10:release:*:*:*:*:*:*", matchCriteriaId: "4ECDEC87-0132-46B6-BD9B-A94F9B669EAA", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.10:releng:*:*:*:*:*:*", matchCriteriaId: "43E84296-9B5C-4623-A2C4-431D76FC2765", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:5.0:*:*:*:*:*:*:*", matchCriteriaId: "61EBA52A-2D8B-4FB5-866E-AE67CE1842E7", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:5.0:alpha:*:*:*:*:*:*", matchCriteriaId: "3B13D898-C1B6-44B9-8432-7DDB8A380E9E", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:5.0:release_p14:*:*:*:*:*:*", matchCriteriaId: "51A612F6-E4EB-4E34-8F55-79E16C74758E", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:5.0:releng:*:*:*:*:*:*", matchCriteriaId: "5C19B266-8FE7-49ED-8678-2D522257491D", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:5.1:*:*:*:*:*:*:*", matchCriteriaId: "4EE93350-92E6-4F5C-A14C-9993CFFDBCD4", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:5.1:alpha:*:*:*:*:*:*", matchCriteriaId: "15C4D826-A419-45F5-B91C-1445DB480916", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:5.1:release:*:*:*:*:*:*", matchCriteriaId: "0D9F2B04-A1F2-4788-A53D-C8274A758DDA", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:5.1:release_p5:*:*:*:*:*:*", matchCriteriaId: "FEC7B38F-C6FB-4213-AE18-2D039A4D8E7A", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:5.1:releng:*:*:*:*:*:*", matchCriteriaId: "9A5309ED-D84F-4F52-9864-5B0FEEEE5022", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:5.2:*:*:*:*:*:*:*", matchCriteriaId: "DD7C441E-444B-4DF5-8491-86805C70FB99", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:5.2.1:release:*:*:*:*:*:*", matchCriteriaId: "C9CCE8F3-84EE-4571-8AAA-BF2D132E9BD4", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:5.2.1:releng:*:*:*:*:*:*", matchCriteriaId: "8E4BC012-ADE4-468F-9A25-261CD8055694", vulnerable: true, }, { criteria: "cpe:2.3:o:gentoo:linux:1.4:*:*:*:*:*:*:*", matchCriteriaId: "65ED9D8C-604D-4B0B-A192-C0DA4D2E9AEB", vulnerable: true, }, { criteria: "cpe:2.3:o:openbsd:openbsd:3.4:*:*:*:*:*:*:*", matchCriteriaId: "9496279F-AB43-4B53-81A6-87C651ABC4BA", vulnerable: true, }, { criteria: "cpe:2.3:o:openbsd:openbsd:3.5:*:*:*:*:*:*:*", matchCriteriaId: "BDA160D4-5CAB-44E7-880A-59DD98FEAD62", vulnerable: true, }, { criteria: "cpe:2.3:o:openbsd:openbsd:current:*:*:*:*:*:*:*", matchCriteriaId: "0370727F-1E37-4B82-8969-A2AC644632E8", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Format string vulnerability in wrapper.c in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16 allows remote attackers with CVSROOT commit access to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in a wrapper line.", }, ], evaluatorImpact: "Failed exploit attempts will likely cause a denial of service condition.", id: "CVE-2004-1471", lastModified: "2024-11-20T23:50:57.937", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "HIGH", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 7.1, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:H/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: true, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2004-12-31T05:00:00.000", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:14.cvs.asc", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://lists.grok.org.uk/pipermail/full-disclosure/2004-June/022441.html", }, { source: "cve@mitre.org", url: "http://security.e-matters.de/advisories/092004.html", }, { source: "cve@mitre.org", tags: [ "Patch", ], url: "http://www.securityfocus.com/bid/10499", }, { source: "cve@mitre.org", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/16365", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:14.cvs.asc", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://lists.grok.org.uk/pipermail/full-disclosure/2004-June/022441.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://security.e-matters.de/advisories/092004.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://www.securityfocus.com/bid/10499", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/16365", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cvs:cvs:*:*:*:*:*:*:*:*", matchCriteriaId: "3F6FCAEE-A0CB-4D8C-A160-F7A1247E9A64", versionEndIncluding: "1.10", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The client for CVS before 1.11 allows a remote malicious CVS server to create arbitrary files using certain RCS diff files that use absolute pathnames during checkouts or updates, a different vulnerability than CVE-2004-0405.", }, ], id: "CVE-2004-0180", lastModified: "2024-11-20T23:47:56.730", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "HIGH", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.6, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:H/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 4.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], }, published: "2004-06-01T04:00:00.000", references: [ { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:07.cvs.asc", }, { source: "cve@mitre.org", url: "ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.5/common/002_cvs.patch", }, { source: "cve@mitre.org", url: "ftp://patches.sgi.com/support/free/security/advisories/20040404-01-U.asc", }, { source: "cve@mitre.org", url: "http://marc.info/?l=bugtraq&m=108636445031613&w=2", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/11368", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/11371", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/11374", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/11375", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/11377", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/11380", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/11391", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/11400", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/11405", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/11548", }, { source: "cve@mitre.org", url: "http://security.gentoo.org/glsa/glsa-200404-13.xml", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.debian.org/security/2004/dsa-486", }, { source: "cve@mitre.org", url: "http://www.mandriva.com/security/advisories?name=MDKSA-2004:028", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.redhat.com/support/errata/RHSA-2004-153.html", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.redhat.com/support/errata/RHSA-2004-154.html", }, { source: "cve@mitre.org", url: "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.400181", }, { source: "cve@mitre.org", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/15864", }, { source: "cve@mitre.org", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1042", }, { source: "cve@mitre.org", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9462", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:07.cvs.asc", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.5/common/002_cvs.patch", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "ftp://patches.sgi.com/support/free/security/advisories/20040404-01-U.asc", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://marc.info/?l=bugtraq&m=108636445031613&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/11368", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/11371", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/11374", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/11375", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/11377", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/11380", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/11391", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/11400", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/11405", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/11548", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://security.gentoo.org/glsa/glsa-200404-13.xml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.debian.org/security/2004/dsa-486", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.mandriva.com/security/advisories?name=MDKSA-2004:028", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.redhat.com/support/errata/RHSA-2004-153.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.redhat.com/support/errata/RHSA-2004-154.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.400181", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/15864", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1042", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9462", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | http://www.securityfocus.com/bid/1524 | Exploit, Patch, Vendor Advisory | |
cve@mitre.org | http://www.securityfocus.com/frames/?content=/templates/archive.pike%3Flist%3D1%26msg%3Dhvou2daoebb.fsf%40serein.m17n.org | Exploit, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/1524 | Exploit, Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/frames/?content=/templates/archive.pike%3Flist%3D1%26msg%3Dhvou2daoebb.fsf%40serein.m17n.org | Exploit, Vendor Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cvs:cvs:1.10.8:*:*:*:*:*:*:*", matchCriteriaId: "62135DD0-140D-42C2-9302-31B5E2DE1A4A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The CVS 1.10.8 server does not properly restrict users from creating arbitrary Checkin.prog or Update.prog programs, which allows remote CVS committers to modify or create Trojan horse programs with the Checkin.prog or Update.prog names, then performing a CVS commit action.", }, ], id: "CVE-2000-0680", lastModified: "2024-11-20T23:33:03.103", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: true, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2000-10-20T04:00:00.000", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Patch", "Vendor Advisory", ], url: "http://www.securityfocus.com/bid/1524", }, { source: "cve@mitre.org", tags: [ "Exploit", "Vendor Advisory", ], url: "http://www.securityfocus.com/frames/?content=/templates/archive.pike%3Flist%3D1%26msg%3Dhvou2daoebb.fsf%40serein.m17n.org", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Patch", "Vendor Advisory", ], url: "http://www.securityfocus.com/bid/1524", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Vendor Advisory", ], url: "http://www.securityfocus.com/frames/?content=/templates/archive.pike%3Flist%3D1%26msg%3Dhvou2daoebb.fsf%40serein.m17n.org", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | http://www.debian.org/security/2005/dsa-715 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2005/dsa-715 | Patch, Vendor Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cvs:cvs:1.10:*:*:*:*:*:*:*", matchCriteriaId: "BEA94DE3-B1DA-40CC-BD60-291B0563500F", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.10.6:*:*:*:*:*:*:*", matchCriteriaId: "A305C6F7-35DA-48E2-B345-14671629226D", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.10.7:*:*:*:*:*:*:*", matchCriteriaId: "C9F7CA6E-7D45-46C9-A437-0D0C4D3F25CC", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.10.8:*:*:*:*:*:*:*", matchCriteriaId: "62135DD0-140D-42C2-9302-31B5E2DE1A4A", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11:*:*:*:*:*:*:*", matchCriteriaId: "D92B456C-5F8E-4DC2-940C-AE06B42DD3A9", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.1:*:*:*:*:*:*:*", matchCriteriaId: "37B53C85-AA0E-40DD-B477-058586197714", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.1_p1:*:*:*:*:*:*:*", matchCriteriaId: "D1D1234F-1BB0-432B-B7B7-A97E3ADD5561", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.2:*:*:*:*:*:*:*", matchCriteriaId: "6D472B97-F7C2-4973-9D71-AB3CF1F8774D", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.3:*:*:*:*:*:*:*", matchCriteriaId: "9D0DCF26-59A8-46AC-99D7-97C203A0D702", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.4:*:*:*:*:*:*:*", matchCriteriaId: "B31BAACA-7518-48D2-ADEE-F59F4569D3BF", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.5:*:*:*:*:*:*:*", matchCriteriaId: "9D2748A8-5047-4338-A08E-986497AE4B1C", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.6:*:*:*:*:*:*:*", matchCriteriaId: "525C4E91-2186-4D3A-9DF0-1C6A75A3F919", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.10:*:*:*:*:*:*:*", matchCriteriaId: "EB231E7F-1A6F-4A79-8ED2-F6CAD311A5A6", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.11:*:*:*:*:*:*:*", matchCriteriaId: "FF7105E4-25F8-4AE3-9EDD-D44BF3E17145", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.14:*:*:*:*:*:*:*", matchCriteriaId: "7C22BAF3-7B9C-4B2E-B5C6-1F37B896C301", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.15:*:*:*:*:*:*:*", matchCriteriaId: "4AFFAE96-873A-4253-BCC7-1049DA81D9CA", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.16:*:*:*:*:*:*:*", matchCriteriaId: "D1163535-583A-4504-BE7B-8919143CDF9F", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.12:*:*:*:*:*:*:*", matchCriteriaId: "36BFAB00-58EA-43B7-93FB-874EF4104C5B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "CVS 1.12 and earlier on Debian GNU/Linux does not properly handle when a mapping for the current repository does not exist in the cvs-repouids file, which allows remote attackers to cause a denial of service (server crash).", }, ], id: "CVE-2004-1343", lastModified: "2024-11-20T23:50:39.053", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2004-12-31T05:00:00.000", references: [ { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.debian.org/security/2005/dsa-715", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.debian.org/security/2005/dsa-715", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cvs:cvs:1.10:*:*:*:*:*:*:*", matchCriteriaId: "BEA94DE3-B1DA-40CC-BD60-291B0563500F", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.10.6:*:*:*:*:*:*:*", matchCriteriaId: "A305C6F7-35DA-48E2-B345-14671629226D", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.10.7:*:*:*:*:*:*:*", matchCriteriaId: "C9F7CA6E-7D45-46C9-A437-0D0C4D3F25CC", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.10.8:*:*:*:*:*:*:*", matchCriteriaId: "62135DD0-140D-42C2-9302-31B5E2DE1A4A", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11:*:*:*:*:*:*:*", matchCriteriaId: "D92B456C-5F8E-4DC2-940C-AE06B42DD3A9", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.1:*:*:*:*:*:*:*", matchCriteriaId: "37B53C85-AA0E-40DD-B477-058586197714", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.1_p1:*:*:*:*:*:*:*", matchCriteriaId: "D1D1234F-1BB0-432B-B7B7-A97E3ADD5561", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.2:*:*:*:*:*:*:*", matchCriteriaId: "6D472B97-F7C2-4973-9D71-AB3CF1F8774D", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.3:*:*:*:*:*:*:*", matchCriteriaId: "9D0DCF26-59A8-46AC-99D7-97C203A0D702", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.4:*:*:*:*:*:*:*", matchCriteriaId: "B31BAACA-7518-48D2-ADEE-F59F4569D3BF", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.5:*:*:*:*:*:*:*", matchCriteriaId: "9D2748A8-5047-4338-A08E-986497AE4B1C", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.6:*:*:*:*:*:*:*", matchCriteriaId: "525C4E91-2186-4D3A-9DF0-1C6A75A3F919", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.10:*:*:*:*:*:*:*", matchCriteriaId: "EB231E7F-1A6F-4A79-8ED2-F6CAD311A5A6", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.11:*:*:*:*:*:*:*", matchCriteriaId: "FF7105E4-25F8-4AE3-9EDD-D44BF3E17145", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.14:*:*:*:*:*:*:*", matchCriteriaId: "7C22BAF3-7B9C-4B2E-B5C6-1F37B896C301", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.15:*:*:*:*:*:*:*", matchCriteriaId: "4AFFAE96-873A-4253-BCC7-1049DA81D9CA", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.16:*:*:*:*:*:*:*", matchCriteriaId: "D1163535-583A-4504-BE7B-8919143CDF9F", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Buffer overflow in CVS before 1.11.20 allows remote attackers to execute arbitrary code.", }, ], id: "CVE-2005-0753", lastModified: "2024-11-20T23:55:49.790", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: true, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2005-04-18T04:00:00.000", references: [ { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://bugs.gentoo.org/attachment.cgi?id=54352&action=view", }, { source: "secalert@redhat.com", tags: [ "Patch", "Vendor Advisory", ], url: "http://secunia.com/advisories/14976/", }, { source: "secalert@redhat.com", url: "http://www.debian.org/security/2005/dsa-742", }, { source: "secalert@redhat.com", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.gentoo.org/security/en/glsa/glsa-200504-16.xml", }, { source: "secalert@redhat.com", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.novell.com/linux/security/advisories/2005_24_cvs.html", }, { source: "secalert@redhat.com", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.redhat.com/support/errata/RHSA-2005-387.html", }, { source: "secalert@redhat.com", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/20148", }, { source: "secalert@redhat.com", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9688", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://bugs.gentoo.org/attachment.cgi?id=54352&action=view", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://secunia.com/advisories/14976/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2005/dsa-742", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.gentoo.org/security/en/glsa/glsa-200504-16.xml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.novell.com/linux/security/advisories/2005_24_cvs.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.redhat.com/support/errata/RHSA-2005-387.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/20148", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9688", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cvs:cvs:1.12.12:*:*:*:*:*:*:*", matchCriteriaId: "172E2DD8-4493-486E-AE72-A19ED2BE5EDA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "cvsbug in CVS 1.12.12 and earlier creates temporary files insecurely, which allows local users to overwrite arbitrary files and execute arbitrary code via a symlink attack.", }, ], id: "CVE-2005-2693", lastModified: "2024-11-21T00:00:10.097", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: true, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2005-08-26T15:50:00.000", references: [ { source: "secalert@redhat.com", url: "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:20.cvsbug.asc", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/16765", }, { source: "secalert@redhat.com", url: "http://securitytracker.com/id?1014857", }, { source: "secalert@redhat.com", url: "http://www.debian.org/security/2005/dsa-802", }, { source: "secalert@redhat.com", url: "http://www.debian.org/security/2005/dsa-806", }, { source: "secalert@redhat.com", url: "http://www.redhat.com/support/errata/RHSA-2005-756.html", }, { source: "secalert@redhat.com", url: "http://www.vupen.com/english/advisories/2005/1667", }, { source: "secalert@redhat.com", tags: [ "Patch", ], url: "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=166366", }, { source: "secalert@redhat.com", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10835", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:20.cvsbug.asc", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/16765", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://securitytracker.com/id?1014857", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2005/dsa-802", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2005/dsa-806", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.redhat.com/support/errata/RHSA-2005-756.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2005/1667", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=166366", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10835", }, ], sourceIdentifier: "secalert@redhat.com", vendorComments: [ { comment: "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.", lastModified: "2007-03-14T00:00:00", organization: "Red Hat", }, ], vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cvs:cvs:1.11:*:*:*:*:*:*:*", matchCriteriaId: "D92B456C-5F8E-4DC2-940C-AE06B42DD3A9", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.12:*:*:*:*:*:*:*", matchCriteriaId: "36BFAB00-58EA-43B7-93FB-874EF4104C5B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Heap-based buffer overflow in the proxy_connect function in src/client.c in CVS 1.11 and 1.12 allows remote HTTP proxy servers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted HTTP response.", }, { lang: "es", value: "Desbordamiento de búfer basado en memoria dinámica en la funcion proxy_connect en src/client.c en CVS v1.11 y v1.12 permite a los servidores proxy HTTP remotos provocar una denegación de servicio (caída) y posiblemente ejecutar código arbitrario a través de una respuesta HTTP manipulada.", }, ], id: "CVE-2012-0804", lastModified: "2024-11-21T01:35:45.457", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2012-05-29T20:55:06.867", references: [ { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-updates/2012-02/msg00064.html", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2012-0321.html", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/47869", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/48063", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/48142", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/48150", }, { source: "secalert@redhat.com", url: "http://ubuntu.com/usn/usn-1371-1", }, { source: "secalert@redhat.com", url: "http://www.debian.org/security/2012/dsa-2407", }, { source: "secalert@redhat.com", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2012:044", }, { source: "secalert@redhat.com", url: "http://www.osvdb.org/78987", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/bid/51943", }, { source: "secalert@redhat.com", url: "http://www.securitytracker.com/id?1026719", }, { source: "secalert@redhat.com", url: "https://bugzilla.redhat.com/show_bug.cgi?id=784141", }, { source: "secalert@redhat.com", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/73097", }, { source: "secalert@redhat.com", url: "https://security.gentoo.org/glsa/201701-44", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-updates/2012-02/msg00064.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2012-0321.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/47869", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/48063", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/48142", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/48150", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://ubuntu.com/usn/usn-1371-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2012/dsa-2407", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2012:044", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.osvdb.org/78987", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/51943", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id?1026719", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://bugzilla.redhat.com/show_bug.cgi?id=784141", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/73097", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201701-44", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
cvs | cvs | 1.10.7 | |
cvs | cvs | 1.10.8 | |
cvs | cvs | 1.11 | |
cvs | cvs | 1.11.1 | |
cvs | cvs | 1.11.1_p1 | |
cvs | cvs | 1.11.2 | |
cvs | cvs | 1.11.3 | |
cvs | cvs | 1.11.4 | |
cvs | cvs | 1.11.5 | |
cvs | cvs | 1.11.6 | |
cvs | cvs | 1.11.10 | |
cvs | cvs | 1.11.11 | |
cvs | cvs | 1.11.14 | |
cvs | cvs | 1.11.15 | |
cvs | cvs | 1.11.16 | |
cvs | cvs | 1.12.1 | |
cvs | cvs | 1.12.2 | |
cvs | cvs | 1.12.5 | |
cvs | cvs | 1.12.7 | |
cvs | cvs | 1.12.8 | |
openpkg | openpkg | * | |
openpkg | openpkg | 1.3 | |
openpkg | openpkg | 2.0 | |
sgi | propack | 2.4 | |
sgi | propack | 3.0 | |
gentoo | linux | 1.4 | |
openbsd | openbsd | * | |
openbsd | openbsd | 3.4 | |
openbsd | openbsd | 3.5 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cvs:cvs:1.10.7:*:*:*:*:*:*:*", matchCriteriaId: "C9F7CA6E-7D45-46C9-A437-0D0C4D3F25CC", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.10.8:*:*:*:*:*:*:*", matchCriteriaId: "62135DD0-140D-42C2-9302-31B5E2DE1A4A", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11:*:*:*:*:*:*:*", matchCriteriaId: "D92B456C-5F8E-4DC2-940C-AE06B42DD3A9", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.1:*:*:*:*:*:*:*", matchCriteriaId: "37B53C85-AA0E-40DD-B477-058586197714", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.1_p1:*:*:*:*:*:*:*", matchCriteriaId: "D1D1234F-1BB0-432B-B7B7-A97E3ADD5561", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.2:*:*:*:*:*:*:*", matchCriteriaId: "6D472B97-F7C2-4973-9D71-AB3CF1F8774D", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.3:*:*:*:*:*:*:*", matchCriteriaId: "9D0DCF26-59A8-46AC-99D7-97C203A0D702", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.4:*:*:*:*:*:*:*", matchCriteriaId: "B31BAACA-7518-48D2-ADEE-F59F4569D3BF", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.5:*:*:*:*:*:*:*", matchCriteriaId: "9D2748A8-5047-4338-A08E-986497AE4B1C", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.6:*:*:*:*:*:*:*", matchCriteriaId: "525C4E91-2186-4D3A-9DF0-1C6A75A3F919", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.10:*:*:*:*:*:*:*", matchCriteriaId: "EB231E7F-1A6F-4A79-8ED2-F6CAD311A5A6", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.11:*:*:*:*:*:*:*", matchCriteriaId: "FF7105E4-25F8-4AE3-9EDD-D44BF3E17145", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.14:*:*:*:*:*:*:*", matchCriteriaId: "7C22BAF3-7B9C-4B2E-B5C6-1F37B896C301", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.15:*:*:*:*:*:*:*", matchCriteriaId: "4AFFAE96-873A-4253-BCC7-1049DA81D9CA", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.16:*:*:*:*:*:*:*", matchCriteriaId: "D1163535-583A-4504-BE7B-8919143CDF9F", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.12.1:*:*:*:*:*:*:*", matchCriteriaId: "766053F7-A174-4716-BF49-76B50FC79FD8", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.12.2:*:*:*:*:*:*:*", matchCriteriaId: "C7D2623F-167A-4976-B757-DAC4CCFAFE64", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.12.5:*:*:*:*:*:*:*", matchCriteriaId: "FAEC4477-D040-450E-A850-8B03C937A600", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.12.7:*:*:*:*:*:*:*", matchCriteriaId: "2848AA51-9AF1-448D-955F-50B5203F7229", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.12.8:*:*:*:*:*:*:*", matchCriteriaId: "7B66BE64-E340-4777-B877-483FEAA66988", vulnerable: true, }, { criteria: "cpe:2.3:a:openpkg:openpkg:*:*:*:*:*:*:*:*", matchCriteriaId: "F74941A0-97CA-44D4-B55B-9224F051D40F", vulnerable: true, }, { criteria: "cpe:2.3:a:openpkg:openpkg:1.3:*:*:*:*:*:*:*", matchCriteriaId: "46B96764-9241-4586-9FA5-77D8D8EBE3BD", vulnerable: true, }, { criteria: "cpe:2.3:a:openpkg:openpkg:2.0:*:*:*:*:*:*:*", matchCriteriaId: "48A4B336-2D5B-4D9B-AA87-E5266FED05BD", vulnerable: true, }, { criteria: "cpe:2.3:a:sgi:propack:2.4:*:*:*:*:*:*:*", matchCriteriaId: "0702A32E-E577-403C-B4D9-15037D7100A5", vulnerable: true, }, { criteria: "cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*", matchCriteriaId: "29DC217F-C257-4A3C-9CBD-08010C30BEC3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:gentoo:linux:1.4:*:*:*:*:*:*:*", matchCriteriaId: "65ED9D8C-604D-4B0B-A192-C0DA4D2E9AEB", vulnerable: true, }, { criteria: "cpe:2.3:o:openbsd:openbsd:*:*:*:*:*:*:*:*", matchCriteriaId: "CA3CDD3C-DBA6-4BA2-967D-AD746822F3CF", vulnerable: true, }, { criteria: "cpe:2.3:o:openbsd:openbsd:3.4:*:*:*:*:*:*:*", matchCriteriaId: "9496279F-AB43-4B53-81A6-87C651ABC4BA", vulnerable: true, }, { criteria: "cpe:2.3:o:openbsd:openbsd:3.5:*:*:*:*:*:*:*", matchCriteriaId: "BDA160D4-5CAB-44E7-880A-59DD98FEAD62", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle malformed \"Entry\" lines, which prevents a NULL terminator from being used and may lead to a denial of service (crash), modification of critical program data, or arbitrary code execution.", }, { lang: "es", value: "CVS 1.12.z a 1.12.8, y 1.11.x a 1.11.16, no maneja adecuadamente líneas \"Entry\" malformadas, lo que impide que un terminador NULL sea usado y puede conducir a una denegación de servicio (caída), modificación de datos de programa críticos, o ejecución de código arbitrario.", }, ], id: "CVE-2004-0414", lastModified: "2024-11-20T23:48:32.330", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 10, obtainAllPrivilege: true, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2004-08-06T04:00:00.000", references: [ { source: "cve@mitre.org", url: "ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc", }, { source: "cve@mitre.org", url: "ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc", }, { source: "cve@mitre.org", url: "http://lists.grok.org.uk/pipermail/full-disclosure/2004-June/022441.html", }, { source: "cve@mitre.org", url: "http://marc.info/?l=bugtraq&m=108716553923643&w=2", }, { source: "cve@mitre.org", url: "http://security.e-matters.de/advisories/092004.html", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://security.gentoo.org/glsa/glsa-200406-06.xml", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.debian.org/security/2004/dsa-517", }, { source: "cve@mitre.org", url: "http://www.mandriva.com/security/advisories?name=MDKSA-2004:058", }, { source: "cve@mitre.org", url: "http://www.redhat.com/support/errata/RHSA-2004-233.html", }, { source: "cve@mitre.org", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10575", }, { source: "cve@mitre.org", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A993", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.grok.org.uk/pipermail/full-disclosure/2004-June/022441.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://marc.info/?l=bugtraq&m=108716553923643&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://security.e-matters.de/advisories/092004.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://security.gentoo.org/glsa/glsa-200406-06.xml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.debian.org/security/2004/dsa-517", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.mandriva.com/security/advisories?name=MDKSA-2004:058", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.redhat.com/support/errata/RHSA-2004-233.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10575", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A993", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cvs:cvs:*:*:*:*:*:*:*:*", matchCriteriaId: "3F6FCAEE-A0CB-4D8C-A160-F7A1247E9A64", versionEndIncluding: "1.10", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "CVS before 1.11 allows CVS clients to read arbitrary files via .. (dot dot) sequences in filenames via CVS client requests, a different vulnerability than CVE-2004-0180.", }, ], id: "CVE-2004-0405", lastModified: "2024-11-20T23:48:31.147", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2004-06-01T04:00:00.000", references: [ { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:07.cvs.asc", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "ftp://patches.sgi.com/support/free/security/advisories/20040404-01-U.asc", }, { source: "cve@mitre.org", url: "http://marc.info/?l=bugtraq&m=108636445031613&w=2", }, { source: "cve@mitre.org", url: "http://security.gentoo.org/glsa/glsa-200404-13.xml", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.debian.org/security/2004/dsa-486", }, { source: "cve@mitre.org", url: "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.400181", }, { source: "cve@mitre.org", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/15891", }, { source: "cve@mitre.org", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1060", }, { source: "cve@mitre.org", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10818", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:07.cvs.asc", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "ftp://patches.sgi.com/support/free/security/advisories/20040404-01-U.asc", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://marc.info/?l=bugtraq&m=108636445031613&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://security.gentoo.org/glsa/glsa-200404-13.xml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.debian.org/security/2004/dsa-486", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.400181", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/15891", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1060", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10818", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cvs:cvs:1.10.7:*:*:*:*:*:*:*", matchCriteriaId: "C9F7CA6E-7D45-46C9-A437-0D0C4D3F25CC", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.10.8:*:*:*:*:*:*:*", matchCriteriaId: "62135DD0-140D-42C2-9302-31B5E2DE1A4A", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11:*:*:*:*:*:*:*", matchCriteriaId: "D92B456C-5F8E-4DC2-940C-AE06B42DD3A9", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.1:*:*:*:*:*:*:*", matchCriteriaId: "37B53C85-AA0E-40DD-B477-058586197714", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.1_p1:*:*:*:*:*:*:*", matchCriteriaId: "D1D1234F-1BB0-432B-B7B7-A97E3ADD5561", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.2:*:*:*:*:*:*:*", matchCriteriaId: "6D472B97-F7C2-4973-9D71-AB3CF1F8774D", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.3:*:*:*:*:*:*:*", matchCriteriaId: "9D0DCF26-59A8-46AC-99D7-97C203A0D702", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.4:*:*:*:*:*:*:*", matchCriteriaId: "B31BAACA-7518-48D2-ADEE-F59F4569D3BF", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.5:*:*:*:*:*:*:*", matchCriteriaId: "9D2748A8-5047-4338-A08E-986497AE4B1C", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.6:*:*:*:*:*:*:*", matchCriteriaId: "525C4E91-2186-4D3A-9DF0-1C6A75A3F919", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:slackware:slackware_linux:8.1:*:*:*:*:*:*:*", matchCriteriaId: "57F41B40-75E6-45C8-A5FB-8464C0B2D064", vulnerable: true, }, { criteria: "cpe:2.3:o:slackware:slackware_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "300A6A65-05FD-401C-80F6-B5F5B1F056E0", vulnerable: true, }, { criteria: "cpe:2.3:o:slackware:slackware_linux:9.1:*:*:*:*:*:*:*", matchCriteriaId: "AA3D53C9-3806-45E6-8AE9-7D41280EF64C", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "CVS server before 1.11.10 may allow attackers to cause the CVS server to create directories and files in the file system root directory via malformed module requests.", }, { lang: "es", value: "Vulnerabilidad desconocida en servidores CVS anteriores a 1.11.10 puede permitir a atacantes causar que el servidor CVS cree directorios y ficheros en el directorio raíz del sistema de ficheros.", }, ], id: "CVE-2003-0977", lastModified: "2024-11-20T23:46:01.820", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: true, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2004-01-05T05:00:00.000", references: [ { source: "cve@mitre.org", url: "ftp://patches.sgi.com/support/free/security/advisories/20040103-01-U.asc", }, { source: "cve@mitre.org", url: "ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc", }, { source: "cve@mitre.org", tags: [ "Patch", ], url: "http://ccvs.cvshome.org/servlets/NewsItemView?newsID=84&JServSessionIdservlets=8u3x1myav1", }, { source: "cve@mitre.org", url: "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000808", }, { source: "cve@mitre.org", url: "http://marc.info/?l=bugtraq&m=107168035515554&w=2", }, { source: "cve@mitre.org", url: "http://marc.info/?l=bugtraq&m=107540163908129&w=2", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/10601", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.debian.org/security/2004/dsa-422", }, { source: "cve@mitre.org", url: "http://www.mandriva.com/security/advisories?name=MDKSA-2003:112", }, { source: "cve@mitre.org", url: "http://www.redhat.com/support/errata/RHSA-2004-003.html", }, { source: "cve@mitre.org", url: "http://www.redhat.com/support/errata/RHSA-2004-004.html", }, { source: "cve@mitre.org", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/13929", }, { source: "cve@mitre.org", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11528", }, { source: "cve@mitre.org", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A855", }, { source: "cve@mitre.org", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A866", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "ftp://patches.sgi.com/support/free/security/advisories/20040103-01-U.asc", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://ccvs.cvshome.org/servlets/NewsItemView?newsID=84&JServSessionIdservlets=8u3x1myav1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000808", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://marc.info/?l=bugtraq&m=107168035515554&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://marc.info/?l=bugtraq&m=107540163908129&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/10601", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.debian.org/security/2004/dsa-422", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.mandriva.com/security/advisories?name=MDKSA-2003:112", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.redhat.com/support/errata/RHSA-2004-003.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.redhat.com/support/errata/RHSA-2004-004.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/13929", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11528", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A855", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A866", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cvs:cvs:1.11:*:*:*:*:*:*:*", matchCriteriaId: "D92B456C-5F8E-4DC2-940C-AE06B42DD3A9", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.12:*:*:*:*:*:*:*", matchCriteriaId: "36BFAB00-58EA-43B7-93FB-874EF4104C5B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Heap-based buffer overflow in CVS 1.11.x up to 1.11.15, and 1.12.x up to 1.12.7, when using the pserver mechanism allows remote attackers to execute arbitrary code via Entry lines.", }, { lang: "es", value: "Desbordamiento basado en la pila en CVS 1.11.X a 1.11.5 y 1.12. a 1.12.7, cuando se usa el mecanismo pserver, permite a atacantes remotos ejecutar código arbitrario mediante lineas de Entradas.", }, ], id: "CVE-2004-0396", lastModified: "2024-11-20T23:48:29.723", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: true, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2004-06-14T04:00:00.000", references: [ { source: "cve@mitre.org", url: "ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2004-008.txt.asc", }, { source: "cve@mitre.org", url: "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:10.cvs.asc", }, { source: "cve@mitre.org", url: "http://archives.neohapsis.com/archives/fulldisclosure/2004-05/0980.html", }, { source: "cve@mitre.org", url: "http://cert.uni-stuttgart.de/archive/bugtraq/2004/05/msg00219.html", }, { source: "cve@mitre.org", url: "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021742.html", }, { source: "cve@mitre.org", url: "http://marc.info/?l=bugtraq&m=108498454829020&w=2", }, { source: "cve@mitre.org", url: "http://marc.info/?l=bugtraq&m=108500040719512&w=2", }, { source: "cve@mitre.org", url: "http://marc.info/?l=bugtraq&m=108636445031613&w=2", }, { source: "cve@mitre.org", url: "http://marc.info/?l=openbsd-security-announce&m=108508894405639&w=2", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/11641", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/11647", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/11651", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/11652", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/11674", }, { source: "cve@mitre.org", url: "http://security.e-matters.de/advisories/072004.html", }, { source: "cve@mitre.org", url: "http://security.gentoo.org/glsa/glsa-200405-12.xml", }, { source: "cve@mitre.org", url: "http://www.ciac.org/ciac/bulletins/o-147.shtml", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.debian.org/security/2004/dsa-505", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", "US Government Resource", ], url: "http://www.kb.cert.org/vuls/id/192038", }, { source: "cve@mitre.org", url: "http://www.mandriva.com/security/advisories?name=MDKSA-2004:048", }, { source: "cve@mitre.org", url: "http://www.osvdb.org/6305", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.redhat.com/support/errata/RHSA-2004-190.html", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/10384", }, { source: "cve@mitre.org", url: "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.395865", }, { source: "cve@mitre.org", tags: [ "US Government Resource", ], url: "http://www.us-cert.gov/cas/techalerts/TA04-147A.html", }, { source: "cve@mitre.org", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/16193", }, { source: "cve@mitre.org", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9058", }, { source: "cve@mitre.org", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A970", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2004-008.txt.asc", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:10.cvs.asc", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://archives.neohapsis.com/archives/fulldisclosure/2004-05/0980.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://cert.uni-stuttgart.de/archive/bugtraq/2004/05/msg00219.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021742.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://marc.info/?l=bugtraq&m=108498454829020&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://marc.info/?l=bugtraq&m=108500040719512&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://marc.info/?l=bugtraq&m=108636445031613&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://marc.info/?l=openbsd-security-announce&m=108508894405639&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/11641", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/11647", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/11651", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/11652", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/11674", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://security.e-matters.de/advisories/072004.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://security.gentoo.org/glsa/glsa-200405-12.xml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.ciac.org/ciac/bulletins/o-147.shtml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.debian.org/security/2004/dsa-505", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", "US Government Resource", ], url: "http://www.kb.cert.org/vuls/id/192038", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.mandriva.com/security/advisories?name=MDKSA-2004:048", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.osvdb.org/6305", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.redhat.com/support/errata/RHSA-2004-190.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/10384", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.395865", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "US Government Resource", ], url: "http://www.us-cert.gov/cas/techalerts/TA04-147A.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/16193", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9058", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A970", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
cvs | cvs | 1.10.7 | |
cvs | cvs | 1.10.8 | |
cvs | cvs | 1.11 | |
cvs | cvs | 1.11.1 | |
cvs | cvs | 1.11.1_p1 | |
cvs | cvs | 1.11.2 | |
cvs | cvs | 1.11.3 | |
cvs | cvs | 1.11.4 | |
cvs | cvs | 1.11.5 | |
cvs | cvs | 1.11.6 | |
cvs | cvs | 1.11.10 | |
cvs | cvs | 1.11.11 | |
cvs | cvs | 1.11.14 | |
cvs | cvs | 1.11.15 | |
cvs | cvs | 1.11.16 | |
cvs | cvs | 1.12.1 | |
cvs | cvs | 1.12.2 | |
cvs | cvs | 1.12.5 | |
cvs | cvs | 1.12.7 | |
cvs | cvs | 1.12.8 | |
openpkg | openpkg | * | |
openpkg | openpkg | 1.3 | |
openpkg | openpkg | 2.0 | |
sgi | propack | 2.4 | |
sgi | propack | 3.0 | |
gentoo | linux | 1.4 | |
openbsd | openbsd | * | |
openbsd | openbsd | 3.4 | |
openbsd | openbsd | 3.5 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cvs:cvs:1.10.7:*:*:*:*:*:*:*", matchCriteriaId: "C9F7CA6E-7D45-46C9-A437-0D0C4D3F25CC", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.10.8:*:*:*:*:*:*:*", matchCriteriaId: "62135DD0-140D-42C2-9302-31B5E2DE1A4A", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11:*:*:*:*:*:*:*", matchCriteriaId: "D92B456C-5F8E-4DC2-940C-AE06B42DD3A9", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.1:*:*:*:*:*:*:*", matchCriteriaId: "37B53C85-AA0E-40DD-B477-058586197714", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.1_p1:*:*:*:*:*:*:*", matchCriteriaId: "D1D1234F-1BB0-432B-B7B7-A97E3ADD5561", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.2:*:*:*:*:*:*:*", matchCriteriaId: "6D472B97-F7C2-4973-9D71-AB3CF1F8774D", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.3:*:*:*:*:*:*:*", matchCriteriaId: "9D0DCF26-59A8-46AC-99D7-97C203A0D702", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.4:*:*:*:*:*:*:*", matchCriteriaId: "B31BAACA-7518-48D2-ADEE-F59F4569D3BF", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.5:*:*:*:*:*:*:*", matchCriteriaId: "9D2748A8-5047-4338-A08E-986497AE4B1C", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.6:*:*:*:*:*:*:*", matchCriteriaId: "525C4E91-2186-4D3A-9DF0-1C6A75A3F919", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.10:*:*:*:*:*:*:*", matchCriteriaId: "EB231E7F-1A6F-4A79-8ED2-F6CAD311A5A6", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.11:*:*:*:*:*:*:*", matchCriteriaId: "FF7105E4-25F8-4AE3-9EDD-D44BF3E17145", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.14:*:*:*:*:*:*:*", matchCriteriaId: "7C22BAF3-7B9C-4B2E-B5C6-1F37B896C301", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.15:*:*:*:*:*:*:*", matchCriteriaId: "4AFFAE96-873A-4253-BCC7-1049DA81D9CA", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.16:*:*:*:*:*:*:*", matchCriteriaId: "D1163535-583A-4504-BE7B-8919143CDF9F", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.12.1:*:*:*:*:*:*:*", matchCriteriaId: "766053F7-A174-4716-BF49-76B50FC79FD8", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.12.2:*:*:*:*:*:*:*", matchCriteriaId: "C7D2623F-167A-4976-B757-DAC4CCFAFE64", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.12.5:*:*:*:*:*:*:*", matchCriteriaId: "FAEC4477-D040-450E-A850-8B03C937A600", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.12.7:*:*:*:*:*:*:*", matchCriteriaId: "2848AA51-9AF1-448D-955F-50B5203F7229", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.12.8:*:*:*:*:*:*:*", matchCriteriaId: "7B66BE64-E340-4777-B877-483FEAA66988", vulnerable: true, }, { criteria: "cpe:2.3:a:openpkg:openpkg:*:*:*:*:*:*:*:*", matchCriteriaId: "F74941A0-97CA-44D4-B55B-9224F051D40F", vulnerable: true, }, { criteria: "cpe:2.3:a:openpkg:openpkg:1.3:*:*:*:*:*:*:*", matchCriteriaId: "46B96764-9241-4586-9FA5-77D8D8EBE3BD", vulnerable: true, }, { criteria: "cpe:2.3:a:openpkg:openpkg:2.0:*:*:*:*:*:*:*", matchCriteriaId: "48A4B336-2D5B-4D9B-AA87-E5266FED05BD", vulnerable: true, }, { criteria: "cpe:2.3:a:sgi:propack:2.4:*:*:*:*:*:*:*", matchCriteriaId: "0702A32E-E577-403C-B4D9-15037D7100A5", vulnerable: true, }, { criteria: "cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*", matchCriteriaId: "29DC217F-C257-4A3C-9CBD-08010C30BEC3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:gentoo:linux:1.4:*:*:*:*:*:*:*", matchCriteriaId: "65ED9D8C-604D-4B0B-A192-C0DA4D2E9AEB", vulnerable: true, }, { criteria: "cpe:2.3:o:openbsd:openbsd:*:*:*:*:*:*:*:*", matchCriteriaId: "CA3CDD3C-DBA6-4BA2-967D-AD746822F3CF", vulnerable: true, }, { criteria: "cpe:2.3:o:openbsd:openbsd:3.4:*:*:*:*:*:*:*", matchCriteriaId: "9496279F-AB43-4B53-81A6-87C651ABC4BA", vulnerable: true, }, { criteria: "cpe:2.3:o:openbsd:openbsd:3.5:*:*:*:*:*:*:*", matchCriteriaId: "BDA160D4-5CAB-44E7-880A-59DD98FEAD62", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "serve_notify in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle empty data lines, which may allow remote attackers to perform an \"out-of-bounds\" write for a single byte to execute arbitrary code or modify critical program data.", }, { lang: "es", value: "serve_notify en CVS 1.12.x a 1.12.8 y 1.11.x a 1.11.16 no maneja adecuadamente líneas de datos vacías, lo que puede permitir a atacantes remotos realizar una escritura \"fuera de límites\" en un solo byte para ejecutar código arbitrario o modificar datos críticos del programa.", }, ], id: "CVE-2004-0418", lastModified: "2024-11-20T23:48:33.000", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 10, obtainAllPrivilege: true, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2004-08-06T04:00:00.000", references: [ { source: "cve@mitre.org", url: "ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc", }, { source: "cve@mitre.org", url: "ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc", }, { source: "cve@mitre.org", url: "http://lists.grok.org.uk/pipermail/full-disclosure/2004-June/022441.html", }, { source: "cve@mitre.org", url: "http://marc.info/?l=bugtraq&m=108716553923643&w=2", }, { source: "cve@mitre.org", url: "http://security.e-matters.de/advisories/092004.html", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://security.gentoo.org/glsa/glsa-200406-06.xml", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.debian.org/security/2004/dsa-519", }, { source: "cve@mitre.org", url: "http://www.mandriva.com/security/advisories?name=MDKSA-2004:058", }, { source: "cve@mitre.org", url: "http://www.redhat.com/support/errata/RHSA-2004-233.html", }, { source: "cve@mitre.org", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1003", }, { source: "cve@mitre.org", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11242", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.grok.org.uk/pipermail/full-disclosure/2004-June/022441.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://marc.info/?l=bugtraq&m=108716553923643&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://security.e-matters.de/advisories/092004.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://security.gentoo.org/glsa/glsa-200406-06.xml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.debian.org/security/2004/dsa-519", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.mandriva.com/security/advisories?name=MDKSA-2004:058", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.redhat.com/support/errata/RHSA-2004-233.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1003", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11242", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:freebsd:freebsd:4.4:*:*:*:*:*:*:*", matchCriteriaId: "55C5FC1A-1253-4390-A4FC-573BB14EA937", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.5:*:*:*:*:*:*:*", matchCriteriaId: "44308D13-D935-4FF8-AB52-F0E115ED1AD2", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.6:*:*:*:*:*:*:*", matchCriteriaId: "9C001822-FDF8-497C-AC2C-B59A00E9ACD2", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.7:*:*:*:*:*:*:*", matchCriteriaId: "B86C77AB-B8FF-4376-9B4E-C88417396F3D", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:5.0:*:*:*:*:*:*:*", matchCriteriaId: "61EBA52A-2D8B-4FB5-866E-AE67CE1842E7", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cvs:cvs:1.10.7:*:*:*:*:*:*:*", matchCriteriaId: "C9F7CA6E-7D45-46C9-A437-0D0C4D3F25CC", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.10.8:*:*:*:*:*:*:*", matchCriteriaId: "62135DD0-140D-42C2-9302-31B5E2DE1A4A", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11:*:*:*:*:*:*:*", matchCriteriaId: "D92B456C-5F8E-4DC2-940C-AE06B42DD3A9", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.1:*:*:*:*:*:*:*", matchCriteriaId: "37B53C85-AA0E-40DD-B477-058586197714", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.1p1:*:*:*:*:*:*:*", matchCriteriaId: "DEA5C320-0306-4A15-9AB0-4DCD01F103DF", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.2:*:*:*:*:*:*:*", matchCriteriaId: "6D472B97-F7C2-4973-9D71-AB3CF1F8774D", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.3:*:*:*:*:*:*:*", matchCriteriaId: "9D0DCF26-59A8-46AC-99D7-97C203A0D702", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.4:*:*:*:*:*:*:*", matchCriteriaId: "B31BAACA-7518-48D2-ADEE-F59F4569D3BF", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Double-free vulnerability in CVS 1.11.4 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malformed Directory request, as demonstrated by bypassing write checks to execute Update-prog and Checkin-prog commands.", }, { lang: "es", value: "Vulnerabilidad de doble liberación de memoria en CVS 1.11.4 y anteriores permite a atacantes remotos causar una denegación de servicio y posiblemente ejecutar código arbitrario mediante una petición de de directorio mal formada, como ha sido demostrado evitando las comprobaciones de escritura para ejecutar los comandos Update-prog y Checkin-prog.", }, ], id: "CVE-2003-0015", lastModified: "2024-11-20T23:43:44.333", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: true, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2003-02-07T05:00:00.000", references: [ { source: "cve@mitre.org", url: "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0028.html", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://ccvs.cvshome.org/servlets/NewsItemView?newsID=51&JServSessionIdservlets=5of2iuhr14", }, { source: "cve@mitre.org", url: "http://marc.info/?l=bugtraq&m=104333092200589&w=2", }, { source: "cve@mitre.org", url: "http://marc.info/?l=bugtraq&m=104342550612736&w=2", }, { source: "cve@mitre.org", url: "http://marc.info/?l=bugtraq&m=104428571204468&w=2", }, { source: "cve@mitre.org", url: "http://marc.info/?l=bugtraq&m=104438807203491&w=2", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2003-013.html", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://security.e-matters.de/advisories/012003.html", }, { source: "cve@mitre.org", tags: [ "US Government Resource", ], url: "http://www.cert.org/advisories/CA-2003-02.html", }, { source: "cve@mitre.org", url: "http://www.ciac.org/ciac/bulletins/n-032.shtml", }, { source: "cve@mitre.org", url: "http://www.debian.org/security/2003/dsa-233", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "US Government Resource", ], url: "http://www.kb.cert.org/vuls/id/650937", }, { source: "cve@mitre.org", url: "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:009", }, { source: "cve@mitre.org", url: "http://www.redhat.com/support/errata/RHSA-2003-012.html", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/6650", }, { source: "cve@mitre.org", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/11108", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0028.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://ccvs.cvshome.org/servlets/NewsItemView?newsID=51&JServSessionIdservlets=5of2iuhr14", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://marc.info/?l=bugtraq&m=104333092200589&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://marc.info/?l=bugtraq&m=104342550612736&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://marc.info/?l=bugtraq&m=104428571204468&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://marc.info/?l=bugtraq&m=104438807203491&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2003-013.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://security.e-matters.de/advisories/012003.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "US Government Resource", ], url: "http://www.cert.org/advisories/CA-2003-02.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.ciac.org/ciac/bulletins/n-032.shtml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2003/dsa-233", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "http://www.kb.cert.org/vuls/id/650937", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:009", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.redhat.com/support/errata/RHSA-2003-012.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/6650", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/11108", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-415", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | http://www.debian.org/security/2005/dsa-715 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2005/dsa-715 | Patch, Vendor Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cvs:cvs:1.10:*:*:*:*:*:*:*", matchCriteriaId: "BEA94DE3-B1DA-40CC-BD60-291B0563500F", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.10.6:*:*:*:*:*:*:*", matchCriteriaId: "A305C6F7-35DA-48E2-B345-14671629226D", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.10.7:*:*:*:*:*:*:*", matchCriteriaId: "C9F7CA6E-7D45-46C9-A437-0D0C4D3F25CC", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.10.8:*:*:*:*:*:*:*", matchCriteriaId: "62135DD0-140D-42C2-9302-31B5E2DE1A4A", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11:*:*:*:*:*:*:*", matchCriteriaId: "D92B456C-5F8E-4DC2-940C-AE06B42DD3A9", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.1:*:*:*:*:*:*:*", matchCriteriaId: "37B53C85-AA0E-40DD-B477-058586197714", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.1_p1:*:*:*:*:*:*:*", matchCriteriaId: "D1D1234F-1BB0-432B-B7B7-A97E3ADD5561", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.2:*:*:*:*:*:*:*", matchCriteriaId: "6D472B97-F7C2-4973-9D71-AB3CF1F8774D", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.3:*:*:*:*:*:*:*", matchCriteriaId: "9D0DCF26-59A8-46AC-99D7-97C203A0D702", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.4:*:*:*:*:*:*:*", matchCriteriaId: "B31BAACA-7518-48D2-ADEE-F59F4569D3BF", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.5:*:*:*:*:*:*:*", matchCriteriaId: "9D2748A8-5047-4338-A08E-986497AE4B1C", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.6:*:*:*:*:*:*:*", matchCriteriaId: "525C4E91-2186-4D3A-9DF0-1C6A75A3F919", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.10:*:*:*:*:*:*:*", matchCriteriaId: "EB231E7F-1A6F-4A79-8ED2-F6CAD311A5A6", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.11:*:*:*:*:*:*:*", matchCriteriaId: "FF7105E4-25F8-4AE3-9EDD-D44BF3E17145", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.14:*:*:*:*:*:*:*", matchCriteriaId: "7C22BAF3-7B9C-4B2E-B5C6-1F37B896C301", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.15:*:*:*:*:*:*:*", matchCriteriaId: "4AFFAE96-873A-4253-BCC7-1049DA81D9CA", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.16:*:*:*:*:*:*:*", matchCriteriaId: "D1163535-583A-4504-BE7B-8919143CDF9F", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.12:*:*:*:*:*:*:*", matchCriteriaId: "36BFAB00-58EA-43B7-93FB-874EF4104C5B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "CVS 1.12 and earlier on Debian GNU/Linux, when using the repouid patch, allows remote attackers to bypass authentication via the pserver access method.", }, ], id: "CVE-2004-1342", lastModified: "2024-11-20T23:50:38.923", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: true, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2005-04-27T04:00:00.000", references: [ { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.debian.org/security/2005/dsa-715", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.debian.org/security/2005/dsa-715", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
cvs | cvs | 1.10.7 | |
cvs | cvs | 1.10.8 | |
cvs | cvs | 1.11 | |
cvs | cvs | 1.11.1 | |
cvs | cvs | 1.11.1_p1 | |
cvs | cvs | 1.11.2 | |
cvs | cvs | 1.11.3 | |
cvs | cvs | 1.11.4 | |
cvs | cvs | 1.11.5 | |
cvs | cvs | 1.11.6 | |
cvs | cvs | 1.11.10 | |
cvs | cvs | 1.11.11 | |
cvs | cvs | 1.11.14 | |
cvs | cvs | 1.11.15 | |
cvs | cvs | 1.11.16 | |
cvs | cvs | 1.12.1 | |
cvs | cvs | 1.12.2 | |
cvs | cvs | 1.12.5 | |
cvs | cvs | 1.12.7 | |
cvs | cvs | 1.12.8 | |
openpkg | openpkg | * | |
openpkg | openpkg | 1.3 | |
openpkg | openpkg | 2.0 | |
sgi | propack | 2.4 | |
sgi | propack | 3.0 | |
gentoo | linux | 1.4 | |
openbsd | openbsd | * | |
openbsd | openbsd | 3.4 | |
openbsd | openbsd | 3.5 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cvs:cvs:1.10.7:*:*:*:*:*:*:*", matchCriteriaId: "C9F7CA6E-7D45-46C9-A437-0D0C4D3F25CC", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.10.8:*:*:*:*:*:*:*", matchCriteriaId: "62135DD0-140D-42C2-9302-31B5E2DE1A4A", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11:*:*:*:*:*:*:*", matchCriteriaId: "D92B456C-5F8E-4DC2-940C-AE06B42DD3A9", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.1:*:*:*:*:*:*:*", matchCriteriaId: "37B53C85-AA0E-40DD-B477-058586197714", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.1_p1:*:*:*:*:*:*:*", matchCriteriaId: "D1D1234F-1BB0-432B-B7B7-A97E3ADD5561", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.2:*:*:*:*:*:*:*", matchCriteriaId: "6D472B97-F7C2-4973-9D71-AB3CF1F8774D", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.3:*:*:*:*:*:*:*", matchCriteriaId: "9D0DCF26-59A8-46AC-99D7-97C203A0D702", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.4:*:*:*:*:*:*:*", matchCriteriaId: "B31BAACA-7518-48D2-ADEE-F59F4569D3BF", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.5:*:*:*:*:*:*:*", matchCriteriaId: "9D2748A8-5047-4338-A08E-986497AE4B1C", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.6:*:*:*:*:*:*:*", matchCriteriaId: "525C4E91-2186-4D3A-9DF0-1C6A75A3F919", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.10:*:*:*:*:*:*:*", matchCriteriaId: "EB231E7F-1A6F-4A79-8ED2-F6CAD311A5A6", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.11:*:*:*:*:*:*:*", matchCriteriaId: "FF7105E4-25F8-4AE3-9EDD-D44BF3E17145", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.14:*:*:*:*:*:*:*", matchCriteriaId: "7C22BAF3-7B9C-4B2E-B5C6-1F37B896C301", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.15:*:*:*:*:*:*:*", matchCriteriaId: "4AFFAE96-873A-4253-BCC7-1049DA81D9CA", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.11.16:*:*:*:*:*:*:*", matchCriteriaId: "D1163535-583A-4504-BE7B-8919143CDF9F", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.12.1:*:*:*:*:*:*:*", matchCriteriaId: "766053F7-A174-4716-BF49-76B50FC79FD8", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.12.2:*:*:*:*:*:*:*", matchCriteriaId: "C7D2623F-167A-4976-B757-DAC4CCFAFE64", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.12.5:*:*:*:*:*:*:*", matchCriteriaId: "FAEC4477-D040-450E-A850-8B03C937A600", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.12.7:*:*:*:*:*:*:*", matchCriteriaId: "2848AA51-9AF1-448D-955F-50B5203F7229", vulnerable: true, }, { criteria: "cpe:2.3:a:cvs:cvs:1.12.8:*:*:*:*:*:*:*", matchCriteriaId: "7B66BE64-E340-4777-B877-483FEAA66988", vulnerable: true, }, { criteria: "cpe:2.3:a:openpkg:openpkg:*:*:*:*:*:*:*:*", matchCriteriaId: "F74941A0-97CA-44D4-B55B-9224F051D40F", vulnerable: true, }, { criteria: "cpe:2.3:a:openpkg:openpkg:1.3:*:*:*:*:*:*:*", matchCriteriaId: "46B96764-9241-4586-9FA5-77D8D8EBE3BD", vulnerable: true, }, { criteria: "cpe:2.3:a:openpkg:openpkg:2.0:*:*:*:*:*:*:*", matchCriteriaId: "48A4B336-2D5B-4D9B-AA87-E5266FED05BD", vulnerable: true, }, { criteria: "cpe:2.3:a:sgi:propack:2.4:*:*:*:*:*:*:*", matchCriteriaId: "0702A32E-E577-403C-B4D9-15037D7100A5", vulnerable: true, }, { criteria: "cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*", matchCriteriaId: "29DC217F-C257-4A3C-9CBD-08010C30BEC3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:gentoo:linux:1.4:*:*:*:*:*:*:*", matchCriteriaId: "65ED9D8C-604D-4B0B-A192-C0DA4D2E9AEB", vulnerable: true, }, { criteria: "cpe:2.3:o:openbsd:openbsd:*:*:*:*:*:*:*:*", matchCriteriaId: "CA3CDD3C-DBA6-4BA2-967D-AD746822F3CF", vulnerable: true, }, { criteria: "cpe:2.3:o:openbsd:openbsd:3.4:*:*:*:*:*:*:*", matchCriteriaId: "9496279F-AB43-4B53-81A6-87C651ABC4BA", vulnerable: true, }, { criteria: "cpe:2.3:o:openbsd:openbsd:3.5:*:*:*:*:*:*:*", matchCriteriaId: "BDA160D4-5CAB-44E7-880A-59DD98FEAD62", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Integer overflow in the \"Max-dotdot\" CVS protocol command (serve_max_dotdot) for CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to cause a server crash, which could cause temporary data to remain undeleted and consume disk space.", }, { lang: "es", value: "Desobordamiento de enteros en la orden de protocolo CVS \"Max-dotdot\" (serve_max_dotdot) en CVS 1.12.x a 1.12.8 y 1.11.x a 1.11.16 puede permitir a atacantes remotos causar una caída del servidor, lo que podría hacer que datos temporales permanezcan sin detectar y consumir espacio en disco.", }, ], id: "CVE-2004-0417", lastModified: "2024-11-20T23:48:32.843", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2004-08-06T04:00:00.000", references: [ { source: "cve@mitre.org", url: "ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc", }, { source: "cve@mitre.org", url: "http://lists.grok.org.uk/pipermail/full-disclosure/2004-June/022441.html", }, { source: "cve@mitre.org", url: "http://marc.info/?l=bugtraq&m=108716553923643&w=2", }, { source: "cve@mitre.org", url: "http://security.e-matters.de/advisories/092004.html", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://security.gentoo.org/glsa/glsa-200406-06.xml", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.debian.org/security/2004/dsa-519", }, { source: "cve@mitre.org", url: "http://www.mandriva.com/security/advisories?name=MDKSA-2004:058", }, { source: "cve@mitre.org", url: "http://www.redhat.com/support/errata/RHSA-2004-233.html", }, { source: "cve@mitre.org", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1001", }, { source: "cve@mitre.org", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11145", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.grok.org.uk/pipermail/full-disclosure/2004-June/022441.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://marc.info/?l=bugtraq&m=108716553923643&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://security.e-matters.de/advisories/092004.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://security.gentoo.org/glsa/glsa-200406-06.xml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.debian.org/security/2004/dsa-519", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.mandriva.com/security/advisories?name=MDKSA-2004:058", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.redhat.com/support/errata/RHSA-2004-233.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1001", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11145", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cvs:cvs:*:*:*:*:*:*:*:*", matchCriteriaId: "8716B52E-5846-4A35-A12B-001DCFBE92A0", versionEndIncluding: "1.10.8", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "CVS before 1.10.8 does not properly initialize a global variable, which allows remote attackers to cause a denial of service (server crash) via the diff capability.", }, { lang: "es", value: "CVS anteriores a 1.10.8 no inicializa adecudamente una variable global, lo que permite a atacantes remotos causar una denegación de servicio (caída del servidor) mediante la capacidad diff.", }, ], id: "CVE-2002-0092", lastModified: "2024-11-20T23:38:17.527", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2002-03-15T05:00:00.000", references: [ { source: "cve@mitre.org", url: "http://marc.info/?l=vuln-dev&m=101422243817321&w=2", }, { source: "cve@mitre.org", url: "http://marc.info/?l=vuln-dev&m=101433077724524&w=2", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.debian.org/security/2002/dsa-117", }, { source: "cve@mitre.org", url: "http://www.iss.net/security_center/static/8366.php", }, { source: "cve@mitre.org", url: "http://www.redhat.com/support/errata/RHSA-2002-026.html", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/4234", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://marc.info/?l=vuln-dev&m=101422243817321&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://marc.info/?l=vuln-dev&m=101433077724524&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.debian.org/security/2002/dsa-117", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.iss.net/security_center/static/8366.php", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.redhat.com/support/errata/RHSA-2002-026.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/4234", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
cve-2004-0180
Vulnerability from cvelistv5
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-08T00:10:03.820Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "11548", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/11548", }, { name: "oval:org.mitre.oval:def:1042", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1042", }, { name: "oval:org.mitre.oval:def:9462", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9462", }, { name: "11400", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/11400", }, { name: "11375", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/11375", }, { name: "DSA-486", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2004/dsa-486", }, { name: "MDKSA-2004:028", tags: [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDKSA-2004:028", }, { name: "11368", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/11368", }, { name: "11380", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/11380", }, { name: "cvs-rcs-create-files(15864)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/15864", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.5/common/002_cvs.patch", }, { name: "SSA:2004-108-02", tags: [ "vendor-advisory", "x_refsource_SLACKWARE", "x_transferred", ], url: "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.400181", }, { name: "20040404-01-U", tags: [ "vendor-advisory", "x_refsource_SGI", "x_transferred", ], url: "ftp://patches.sgi.com/support/free/security/advisories/20040404-01-U.asc", }, { name: "FreeBSD-SA-04:07", tags: [ "vendor-advisory", "x_refsource_FREEBSD", "x_transferred", ], url: "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:07.cvs.asc", }, { name: "11374", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/11374", }, { name: "11377", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/11377", }, { name: "GLSA-200404-13", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "http://security.gentoo.org/glsa/glsa-200404-13.xml", }, { name: "11371", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/11371", }, { name: "RHSA-2004:153", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2004-153.html", }, { name: "FEDORA-2004-1620", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=108636445031613&w=2", }, { name: "11405", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/11405", }, { name: "RHSA-2004:154", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2004-154.html", }, { name: "11391", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/11391", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2004-04-14T00:00:00", descriptions: [ { lang: "en", value: "The client for CVS before 1.11 allows a remote malicious CVS server to create arbitrary files using certain RCS diff files that use absolute pathnames during checkouts or updates, a different vulnerability than CVE-2004-0405.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-10-10T00:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "11548", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/11548", }, { name: "oval:org.mitre.oval:def:1042", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1042", }, { name: "oval:org.mitre.oval:def:9462", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9462", }, { name: "11400", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/11400", }, { name: "11375", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/11375", }, { name: "DSA-486", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2004/dsa-486", }, { name: "MDKSA-2004:028", tags: [ "vendor-advisory", "x_refsource_MANDRAKE", ], url: "http://www.mandriva.com/security/advisories?name=MDKSA-2004:028", }, { name: "11368", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/11368", }, { name: "11380", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/11380", }, { name: "cvs-rcs-create-files(15864)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/15864", }, { tags: [ "x_refsource_CONFIRM", ], url: "ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.5/common/002_cvs.patch", }, { name: "SSA:2004-108-02", tags: [ "vendor-advisory", "x_refsource_SLACKWARE", ], url: "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.400181", }, { name: "20040404-01-U", tags: [ "vendor-advisory", "x_refsource_SGI", ], url: "ftp://patches.sgi.com/support/free/security/advisories/20040404-01-U.asc", }, { name: "FreeBSD-SA-04:07", tags: [ "vendor-advisory", "x_refsource_FREEBSD", ], url: "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:07.cvs.asc", }, { name: "11374", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/11374", }, { name: "11377", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/11377", }, { name: "GLSA-200404-13", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "http://security.gentoo.org/glsa/glsa-200404-13.xml", }, { name: "11371", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/11371", }, { name: "RHSA-2004:153", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2004-153.html", }, { name: "FEDORA-2004-1620", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://marc.info/?l=bugtraq&m=108636445031613&w=2", }, { name: "11405", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/11405", }, { name: "RHSA-2004:154", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2004-154.html", }, { name: "11391", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/11391", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2004-0180", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The client for CVS before 1.11 allows a remote malicious CVS server to create arbitrary files using certain RCS diff files that use absolute pathnames during checkouts or updates, a different vulnerability than CVE-2004-0405.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "11548", refsource: "SECUNIA", url: "http://secunia.com/advisories/11548", }, { name: "oval:org.mitre.oval:def:1042", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1042", }, { name: "oval:org.mitre.oval:def:9462", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9462", }, { name: "11400", refsource: "SECUNIA", url: "http://secunia.com/advisories/11400", }, { name: "11375", refsource: "SECUNIA", url: "http://secunia.com/advisories/11375", }, { name: "DSA-486", refsource: "DEBIAN", url: "http://www.debian.org/security/2004/dsa-486", }, { name: "MDKSA-2004:028", refsource: "MANDRAKE", url: "http://www.mandriva.com/security/advisories?name=MDKSA-2004:028", }, { name: "11368", refsource: "SECUNIA", url: "http://secunia.com/advisories/11368", }, { name: "11380", refsource: "SECUNIA", url: "http://secunia.com/advisories/11380", }, { name: "cvs-rcs-create-files(15864)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/15864", }, { name: "ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.5/common/002_cvs.patch", refsource: "CONFIRM", url: "ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.5/common/002_cvs.patch", }, { name: "SSA:2004-108-02", refsource: "SLACKWARE", url: "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.400181", }, { name: "20040404-01-U", refsource: "SGI", url: "ftp://patches.sgi.com/support/free/security/advisories/20040404-01-U.asc", }, { name: "FreeBSD-SA-04:07", refsource: "FREEBSD", url: "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:07.cvs.asc", }, { name: "11374", refsource: "SECUNIA", url: "http://secunia.com/advisories/11374", }, { name: "11377", refsource: "SECUNIA", url: "http://secunia.com/advisories/11377", }, { name: "GLSA-200404-13", refsource: "GENTOO", url: "http://security.gentoo.org/glsa/glsa-200404-13.xml", }, { name: "11371", refsource: "SECUNIA", url: "http://secunia.com/advisories/11371", }, { name: "RHSA-2004:153", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2004-153.html", }, { name: "FEDORA-2004-1620", refsource: "FEDORA", url: "http://marc.info/?l=bugtraq&m=108636445031613&w=2", }, { name: "11405", refsource: "SECUNIA", url: "http://secunia.com/advisories/11405", }, { name: "RHSA-2004:154", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2004-154.html", }, { name: "11391", refsource: "SECUNIA", url: "http://secunia.com/advisories/11391", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2004-0180", datePublished: "2004-04-16T04:00:00", dateReserved: "2004-02-25T00:00:00", dateUpdated: "2024-08-08T00:10:03.820Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2000-0679
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
http://www.securityfocus.com/frames/?content=/templates/archive.pike%3Flist%3D1%26msg%3Dhvou2daoebb.fsf%40serein.m17n.org | mailing-list, x_refsource_BUGTRAQ | |
http://www.securityfocus.com/bid/1523 | vdb-entry, x_refsource_BID |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-08T05:28:41.109Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20000728 cvs security problem", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/frames/?content=/templates/archive.pike%3Flist%3D1%26msg%3Dhvou2daoebb.fsf%40serein.m17n.org", }, { name: "1523", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/1523", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2000-07-28T00:00:00", descriptions: [ { lang: "en", value: "The CVS 1.10.8 client trusts pathnames that are provided by the CVS server, which allows the server to force the client to create arbitrary files.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2005-11-02T10:00:00", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "20000728 cvs security problem", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/frames/?content=/templates/archive.pike%3Flist%3D1%26msg%3Dhvou2daoebb.fsf%40serein.m17n.org", }, { name: "1523", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/1523", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2000-0679", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The CVS 1.10.8 client trusts pathnames that are provided by the CVS server, which allows the server to force the client to create arbitrary files.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "20000728 cvs security problem", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/frames/?content=/templates/archive.pike%3Flist%3D1%26msg%3Dhvou2daoebb.fsf%40serein.m17n.org", }, { name: "1523", refsource: "BID", url: "http://www.securityfocus.com/bid/1523", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2000-0679", datePublished: "2001-01-22T05:00:00", dateReserved: "2000-09-19T00:00:00", dateUpdated: "2024-08-08T05:28:41.109Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2004-0416
Vulnerability from cvelistv5
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-08T00:17:14.603Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "DSA-519", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2004/dsa-519", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://security.e-matters.de/advisories/092004.html", }, { name: "20040605-01-U", tags: [ "vendor-advisory", "x_refsource_SGI", "x_transferred", ], url: "ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc", }, { name: "20040611 [OpenPKG-SA-2004.027] OpenPKG Security Advisory (cvs)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=108716553923643&w=2", }, { name: "oval:org.mitre.oval:def:10070", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10070", }, { name: "RHSA-2004:233", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2004-233.html", }, { name: "MDKSA-2004:058", tags: [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDKSA-2004:058", }, { name: "GLSA-200406-06", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "http://security.gentoo.org/glsa/glsa-200406-06.xml", }, { name: "20040604-01-U", tags: [ "vendor-advisory", "x_refsource_SGI", "x_transferred", ], url: "ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc", }, { name: "oval:org.mitre.oval:def:994", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A994", }, { name: "20040609 Advisory 09/2004: More CVS remote vulnerabilities", tags: [ "mailing-list", "x_refsource_FULLDISC", "x_transferred", ], url: "http://lists.grok.org.uk/pipermail/full-disclosure/2004-June/022441.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2004-06-09T00:00:00", descriptions: [ { lang: "en", value: "Double free vulnerability for the error_prog_name string in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to execute arbitrary code.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-10-10T00:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "DSA-519", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2004/dsa-519", }, { tags: [ "x_refsource_MISC", ], url: "http://security.e-matters.de/advisories/092004.html", }, { name: "20040605-01-U", tags: [ "vendor-advisory", "x_refsource_SGI", ], url: "ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc", }, { name: "20040611 [OpenPKG-SA-2004.027] OpenPKG Security Advisory (cvs)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://marc.info/?l=bugtraq&m=108716553923643&w=2", }, { name: "oval:org.mitre.oval:def:10070", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10070", }, { name: "RHSA-2004:233", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2004-233.html", }, { name: "MDKSA-2004:058", tags: [ "vendor-advisory", "x_refsource_MANDRAKE", ], url: "http://www.mandriva.com/security/advisories?name=MDKSA-2004:058", }, { name: "GLSA-200406-06", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "http://security.gentoo.org/glsa/glsa-200406-06.xml", }, { name: "20040604-01-U", tags: [ "vendor-advisory", "x_refsource_SGI", ], url: "ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc", }, { name: "oval:org.mitre.oval:def:994", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A994", }, { name: "20040609 Advisory 09/2004: More CVS remote vulnerabilities", tags: [ "mailing-list", "x_refsource_FULLDISC", ], url: "http://lists.grok.org.uk/pipermail/full-disclosure/2004-June/022441.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2004-0416", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Double free vulnerability for the error_prog_name string in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to execute arbitrary code.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "DSA-519", refsource: "DEBIAN", url: "http://www.debian.org/security/2004/dsa-519", }, { name: "http://security.e-matters.de/advisories/092004.html", refsource: "MISC", url: "http://security.e-matters.de/advisories/092004.html", }, { name: "20040605-01-U", refsource: "SGI", url: "ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc", }, { name: "20040611 [OpenPKG-SA-2004.027] OpenPKG Security Advisory (cvs)", refsource: "BUGTRAQ", url: "http://marc.info/?l=bugtraq&m=108716553923643&w=2", }, { name: "oval:org.mitre.oval:def:10070", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10070", }, { name: "RHSA-2004:233", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2004-233.html", }, { name: "MDKSA-2004:058", refsource: "MANDRAKE", url: "http://www.mandriva.com/security/advisories?name=MDKSA-2004:058", }, { name: "GLSA-200406-06", refsource: "GENTOO", url: "http://security.gentoo.org/glsa/glsa-200406-06.xml", }, { name: "20040604-01-U", refsource: "SGI", url: "ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc", }, { name: "oval:org.mitre.oval:def:994", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A994", }, { name: "20040609 Advisory 09/2004: More CVS remote vulnerabilities", refsource: "FULLDISC", url: "http://lists.grok.org.uk/pipermail/full-disclosure/2004-June/022441.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2004-0416", datePublished: "2004-06-11T04:00:00", dateReserved: "2004-04-16T00:00:00", dateUpdated: "2024-08-08T00:17:14.603Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2004-0778
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
http://www.securityfocus.com/bid/10955 | vdb-entry, x_refsource_BID | |
http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:108 | vendor-advisory, x_refsource_MANDRAKE | |
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10688 | vdb-entry, signature, x_refsource_OVAL | |
http://www.idefense.com/application/poi/display?id=130&type=vulnerabilities | third-party-advisory, x_refsource_IDEFENSE | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/17001 | vdb-entry, x_refsource_XF | |
http://www.kb.cert.org/vuls/id/579225 | third-party-advisory, x_refsource_CERT-VN |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-08T00:31:47.840Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "10955", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/10955", }, { name: "MDKSA-2004:108", tags: [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred", ], url: "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:108", }, { name: "oval:org.mitre.oval:def:10688", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10688", }, { name: "20040816 CVS Undocumented Flag Information Disclosure Vulnerability", tags: [ "third-party-advisory", "x_refsource_IDEFENSE", "x_transferred", ], url: "http://www.idefense.com/application/poi/display?id=130&type=vulnerabilities", }, { name: "cvs-history-info-disclosure(17001)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/17001", }, { name: "VU#579225", tags: [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred", ], url: "http://www.kb.cert.org/vuls/id/579225", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2004-08-16T00:00:00", descriptions: [ { lang: "en", value: "CVS 1.11.x before 1.11.17, and 1.12.x before 1.12.9, allows remote attackers to determine the existence of arbitrary files and directories via the -X command for an alternate history file, which causes different error messages to be returned.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-10-10T00:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "10955", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/10955", }, { name: "MDKSA-2004:108", tags: [ "vendor-advisory", "x_refsource_MANDRAKE", ], url: "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:108", }, { name: "oval:org.mitre.oval:def:10688", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10688", }, { name: "20040816 CVS Undocumented Flag Information Disclosure Vulnerability", tags: [ "third-party-advisory", "x_refsource_IDEFENSE", ], url: "http://www.idefense.com/application/poi/display?id=130&type=vulnerabilities", }, { name: "cvs-history-info-disclosure(17001)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/17001", }, { name: "VU#579225", tags: [ "third-party-advisory", "x_refsource_CERT-VN", ], url: "http://www.kb.cert.org/vuls/id/579225", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2004-0778", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "CVS 1.11.x before 1.11.17, and 1.12.x before 1.12.9, allows remote attackers to determine the existence of arbitrary files and directories via the -X command for an alternate history file, which causes different error messages to be returned.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "10955", refsource: "BID", url: "http://www.securityfocus.com/bid/10955", }, { name: "MDKSA-2004:108", refsource: "MANDRAKE", url: "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:108", }, { name: "oval:org.mitre.oval:def:10688", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10688", }, { name: "20040816 CVS Undocumented Flag Information Disclosure Vulnerability", refsource: "IDEFENSE", url: "http://www.idefense.com/application/poi/display?id=130&type=vulnerabilities", }, { name: "cvs-history-info-disclosure(17001)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/17001", }, { name: "VU#579225", refsource: "CERT-VN", url: "http://www.kb.cert.org/vuls/id/579225", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2004-0778", datePublished: "2004-08-18T04:00:00", dateReserved: "2004-08-11T00:00:00", dateUpdated: "2024-08-08T00:31:47.840Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2004-0414
Vulnerability from cvelistv5
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-08T00:17:14.669Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "oval:org.mitre.oval:def:10575", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10575", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://security.e-matters.de/advisories/092004.html", }, { name: "20040605-01-U", tags: [ "vendor-advisory", "x_refsource_SGI", "x_transferred", ], url: "ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc", }, { name: "DSA-517", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2004/dsa-517", }, { name: "oval:org.mitre.oval:def:993", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A993", }, { name: "20040611 [OpenPKG-SA-2004.027] OpenPKG Security Advisory (cvs)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=108716553923643&w=2", }, { name: "RHSA-2004:233", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2004-233.html", }, { name: "MDKSA-2004:058", tags: [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDKSA-2004:058", }, { name: "GLSA-200406-06", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "http://security.gentoo.org/glsa/glsa-200406-06.xml", }, { name: "20040604-01-U", tags: [ "vendor-advisory", "x_refsource_SGI", "x_transferred", ], url: "ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc", }, { name: "20040609 Advisory 09/2004: More CVS remote vulnerabilities", tags: [ "mailing-list", "x_refsource_FULLDISC", "x_transferred", ], url: "http://lists.grok.org.uk/pipermail/full-disclosure/2004-June/022441.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2004-06-09T00:00:00", descriptions: [ { lang: "en", value: "CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle malformed \"Entry\" lines, which prevents a NULL terminator from being used and may lead to a denial of service (crash), modification of critical program data, or arbitrary code execution.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-10-10T00:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "oval:org.mitre.oval:def:10575", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10575", }, { tags: [ "x_refsource_MISC", ], url: "http://security.e-matters.de/advisories/092004.html", }, { name: "20040605-01-U", tags: [ "vendor-advisory", "x_refsource_SGI", ], url: "ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc", }, { name: "DSA-517", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2004/dsa-517", }, { name: "oval:org.mitre.oval:def:993", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A993", }, { name: "20040611 [OpenPKG-SA-2004.027] OpenPKG Security Advisory (cvs)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://marc.info/?l=bugtraq&m=108716553923643&w=2", }, { name: "RHSA-2004:233", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2004-233.html", }, { name: "MDKSA-2004:058", tags: [ "vendor-advisory", "x_refsource_MANDRAKE", ], url: "http://www.mandriva.com/security/advisories?name=MDKSA-2004:058", }, { name: "GLSA-200406-06", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "http://security.gentoo.org/glsa/glsa-200406-06.xml", }, { name: "20040604-01-U", tags: [ "vendor-advisory", "x_refsource_SGI", ], url: "ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc", }, { name: "20040609 Advisory 09/2004: More CVS remote vulnerabilities", tags: [ "mailing-list", "x_refsource_FULLDISC", ], url: "http://lists.grok.org.uk/pipermail/full-disclosure/2004-June/022441.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2004-0414", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle malformed \"Entry\" lines, which prevents a NULL terminator from being used and may lead to a denial of service (crash), modification of critical program data, or arbitrary code execution.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "oval:org.mitre.oval:def:10575", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10575", }, { name: "http://security.e-matters.de/advisories/092004.html", refsource: "MISC", url: "http://security.e-matters.de/advisories/092004.html", }, { name: "20040605-01-U", refsource: "SGI", url: "ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc", }, { name: "DSA-517", refsource: "DEBIAN", url: "http://www.debian.org/security/2004/dsa-517", }, { name: "oval:org.mitre.oval:def:993", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A993", }, { name: "20040611 [OpenPKG-SA-2004.027] OpenPKG Security Advisory (cvs)", refsource: "BUGTRAQ", url: "http://marc.info/?l=bugtraq&m=108716553923643&w=2", }, { name: "RHSA-2004:233", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2004-233.html", }, { name: "MDKSA-2004:058", refsource: "MANDRAKE", url: "http://www.mandriva.com/security/advisories?name=MDKSA-2004:058", }, { name: "GLSA-200406-06", refsource: "GENTOO", url: "http://security.gentoo.org/glsa/glsa-200406-06.xml", }, { name: "20040604-01-U", refsource: "SGI", url: "ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc", }, { name: "20040609 Advisory 09/2004: More CVS remote vulnerabilities", refsource: "FULLDISC", url: "http://lists.grok.org.uk/pipermail/full-disclosure/2004-June/022441.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2004-0414", datePublished: "2004-06-11T04:00:00", dateReserved: "2004-04-16T00:00:00", dateUpdated: "2024-08-08T00:17:14.669Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2004-1342
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
http://www.debian.org/security/2005/dsa-715 | vendor-advisory, x_refsource_DEBIAN |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-08T00:46:12.507Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "DSA-715", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2005/dsa-715", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "CVS 1.12 and earlier on Debian GNU/Linux, when using the repouid patch, allows remote attackers to bypass authentication via the pserver access method.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2005-04-27T04:00:00Z", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "DSA-715", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2005/dsa-715", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2004-1342", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "CVS 1.12 and earlier on Debian GNU/Linux, when using the repouid patch, allows remote attackers to bypass authentication via the pserver access method.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "DSA-715", refsource: "DEBIAN", url: "http://www.debian.org/security/2005/dsa-715", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2004-1342", datePublished: "2005-04-27T04:00:00Z", dateReserved: "2005-01-06T00:00:00Z", dateUpdated: "2024-09-16T22:55:47.901Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2004-0418
Vulnerability from cvelistv5
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-08T00:17:14.976Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "DSA-519", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2004/dsa-519", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://security.e-matters.de/advisories/092004.html", }, { name: "oval:org.mitre.oval:def:11242", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11242", }, { name: "20040605-01-U", tags: [ "vendor-advisory", "x_refsource_SGI", "x_transferred", ], url: "ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc", }, { name: "oval:org.mitre.oval:def:1003", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1003", }, { name: "20040611 [OpenPKG-SA-2004.027] OpenPKG Security Advisory (cvs)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=108716553923643&w=2", }, { name: "RHSA-2004:233", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2004-233.html", }, { name: "MDKSA-2004:058", tags: [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDKSA-2004:058", }, { name: "GLSA-200406-06", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "http://security.gentoo.org/glsa/glsa-200406-06.xml", }, { name: "20040604-01-U", tags: [ "vendor-advisory", "x_refsource_SGI", "x_transferred", ], url: "ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc", }, { name: "20040609 Advisory 09/2004: More CVS remote vulnerabilities", tags: [ "mailing-list", "x_refsource_FULLDISC", "x_transferred", ], url: "http://lists.grok.org.uk/pipermail/full-disclosure/2004-June/022441.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2004-06-09T00:00:00", descriptions: [ { lang: "en", value: "serve_notify in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle empty data lines, which may allow remote attackers to perform an \"out-of-bounds\" write for a single byte to execute arbitrary code or modify critical program data.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-10-10T00:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "DSA-519", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2004/dsa-519", }, { tags: [ "x_refsource_MISC", ], url: "http://security.e-matters.de/advisories/092004.html", }, { name: "oval:org.mitre.oval:def:11242", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11242", }, { name: "20040605-01-U", tags: [ "vendor-advisory", "x_refsource_SGI", ], url: "ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc", }, { name: "oval:org.mitre.oval:def:1003", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1003", }, { name: "20040611 [OpenPKG-SA-2004.027] OpenPKG Security Advisory (cvs)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://marc.info/?l=bugtraq&m=108716553923643&w=2", }, { name: "RHSA-2004:233", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2004-233.html", }, { name: "MDKSA-2004:058", tags: [ "vendor-advisory", "x_refsource_MANDRAKE", ], url: "http://www.mandriva.com/security/advisories?name=MDKSA-2004:058", }, { name: "GLSA-200406-06", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "http://security.gentoo.org/glsa/glsa-200406-06.xml", }, { name: "20040604-01-U", tags: [ "vendor-advisory", "x_refsource_SGI", ], url: "ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc", }, { name: "20040609 Advisory 09/2004: More CVS remote vulnerabilities", tags: [ "mailing-list", "x_refsource_FULLDISC", ], url: "http://lists.grok.org.uk/pipermail/full-disclosure/2004-June/022441.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2004-0418", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "serve_notify in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle empty data lines, which may allow remote attackers to perform an \"out-of-bounds\" write for a single byte to execute arbitrary code or modify critical program data.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "DSA-519", refsource: "DEBIAN", url: "http://www.debian.org/security/2004/dsa-519", }, { name: "http://security.e-matters.de/advisories/092004.html", refsource: "MISC", url: "http://security.e-matters.de/advisories/092004.html", }, { name: "oval:org.mitre.oval:def:11242", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11242", }, { name: "20040605-01-U", refsource: "SGI", url: "ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc", }, { name: "oval:org.mitre.oval:def:1003", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1003", }, { name: "20040611 [OpenPKG-SA-2004.027] OpenPKG Security Advisory (cvs)", refsource: "BUGTRAQ", url: "http://marc.info/?l=bugtraq&m=108716553923643&w=2", }, { name: "RHSA-2004:233", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2004-233.html", }, { name: "MDKSA-2004:058", refsource: "MANDRAKE", url: "http://www.mandriva.com/security/advisories?name=MDKSA-2004:058", }, { name: "GLSA-200406-06", refsource: "GENTOO", url: "http://security.gentoo.org/glsa/glsa-200406-06.xml", }, { name: "20040604-01-U", refsource: "SGI", url: "ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc", }, { name: "20040609 Advisory 09/2004: More CVS remote vulnerabilities", refsource: "FULLDISC", url: "http://lists.grok.org.uk/pipermail/full-disclosure/2004-June/022441.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2004-0418", datePublished: "2004-06-11T04:00:00", dateReserved: "2004-04-16T00:00:00", dateUpdated: "2024-08-08T00:17:14.976Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2002-0092
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
http://www.securityfocus.com/bid/4234 | vdb-entry, x_refsource_BID | |
http://marc.info/?l=vuln-dev&m=101422243817321&w=2 | mailing-list, x_refsource_VULN-DEV | |
http://marc.info/?l=vuln-dev&m=101433077724524&w=2 | mailing-list, x_refsource_VULN-DEV | |
http://www.redhat.com/support/errata/RHSA-2002-026.html | vendor-advisory, x_refsource_REDHAT | |
http://www.iss.net/security_center/static/8366.php | vdb-entry, x_refsource_XF | |
http://www.debian.org/security/2002/dsa-117 | vendor-advisory, x_refsource_DEBIAN |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-08T02:35:17.572Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "4234", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/4234", }, { name: "20020220 Help needed with bufferoverflow in cvs", tags: [ "mailing-list", "x_refsource_VULN-DEV", "x_transferred", ], url: "http://marc.info/?l=vuln-dev&m=101422243817321&w=2", }, { name: "20020220 Re: [Fwd: Help needed with bufferoverflow in cvs]", tags: [ "mailing-list", "x_refsource_VULN-DEV", "x_transferred", ], url: "http://marc.info/?l=vuln-dev&m=101433077724524&w=2", }, { name: "RHSA-2002:026", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2002-026.html", }, { name: "cvs-global-var-dos(8366)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "http://www.iss.net/security_center/static/8366.php", }, { name: "DSA-117", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2002/dsa-117", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2002-02-20T00:00:00", descriptions: [ { lang: "en", value: "CVS before 1.10.8 does not properly initialize a global variable, which allows remote attackers to cause a denial of service (server crash) via the diff capability.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2002-06-16T00:00:00", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "4234", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/4234", }, { name: "20020220 Help needed with bufferoverflow in cvs", tags: [ "mailing-list", "x_refsource_VULN-DEV", ], url: "http://marc.info/?l=vuln-dev&m=101422243817321&w=2", }, { name: "20020220 Re: [Fwd: Help needed with bufferoverflow in cvs]", tags: [ "mailing-list", "x_refsource_VULN-DEV", ], url: "http://marc.info/?l=vuln-dev&m=101433077724524&w=2", }, { name: "RHSA-2002:026", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2002-026.html", }, { name: "cvs-global-var-dos(8366)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "http://www.iss.net/security_center/static/8366.php", }, { name: "DSA-117", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2002/dsa-117", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2002-0092", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "CVS before 1.10.8 does not properly initialize a global variable, which allows remote attackers to cause a denial of service (server crash) via the diff capability.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "4234", refsource: "BID", url: "http://www.securityfocus.com/bid/4234", }, { name: "20020220 Help needed with bufferoverflow in cvs", refsource: "VULN-DEV", url: "http://marc.info/?l=vuln-dev&m=101422243817321&w=2", }, { name: "20020220 Re: [Fwd: Help needed with bufferoverflow in cvs]", refsource: "VULN-DEV", url: "http://marc.info/?l=vuln-dev&m=101433077724524&w=2", }, { name: "RHSA-2002:026", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2002-026.html", }, { name: "cvs-global-var-dos(8366)", refsource: "XF", url: "http://www.iss.net/security_center/static/8366.php", }, { name: "DSA-117", refsource: "DEBIAN", url: "http://www.debian.org/security/2002/dsa-117", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2002-0092", datePublished: "2002-06-25T04:00:00", dateReserved: "2002-03-08T00:00:00", dateUpdated: "2024-08-08T02:35:17.572Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2012-0804
Vulnerability from cvelistv5
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T18:38:14.402Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "openSUSE-SU-2012:0310", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2012-02/msg00064.html", }, { name: "1026719", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id?1026719", }, { name: "48150", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/48150", }, { name: "cvs-proxyconnect-bo(73097)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/73097", }, { name: "RHSA-2012:0321", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2012-0321.html", }, { name: "MDVSA-2012:044", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2012:044", }, { name: "78987", tags: [ "vdb-entry", "x_refsource_OSVDB", "x_transferred", ], url: "http://www.osvdb.org/78987", }, { name: "48142", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/48142", }, { name: "USN-1371-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://ubuntu.com/usn/usn-1371-1", }, { name: "47869", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/47869", }, { name: "GLSA-201701-44", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201701-44", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=784141", }, { name: "DSA-2407", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2012/dsa-2407", }, { name: "51943", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/51943", }, { name: "48063", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/48063", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2012-02-06T00:00:00", descriptions: [ { lang: "en", value: "Heap-based buffer overflow in the proxy_connect function in src/client.c in CVS 1.11 and 1.12 allows remote HTTP proxy servers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted HTTP response.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-01-17T19:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "openSUSE-SU-2012:0310", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2012-02/msg00064.html", }, { name: "1026719", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id?1026719", }, { name: "48150", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/48150", }, { name: "cvs-proxyconnect-bo(73097)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/73097", }, { name: "RHSA-2012:0321", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2012-0321.html", }, { name: "MDVSA-2012:044", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2012:044", }, { name: "78987", tags: [ "vdb-entry", "x_refsource_OSVDB", ], url: "http://www.osvdb.org/78987", }, { name: "48142", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/48142", }, { name: "USN-1371-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://ubuntu.com/usn/usn-1371-1", }, { name: "47869", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/47869", }, { name: "GLSA-201701-44", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201701-44", }, { tags: [ "x_refsource_MISC", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=784141", }, { name: "DSA-2407", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2012/dsa-2407", }, { name: "51943", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/51943", }, { name: "48063", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/48063", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2012-0804", datePublished: "2012-05-29T20:00:00", dateReserved: "2012-01-19T00:00:00", dateUpdated: "2024-08-06T18:38:14.402Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2004-0417
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11145 | vdb-entry, signature, x_refsource_OVAL | |
http://www.debian.org/security/2004/dsa-519 | vendor-advisory, x_refsource_DEBIAN | |
http://security.e-matters.de/advisories/092004.html | x_refsource_MISC | |
ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc | vendor-advisory, x_refsource_SGI | |
http://marc.info/?l=bugtraq&m=108716553923643&w=2 | mailing-list, x_refsource_BUGTRAQ | |
http://www.redhat.com/support/errata/RHSA-2004-233.html | vendor-advisory, x_refsource_REDHAT | |
http://www.mandriva.com/security/advisories?name=MDKSA-2004:058 | vendor-advisory, x_refsource_MANDRAKE | |
http://security.gentoo.org/glsa/glsa-200406-06.xml | vendor-advisory, x_refsource_GENTOO | |
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1001 | vdb-entry, signature, x_refsource_OVAL | |
http://lists.grok.org.uk/pipermail/full-disclosure/2004-June/022441.html | mailing-list, x_refsource_FULLDISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-08T00:17:14.946Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "oval:org.mitre.oval:def:11145", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11145", }, { name: "DSA-519", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2004/dsa-519", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://security.e-matters.de/advisories/092004.html", }, { name: "20040605-01-U", tags: [ "vendor-advisory", "x_refsource_SGI", "x_transferred", ], url: "ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc", }, { name: "20040611 [OpenPKG-SA-2004.027] OpenPKG Security Advisory (cvs)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=108716553923643&w=2", }, { name: "RHSA-2004:233", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2004-233.html", }, { name: "MDKSA-2004:058", tags: [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDKSA-2004:058", }, { name: "GLSA-200406-06", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "http://security.gentoo.org/glsa/glsa-200406-06.xml", }, { name: "oval:org.mitre.oval:def:1001", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1001", }, { name: "20040609 Advisory 09/2004: More CVS remote vulnerabilities", tags: [ "mailing-list", "x_refsource_FULLDISC", "x_transferred", ], url: "http://lists.grok.org.uk/pipermail/full-disclosure/2004-June/022441.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2004-06-09T00:00:00", descriptions: [ { lang: "en", value: "Integer overflow in the \"Max-dotdot\" CVS protocol command (serve_max_dotdot) for CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to cause a server crash, which could cause temporary data to remain undeleted and consume disk space.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-10-10T00:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "oval:org.mitre.oval:def:11145", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11145", }, { name: "DSA-519", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2004/dsa-519", }, { tags: [ "x_refsource_MISC", ], url: "http://security.e-matters.de/advisories/092004.html", }, { name: "20040605-01-U", tags: [ "vendor-advisory", "x_refsource_SGI", ], url: "ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc", }, { name: "20040611 [OpenPKG-SA-2004.027] OpenPKG Security Advisory (cvs)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://marc.info/?l=bugtraq&m=108716553923643&w=2", }, { name: "RHSA-2004:233", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2004-233.html", }, { name: "MDKSA-2004:058", tags: [ "vendor-advisory", "x_refsource_MANDRAKE", ], url: "http://www.mandriva.com/security/advisories?name=MDKSA-2004:058", }, { name: "GLSA-200406-06", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "http://security.gentoo.org/glsa/glsa-200406-06.xml", }, { name: "oval:org.mitre.oval:def:1001", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1001", }, { name: "20040609 Advisory 09/2004: More CVS remote vulnerabilities", tags: [ "mailing-list", "x_refsource_FULLDISC", ], url: "http://lists.grok.org.uk/pipermail/full-disclosure/2004-June/022441.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2004-0417", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Integer overflow in the \"Max-dotdot\" CVS protocol command (serve_max_dotdot) for CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to cause a server crash, which could cause temporary data to remain undeleted and consume disk space.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "oval:org.mitre.oval:def:11145", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11145", }, { name: "DSA-519", refsource: "DEBIAN", url: "http://www.debian.org/security/2004/dsa-519", }, { name: "http://security.e-matters.de/advisories/092004.html", refsource: "MISC", url: "http://security.e-matters.de/advisories/092004.html", }, { name: "20040605-01-U", refsource: "SGI", url: "ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc", }, { name: "20040611 [OpenPKG-SA-2004.027] OpenPKG Security Advisory (cvs)", refsource: "BUGTRAQ", url: "http://marc.info/?l=bugtraq&m=108716553923643&w=2", }, { name: "RHSA-2004:233", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2004-233.html", }, { name: "MDKSA-2004:058", refsource: "MANDRAKE", url: "http://www.mandriva.com/security/advisories?name=MDKSA-2004:058", }, { name: "GLSA-200406-06", refsource: "GENTOO", url: "http://security.gentoo.org/glsa/glsa-200406-06.xml", }, { name: "oval:org.mitre.oval:def:1001", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1001", }, { name: "20040609 Advisory 09/2004: More CVS remote vulnerabilities", refsource: "FULLDISC", url: "http://lists.grok.org.uk/pipermail/full-disclosure/2004-June/022441.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2004-0417", datePublished: "2004-06-11T04:00:00", dateReserved: "2004-04-16T00:00:00", dateUpdated: "2024-08-08T00:17:14.946Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2003-0977
Vulnerability from cvelistv5
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-08T02:12:35.454Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "oval:org.mitre.oval:def:855", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A855", }, { name: "20040202-01-U", tags: [ "vendor-advisory", "x_refsource_SGI", "x_transferred", ], url: "ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc", }, { name: "20040129 [FLSA-2004:1207] Updated cvs resolves security vulnerability", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=107540163908129&w=2", }, { name: "MDKSA-2003:112", tags: [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDKSA-2003:112", }, { name: "oval:org.mitre.oval:def:866", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A866", }, { name: "DSA-422", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2004/dsa-422", }, { name: "RHSA-2004:003", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2004-003.html", }, { name: "10601", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/10601", }, { name: "oval:org.mitre.oval:def:11528", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11528", }, { name: "20031217 [OpenPKG-SA-2003.052] OpenPKG Security Advisory (cvs)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=107168035515554&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://ccvs.cvshome.org/servlets/NewsItemView?newsID=84&JServSessionIdservlets=8u3x1myav1", }, { name: "20040103-01-U", tags: [ "vendor-advisory", "x_refsource_SGI", "x_transferred", ], url: "ftp://patches.sgi.com/support/free/security/advisories/20040103-01-U.asc", }, { name: "CLA-2004:808", tags: [ "vendor-advisory", "x_refsource_CONECTIVA", "x_transferred", ], url: "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000808", }, { name: "RHSA-2004:004", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2004-004.html", }, { name: "cvs-module-file-manipulation(13929)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/13929", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2003-12-04T00:00:00", descriptions: [ { lang: "en", value: "CVS server before 1.11.10 may allow attackers to cause the CVS server to create directories and files in the file system root directory via malformed module requests.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-10-10T00:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "oval:org.mitre.oval:def:855", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A855", }, { name: "20040202-01-U", tags: [ "vendor-advisory", "x_refsource_SGI", ], url: "ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc", }, { name: "20040129 [FLSA-2004:1207] Updated cvs resolves security vulnerability", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://marc.info/?l=bugtraq&m=107540163908129&w=2", }, { name: "MDKSA-2003:112", tags: [ "vendor-advisory", "x_refsource_MANDRAKE", ], url: "http://www.mandriva.com/security/advisories?name=MDKSA-2003:112", }, { name: "oval:org.mitre.oval:def:866", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A866", }, { name: "DSA-422", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2004/dsa-422", }, { name: "RHSA-2004:003", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2004-003.html", }, { name: "10601", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/10601", }, { name: "oval:org.mitre.oval:def:11528", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11528", }, { name: "20031217 [OpenPKG-SA-2003.052] OpenPKG Security Advisory (cvs)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://marc.info/?l=bugtraq&m=107168035515554&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://ccvs.cvshome.org/servlets/NewsItemView?newsID=84&JServSessionIdservlets=8u3x1myav1", }, { name: "20040103-01-U", tags: [ "vendor-advisory", "x_refsource_SGI", ], url: "ftp://patches.sgi.com/support/free/security/advisories/20040103-01-U.asc", }, { name: "CLA-2004:808", tags: [ "vendor-advisory", "x_refsource_CONECTIVA", ], url: "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000808", }, { name: "RHSA-2004:004", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2004-004.html", }, { name: "cvs-module-file-manipulation(13929)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/13929", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2003-0977", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "CVS server before 1.11.10 may allow attackers to cause the CVS server to create directories and files in the file system root directory via malformed module requests.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "oval:org.mitre.oval:def:855", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A855", }, { name: "20040202-01-U", refsource: "SGI", url: "ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc", }, { name: "20040129 [FLSA-2004:1207] Updated cvs resolves security vulnerability", refsource: "BUGTRAQ", url: "http://marc.info/?l=bugtraq&m=107540163908129&w=2", }, { name: "MDKSA-2003:112", refsource: "MANDRAKE", url: "http://www.mandriva.com/security/advisories?name=MDKSA-2003:112", }, { name: "oval:org.mitre.oval:def:866", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A866", }, { name: "DSA-422", refsource: "DEBIAN", url: "http://www.debian.org/security/2004/dsa-422", }, { name: "RHSA-2004:003", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2004-003.html", }, { name: "10601", refsource: "SECUNIA", url: "http://secunia.com/advisories/10601", }, { name: "oval:org.mitre.oval:def:11528", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11528", }, { name: "20031217 [OpenPKG-SA-2003.052] OpenPKG Security Advisory (cvs)", refsource: "BUGTRAQ", url: "http://marc.info/?l=bugtraq&m=107168035515554&w=2", }, { name: "http://ccvs.cvshome.org/servlets/NewsItemView?newsID=84&JServSessionIdservlets=8u3x1myav1", refsource: "CONFIRM", url: "http://ccvs.cvshome.org/servlets/NewsItemView?newsID=84&JServSessionIdservlets=8u3x1myav1", }, { name: "20040103-01-U", refsource: "SGI", url: "ftp://patches.sgi.com/support/free/security/advisories/20040103-01-U.asc", }, { name: "CLA-2004:808", refsource: "CONECTIVA", url: "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000808", }, { name: "RHSA-2004:004", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2004-004.html", }, { name: "cvs-module-file-manipulation(13929)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/13929", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2003-0977", datePublished: "2003-12-10T05:00:00", dateReserved: "2003-12-09T00:00:00", dateUpdated: "2024-08-08T02:12:35.454Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2003-0015
Vulnerability from cvelistv5
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-08T01:36:25.368Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2003:012", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2003-012.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://ccvs.cvshome.org/servlets/NewsItemView?newsID=51&JServSessionIdservlets=5of2iuhr14", }, { name: "20030124 Test program for CVS double-free.", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=104342550612736&w=2", }, { name: "MDKSA-2003:009", tags: [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred", ], url: "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:009", }, { name: "FreeBSD-SA-03:01", tags: [ "vendor-advisory", "x_refsource_FREEBSD", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=104438807203491&w=2", }, { name: "6650", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/6650", }, { name: "cvs-doublefree-memory-corruption(11108)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/11108", }, { name: "20030122 [security@slackware.com: [slackware-security] New CVS packages available]", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=104333092200589&w=2", }, { name: "RHSA-2003:013", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2003-013.html", }, { name: "20030202 Exploit for CVS double free() for Linux pserver", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=104428571204468&w=2", }, { name: "DSA-233", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2003/dsa-233", }, { name: "VU#650937", tags: [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred", ], url: "http://www.kb.cert.org/vuls/id/650937", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://security.e-matters.de/advisories/012003.html", }, { name: "CA-2003-02", tags: [ "third-party-advisory", "x_refsource_CERT", "x_transferred", ], url: "http://www.cert.org/advisories/CA-2003-02.html", }, { name: "N-032", tags: [ "third-party-advisory", "government-resource", "x_refsource_CIAC", "x_transferred", ], url: "http://www.ciac.org/ciac/bulletins/n-032.shtml", }, { name: "20030120 Advisory 01/2003: CVS remote vulnerability", tags: [ "mailing-list", "x_refsource_VULNWATCH", "x_transferred", ], url: "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0028.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2003-01-20T00:00:00", descriptions: [ { lang: "en", value: "Double-free vulnerability in CVS 1.11.4 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malformed Directory request, as demonstrated by bypassing write checks to execute Update-prog and Checkin-prog commands.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2007-11-29T00:00:00", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "RHSA-2003:012", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2003-012.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://ccvs.cvshome.org/servlets/NewsItemView?newsID=51&JServSessionIdservlets=5of2iuhr14", }, { name: "20030124 Test program for CVS double-free.", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://marc.info/?l=bugtraq&m=104342550612736&w=2", }, { name: "MDKSA-2003:009", tags: [ "vendor-advisory", "x_refsource_MANDRAKE", ], url: "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:009", }, { name: "FreeBSD-SA-03:01", tags: [ "vendor-advisory", "x_refsource_FREEBSD", ], url: "http://marc.info/?l=bugtraq&m=104438807203491&w=2", }, { name: "6650", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/6650", }, { name: "cvs-doublefree-memory-corruption(11108)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/11108", }, { name: "20030122 [security@slackware.com: [slackware-security] New CVS packages available]", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://marc.info/?l=bugtraq&m=104333092200589&w=2", }, { name: "RHSA-2003:013", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2003-013.html", }, { name: "20030202 Exploit for CVS double free() for Linux pserver", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://marc.info/?l=bugtraq&m=104428571204468&w=2", }, { name: "DSA-233", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2003/dsa-233", }, { name: "VU#650937", tags: [ "third-party-advisory", "x_refsource_CERT-VN", ], url: "http://www.kb.cert.org/vuls/id/650937", }, { tags: [ "x_refsource_MISC", ], url: "http://security.e-matters.de/advisories/012003.html", }, { name: "CA-2003-02", tags: [ "third-party-advisory", "x_refsource_CERT", ], url: "http://www.cert.org/advisories/CA-2003-02.html", }, { name: "N-032", tags: [ "third-party-advisory", "government-resource", "x_refsource_CIAC", ], url: "http://www.ciac.org/ciac/bulletins/n-032.shtml", }, { name: "20030120 Advisory 01/2003: CVS remote vulnerability", tags: [ "mailing-list", "x_refsource_VULNWATCH", ], url: "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0028.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2003-0015", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Double-free vulnerability in CVS 1.11.4 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malformed Directory request, as demonstrated by bypassing write checks to execute Update-prog and Checkin-prog commands.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "RHSA-2003:012", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2003-012.html", }, { name: "http://ccvs.cvshome.org/servlets/NewsItemView?newsID=51&JServSessionIdservlets=5of2iuhr14", refsource: "CONFIRM", url: "http://ccvs.cvshome.org/servlets/NewsItemView?newsID=51&JServSessionIdservlets=5of2iuhr14", }, { name: "20030124 Test program for CVS double-free.", refsource: "BUGTRAQ", url: "http://marc.info/?l=bugtraq&m=104342550612736&w=2", }, { name: "MDKSA-2003:009", refsource: "MANDRAKE", url: "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:009", }, { name: "FreeBSD-SA-03:01", refsource: "FREEBSD", url: "http://marc.info/?l=bugtraq&m=104438807203491&w=2", }, { name: "6650", refsource: "BID", url: "http://www.securityfocus.com/bid/6650", }, { name: "cvs-doublefree-memory-corruption(11108)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/11108", }, { name: "20030122 [security@slackware.com: [slackware-security] New CVS packages available]", refsource: "BUGTRAQ", url: "http://marc.info/?l=bugtraq&m=104333092200589&w=2", }, { name: "RHSA-2003:013", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2003-013.html", }, { name: "20030202 Exploit for CVS double free() for Linux pserver", refsource: "BUGTRAQ", url: "http://marc.info/?l=bugtraq&m=104428571204468&w=2", }, { name: "DSA-233", refsource: "DEBIAN", url: "http://www.debian.org/security/2003/dsa-233", }, { name: "VU#650937", refsource: "CERT-VN", url: "http://www.kb.cert.org/vuls/id/650937", }, { name: "http://security.e-matters.de/advisories/012003.html", refsource: "MISC", url: "http://security.e-matters.de/advisories/012003.html", }, { name: "CA-2003-02", refsource: "CERT", url: "http://www.cert.org/advisories/CA-2003-02.html", }, { name: "N-032", refsource: "CIAC", url: "http://www.ciac.org/ciac/bulletins/n-032.shtml", }, { name: "20030120 Advisory 01/2003: CVS remote vulnerability", refsource: "VULNWATCH", url: "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0028.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2003-0015", datePublished: "2004-09-01T04:00:00", dateReserved: "2003-01-07T00:00:00", dateUpdated: "2024-08-08T01:36:25.368Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2004-1471
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
http://security.e-matters.de/advisories/092004.html | x_refsource_MISC | |
http://www.securityfocus.com/bid/10499 | vdb-entry, x_refsource_BID | |
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:14.cvs.asc | vendor-advisory, x_refsource_FREEBSD | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/16365 | vdb-entry, x_refsource_XF | |
http://lists.grok.org.uk/pipermail/full-disclosure/2004-June/022441.html | mailing-list, x_refsource_FULLDISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-08T00:53:23.983Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://security.e-matters.de/advisories/092004.html", }, { name: "10499", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/10499", }, { name: "FreeBSD-SA-04:14", tags: [ "vendor-advisory", "x_refsource_FREEBSD", "x_transferred", ], url: "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:14.cvs.asc", }, { name: "cvs-wrapper-format-string(16365)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/16365", }, { name: "20040609 Advisory 09/2004: More CVS remote vulnerabilities", tags: [ "mailing-list", "x_refsource_FULLDISC", "x_transferred", ], url: "http://lists.grok.org.uk/pipermail/full-disclosure/2004-June/022441.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2004-06-09T00:00:00", descriptions: [ { lang: "en", value: "Format string vulnerability in wrapper.c in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16 allows remote attackers with CVSROOT commit access to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in a wrapper line.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-07-10T14:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "http://security.e-matters.de/advisories/092004.html", }, { name: "10499", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/10499", }, { name: "FreeBSD-SA-04:14", tags: [ "vendor-advisory", "x_refsource_FREEBSD", ], url: "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:14.cvs.asc", }, { name: "cvs-wrapper-format-string(16365)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/16365", }, { name: "20040609 Advisory 09/2004: More CVS remote vulnerabilities", tags: [ "mailing-list", "x_refsource_FULLDISC", ], url: "http://lists.grok.org.uk/pipermail/full-disclosure/2004-June/022441.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2004-1471", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Format string vulnerability in wrapper.c in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16 allows remote attackers with CVSROOT commit access to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in a wrapper line.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://security.e-matters.de/advisories/092004.html", refsource: "MISC", url: "http://security.e-matters.de/advisories/092004.html", }, { name: "10499", refsource: "BID", url: "http://www.securityfocus.com/bid/10499", }, { name: "FreeBSD-SA-04:14", refsource: "FREEBSD", url: "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:14.cvs.asc", }, { name: "cvs-wrapper-format-string(16365)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/16365", }, { name: "20040609 Advisory 09/2004: More CVS remote vulnerabilities", refsource: "FULLDISC", url: "http://lists.grok.org.uk/pipermail/full-disclosure/2004-June/022441.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2004-1471", datePublished: "2005-02-13T05:00:00", dateReserved: "2005-02-13T00:00:00", dateUpdated: "2024-08-08T00:53:23.983Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2004-0396
Vulnerability from cvelistv5
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-08T00:17:14.626Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "11641", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/11641", }, { name: "11652", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/11652", }, { name: "oval:org.mitre.oval:def:970", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A970", }, { name: "20040519 [OpenPKG-SA-2004.022] OpenPKG Security Advisory (cvs)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=108500040719512&w=2", }, { name: "oval:org.mitre.oval:def:9058", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9058", }, { name: "MDKSA-2004:048", tags: [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDKSA-2004:048", }, { name: "20040519 Advisory 07/2004: CVS remote vulnerability", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://cert.uni-stuttgart.de/archive/bugtraq/2004/05/msg00219.html", }, { name: "20040520 cvs server buffer overflow vulnerability", tags: [ "vendor-advisory", "x_refsource_OPENBSD", "x_transferred", ], url: "http://marc.info/?l=openbsd-security-announce&m=108508894405639&w=2", }, { name: "FreeBSD-SA-04:10", tags: [ "vendor-advisory", "x_refsource_FREEBSD", "x_transferred", ], url: "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:10.cvs.asc", }, { name: "RHSA-2004:190", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2004-190.html", }, { name: "11674", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/11674", }, { name: "GLSA-200405-12", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "http://security.gentoo.org/glsa/glsa-200405-12.xml", }, { name: "11651", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/11651", }, { name: "6305", tags: [ "vdb-entry", "x_refsource_OSVDB", "x_transferred", ], url: "http://www.osvdb.org/6305", }, { name: "TA04-147A", tags: [ "third-party-advisory", "x_refsource_CERT", "x_transferred", ], url: "http://www.us-cert.gov/cas/techalerts/TA04-147A.html", }, { name: "O-147", tags: [ "third-party-advisory", "government-resource", "x_refsource_CIAC", "x_transferred", ], url: "http://www.ciac.org/ciac/bulletins/o-147.shtml", }, { name: "20040519 Advisory 07/2004: CVS remote vulnerability", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=108498454829020&w=2", }, { name: "11647", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/11647", }, { name: "FEDORA-2004-1620", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=108636445031613&w=2", }, { name: "VU#192038", tags: [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred", ], url: "http://www.kb.cert.org/vuls/id/192038", }, { name: "20040519 Advisory 07/2004: CVS remote vulnerability", tags: [ "mailing-list", "x_refsource_FULLDISC", "x_transferred", ], url: "http://archives.neohapsis.com/archives/fulldisclosure/2004-05/0980.html", }, { name: "DSA-505", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2004/dsa-505", }, { name: "cvs-entry-line-bo(16193)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/16193", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://security.e-matters.de/advisories/072004.html", }, { name: "SSA:2004-140-01", tags: [ "vendor-advisory", "x_refsource_SLACKWARE", "x_transferred", ], url: "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.395865", }, { name: "NetBSD-SA2004-008", tags: [ "vendor-advisory", "x_refsource_NETBSD", "x_transferred", ], url: "ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2004-008.txt.asc", }, { name: "10384", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/10384", }, { name: "SuSE-SA:2004:013", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021742.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2004-05-19T00:00:00", descriptions: [ { lang: "en", value: "Heap-based buffer overflow in CVS 1.11.x up to 1.11.15, and 1.12.x up to 1.12.7, when using the pserver mechanism allows remote attackers to execute arbitrary code via Entry lines.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-10-10T00:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "11641", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/11641", }, { name: "11652", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/11652", }, { name: "oval:org.mitre.oval:def:970", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A970", }, { name: "20040519 [OpenPKG-SA-2004.022] OpenPKG Security Advisory (cvs)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://marc.info/?l=bugtraq&m=108500040719512&w=2", }, { name: "oval:org.mitre.oval:def:9058", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9058", }, { name: "MDKSA-2004:048", tags: [ "vendor-advisory", "x_refsource_MANDRAKE", ], url: "http://www.mandriva.com/security/advisories?name=MDKSA-2004:048", }, { name: "20040519 Advisory 07/2004: CVS remote vulnerability", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://cert.uni-stuttgart.de/archive/bugtraq/2004/05/msg00219.html", }, { name: "20040520 cvs server buffer overflow vulnerability", tags: [ "vendor-advisory", "x_refsource_OPENBSD", ], url: "http://marc.info/?l=openbsd-security-announce&m=108508894405639&w=2", }, { name: "FreeBSD-SA-04:10", tags: [ "vendor-advisory", "x_refsource_FREEBSD", ], url: "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:10.cvs.asc", }, { name: "RHSA-2004:190", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2004-190.html", }, { name: "11674", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/11674", }, { name: "GLSA-200405-12", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "http://security.gentoo.org/glsa/glsa-200405-12.xml", }, { name: "11651", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/11651", }, { name: "6305", tags: [ "vdb-entry", "x_refsource_OSVDB", ], url: "http://www.osvdb.org/6305", }, { name: "TA04-147A", tags: [ "third-party-advisory", "x_refsource_CERT", ], url: "http://www.us-cert.gov/cas/techalerts/TA04-147A.html", }, { name: "O-147", tags: [ "third-party-advisory", "government-resource", "x_refsource_CIAC", ], url: "http://www.ciac.org/ciac/bulletins/o-147.shtml", }, { name: "20040519 Advisory 07/2004: CVS remote vulnerability", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://marc.info/?l=bugtraq&m=108498454829020&w=2", }, { name: "11647", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/11647", }, { name: "FEDORA-2004-1620", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://marc.info/?l=bugtraq&m=108636445031613&w=2", }, { name: "VU#192038", tags: [ "third-party-advisory", "x_refsource_CERT-VN", ], url: "http://www.kb.cert.org/vuls/id/192038", }, { name: "20040519 Advisory 07/2004: CVS remote vulnerability", tags: [ "mailing-list", "x_refsource_FULLDISC", ], url: "http://archives.neohapsis.com/archives/fulldisclosure/2004-05/0980.html", }, { name: "DSA-505", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2004/dsa-505", }, { name: "cvs-entry-line-bo(16193)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/16193", }, { tags: [ "x_refsource_MISC", ], url: "http://security.e-matters.de/advisories/072004.html", }, { name: "SSA:2004-140-01", tags: [ "vendor-advisory", "x_refsource_SLACKWARE", ], url: "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.395865", }, { name: "NetBSD-SA2004-008", tags: [ "vendor-advisory", "x_refsource_NETBSD", ], url: "ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2004-008.txt.asc", }, { name: "10384", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/10384", }, { name: "SuSE-SA:2004:013", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021742.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2004-0396", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Heap-based buffer overflow in CVS 1.11.x up to 1.11.15, and 1.12.x up to 1.12.7, when using the pserver mechanism allows remote attackers to execute arbitrary code via Entry lines.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "11641", refsource: "SECUNIA", url: "http://secunia.com/advisories/11641", }, { name: "11652", refsource: "SECUNIA", url: "http://secunia.com/advisories/11652", }, { name: "oval:org.mitre.oval:def:970", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A970", }, { name: "20040519 [OpenPKG-SA-2004.022] OpenPKG Security Advisory (cvs)", refsource: "BUGTRAQ", url: "http://marc.info/?l=bugtraq&m=108500040719512&w=2", }, { name: "oval:org.mitre.oval:def:9058", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9058", }, { name: "MDKSA-2004:048", refsource: "MANDRAKE", url: "http://www.mandriva.com/security/advisories?name=MDKSA-2004:048", }, { name: "20040519 Advisory 07/2004: CVS remote vulnerability", refsource: "BUGTRAQ", url: "http://cert.uni-stuttgart.de/archive/bugtraq/2004/05/msg00219.html", }, { name: "20040520 cvs server buffer overflow vulnerability", refsource: "OPENBSD", url: "http://marc.info/?l=openbsd-security-announce&m=108508894405639&w=2", }, { name: "FreeBSD-SA-04:10", refsource: "FREEBSD", url: "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:10.cvs.asc", }, { name: "RHSA-2004:190", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2004-190.html", }, { name: "11674", refsource: "SECUNIA", url: "http://secunia.com/advisories/11674", }, { name: "GLSA-200405-12", refsource: "GENTOO", url: "http://security.gentoo.org/glsa/glsa-200405-12.xml", }, { name: "11651", refsource: "SECUNIA", url: "http://secunia.com/advisories/11651", }, { name: "6305", refsource: "OSVDB", url: "http://www.osvdb.org/6305", }, { name: "TA04-147A", refsource: "CERT", url: "http://www.us-cert.gov/cas/techalerts/TA04-147A.html", }, { name: "O-147", refsource: "CIAC", url: "http://www.ciac.org/ciac/bulletins/o-147.shtml", }, { name: "20040519 Advisory 07/2004: CVS remote vulnerability", refsource: "BUGTRAQ", url: "http://marc.info/?l=bugtraq&m=108498454829020&w=2", }, { name: "11647", refsource: "SECUNIA", url: "http://secunia.com/advisories/11647", }, { name: "FEDORA-2004-1620", refsource: "FEDORA", url: "http://marc.info/?l=bugtraq&m=108636445031613&w=2", }, { name: "VU#192038", refsource: "CERT-VN", url: "http://www.kb.cert.org/vuls/id/192038", }, { name: "20040519 Advisory 07/2004: CVS remote vulnerability", refsource: "FULLDISC", url: "http://archives.neohapsis.com/archives/fulldisclosure/2004-05/0980.html", }, { name: "DSA-505", refsource: "DEBIAN", url: "http://www.debian.org/security/2004/dsa-505", }, { name: "cvs-entry-line-bo(16193)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/16193", }, { name: "http://security.e-matters.de/advisories/072004.html", refsource: "MISC", url: "http://security.e-matters.de/advisories/072004.html", }, { name: "SSA:2004-140-01", refsource: "SLACKWARE", url: "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.395865", }, { name: "NetBSD-SA2004-008", refsource: "NETBSD", url: "ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2004-008.txt.asc", }, { name: "10384", refsource: "BID", url: "http://www.securityfocus.com/bid/10384", }, { name: "SuSE-SA:2004:013", refsource: "SUSE", url: "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021742.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2004-0396", datePublished: "2004-05-20T04:00:00", dateReserved: "2004-04-13T00:00:00", dateUpdated: "2024-08-08T00:17:14.626Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2004-0405
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1060 | vdb-entry, signature, x_refsource_OVAL | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/15891 | vdb-entry, x_refsource_XF | |
http://www.debian.org/security/2004/dsa-486 | vendor-advisory, x_refsource_DEBIAN | |
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.400181 | vendor-advisory, x_refsource_SLACKWARE | |
ftp://patches.sgi.com/support/free/security/advisories/20040404-01-U.asc | vendor-advisory, x_refsource_SGI | |
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:07.cvs.asc | vendor-advisory, x_refsource_FREEBSD | |
http://security.gentoo.org/glsa/glsa-200404-13.xml | vendor-advisory, x_refsource_GENTOO | |
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10818 | vdb-entry, signature, x_refsource_OVAL | |
http://marc.info/?l=bugtraq&m=108636445031613&w=2 | vendor-advisory, x_refsource_FEDORA |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-08T00:17:14.607Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "oval:org.mitre.oval:def:1060", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1060", }, { name: "cvs-dotdot-directory-traversal(15891)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/15891", }, { name: "DSA-486", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2004/dsa-486", }, { name: "SSA:2004-108-02", tags: [ "vendor-advisory", "x_refsource_SLACKWARE", "x_transferred", ], url: "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.400181", }, { name: "20040404-01-U", tags: [ "vendor-advisory", "x_refsource_SGI", "x_transferred", ], url: "ftp://patches.sgi.com/support/free/security/advisories/20040404-01-U.asc", }, { name: "FreeBSD-SA-04:07", tags: [ "vendor-advisory", "x_refsource_FREEBSD", "x_transferred", ], url: "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:07.cvs.asc", }, { name: "GLSA-200404-13", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "http://security.gentoo.org/glsa/glsa-200404-13.xml", }, { name: "oval:org.mitre.oval:def:10818", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10818", }, { name: "FEDORA-2004-1620", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=108636445031613&w=2", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2004-04-14T00:00:00", descriptions: [ { lang: "en", value: "CVS before 1.11 allows CVS clients to read arbitrary files via .. (dot dot) sequences in filenames via CVS client requests, a different vulnerability than CVE-2004-0180.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-10-10T00:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "oval:org.mitre.oval:def:1060", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1060", }, { name: "cvs-dotdot-directory-traversal(15891)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/15891", }, { name: "DSA-486", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2004/dsa-486", }, { name: "SSA:2004-108-02", tags: [ "vendor-advisory", "x_refsource_SLACKWARE", ], url: "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.400181", }, { name: "20040404-01-U", tags: [ "vendor-advisory", "x_refsource_SGI", ], url: "ftp://patches.sgi.com/support/free/security/advisories/20040404-01-U.asc", }, { name: "FreeBSD-SA-04:07", tags: [ "vendor-advisory", "x_refsource_FREEBSD", ], url: "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:07.cvs.asc", }, { name: "GLSA-200404-13", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "http://security.gentoo.org/glsa/glsa-200404-13.xml", }, { name: "oval:org.mitre.oval:def:10818", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10818", }, { name: "FEDORA-2004-1620", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://marc.info/?l=bugtraq&m=108636445031613&w=2", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2004-0405", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "CVS before 1.11 allows CVS clients to read arbitrary files via .. (dot dot) sequences in filenames via CVS client requests, a different vulnerability than CVE-2004-0180.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "oval:org.mitre.oval:def:1060", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1060", }, { name: "cvs-dotdot-directory-traversal(15891)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/15891", }, { name: "DSA-486", refsource: "DEBIAN", url: "http://www.debian.org/security/2004/dsa-486", }, { name: "SSA:2004-108-02", refsource: "SLACKWARE", url: "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.400181", }, { name: "20040404-01-U", refsource: "SGI", url: "ftp://patches.sgi.com/support/free/security/advisories/20040404-01-U.asc", }, { name: "FreeBSD-SA-04:07", refsource: "FREEBSD", url: "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:07.cvs.asc", }, { name: "GLSA-200404-13", refsource: "GENTOO", url: "http://security.gentoo.org/glsa/glsa-200404-13.xml", }, { name: "oval:org.mitre.oval:def:10818", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10818", }, { name: "FEDORA-2004-1620", refsource: "FEDORA", url: "http://marc.info/?l=bugtraq&m=108636445031613&w=2", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2004-0405", datePublished: "2004-04-17T04:00:00", dateReserved: "2004-04-16T00:00:00", dateUpdated: "2024-08-08T00:17:14.607Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2005-0753
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
http://bugs.gentoo.org/attachment.cgi?id=54352&action=view | x_refsource_MISC | |
http://www.debian.org/security/2005/dsa-742 | vendor-advisory, x_refsource_DEBIAN | |
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9688 | vdb-entry, signature, x_refsource_OVAL | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/20148 | vdb-entry, x_refsource_XF | |
http://www.novell.com/linux/security/advisories/2005_24_cvs.html | vendor-advisory, x_refsource_SUSE | |
http://www.gentoo.org/security/en/glsa/glsa-200504-16.xml | vendor-advisory, x_refsource_GENTOO | |
http://secunia.com/advisories/14976/ | third-party-advisory, x_refsource_SECUNIA | |
http://www.redhat.com/support/errata/RHSA-2005-387.html | vendor-advisory, x_refsource_REDHAT |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T21:28:27.168Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://bugs.gentoo.org/attachment.cgi?id=54352&action=view", }, { name: "DSA-742", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2005/dsa-742", }, { name: "oval:org.mitre.oval:def:9688", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9688", }, { name: "cvs-bo(20148)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/20148", }, { name: "SUSE-SA:2005:024", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://www.novell.com/linux/security/advisories/2005_24_cvs.html", }, { name: "GLSA-200504-16", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "http://www.gentoo.org/security/en/glsa/glsa-200504-16.xml", }, { name: "14976", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/14976/", }, { name: "RHSA-2005:387", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2005-387.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2005-04-18T00:00:00", descriptions: [ { lang: "en", value: "Buffer overflow in CVS before 1.11.20 allows remote attackers to execute arbitrary code.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-10-10T00:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_MISC", ], url: "http://bugs.gentoo.org/attachment.cgi?id=54352&action=view", }, { name: "DSA-742", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2005/dsa-742", }, { name: "oval:org.mitre.oval:def:9688", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9688", }, { name: "cvs-bo(20148)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/20148", }, { name: "SUSE-SA:2005:024", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://www.novell.com/linux/security/advisories/2005_24_cvs.html", }, { name: "GLSA-200504-16", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "http://www.gentoo.org/security/en/glsa/glsa-200504-16.xml", }, { name: "14976", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/14976/", }, { name: "RHSA-2005:387", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2005-387.html", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2005-0753", datePublished: "2005-04-21T04:00:00", dateReserved: "2005-03-17T00:00:00", dateUpdated: "2024-08-07T21:28:27.168Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2005-2693
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
http://www.vupen.com/english/advisories/2005/1667 | vdb-entry, x_refsource_VUPEN | |
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=166366 | x_refsource_CONFIRM | |
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:20.cvsbug.asc | vendor-advisory, x_refsource_FREEBSD | |
http://www.redhat.com/support/errata/RHSA-2005-756.html | vendor-advisory, x_refsource_REDHAT | |
http://secunia.com/advisories/16765 | third-party-advisory, x_refsource_SECUNIA | |
http://securitytracker.com/id?1014857 | vdb-entry, x_refsource_SECTRACK | |
http://www.debian.org/security/2005/dsa-802 | vendor-advisory, x_refsource_DEBIAN | |
http://www.debian.org/security/2005/dsa-806 | vendor-advisory, x_refsource_DEBIAN | |
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10835 | vdb-entry, signature, x_refsource_OVAL |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T22:45:01.936Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "ADV-2005-1667", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2005/1667", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=166366", }, { name: "FreeBSD-SA-05:20", tags: [ "vendor-advisory", "x_refsource_FREEBSD", "x_transferred", ], url: "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:20.cvsbug.asc", }, { name: "RHSA-2005:756", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2005-756.html", }, { name: "16765", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/16765", }, { name: "1014857", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://securitytracker.com/id?1014857", }, { name: "DSA-802", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2005/dsa-802", }, { name: "DSA-806", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2005/dsa-806", }, { name: "oval:org.mitre.oval:def:10835", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10835", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2005-08-19T00:00:00", descriptions: [ { lang: "en", value: "cvsbug in CVS 1.12.12 and earlier creates temporary files insecurely, which allows local users to overwrite arbitrary files and execute arbitrary code via a symlink attack.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-10-10T00:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "ADV-2005-1667", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2005/1667", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=166366", }, { name: "FreeBSD-SA-05:20", tags: [ "vendor-advisory", "x_refsource_FREEBSD", ], url: "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:20.cvsbug.asc", }, { name: "RHSA-2005:756", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2005-756.html", }, { name: "16765", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/16765", }, { name: "1014857", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://securitytracker.com/id?1014857", }, { name: "DSA-802", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2005/dsa-802", }, { name: "DSA-806", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2005/dsa-806", }, { name: "oval:org.mitre.oval:def:10835", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10835", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2005-2693", datePublished: "2005-08-25T04:00:00", dateReserved: "2005-08-25T00:00:00", dateUpdated: "2024-08-07T22:45:01.936Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2000-0680
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
http://www.securityfocus.com/frames/?content=/templates/archive.pike%3Flist%3D1%26msg%3Dhvou2daoebb.fsf%40serein.m17n.org | mailing-list, x_refsource_BUGTRAQ | |
http://www.securityfocus.com/bid/1524 | vdb-entry, x_refsource_BID |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-08T05:28:40.711Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20000728 cvs security problem", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/frames/?content=/templates/archive.pike%3Flist%3D1%26msg%3Dhvou2daoebb.fsf%40serein.m17n.org", }, { name: "1524", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/1524", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2000-07-28T00:00:00", descriptions: [ { lang: "en", value: "The CVS 1.10.8 server does not properly restrict users from creating arbitrary Checkin.prog or Update.prog programs, which allows remote CVS committers to modify or create Trojan horse programs with the Checkin.prog or Update.prog names, then performing a CVS commit action.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2005-11-02T10:00:00", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "20000728 cvs security problem", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/frames/?content=/templates/archive.pike%3Flist%3D1%26msg%3Dhvou2daoebb.fsf%40serein.m17n.org", }, { name: "1524", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/1524", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2000-0680", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The CVS 1.10.8 server does not properly restrict users from creating arbitrary Checkin.prog or Update.prog programs, which allows remote CVS committers to modify or create Trojan horse programs with the Checkin.prog or Update.prog names, then performing a CVS commit action.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "20000728 cvs security problem", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/frames/?content=/templates/archive.pike%3Flist%3D1%26msg%3Dhvou2daoebb.fsf%40serein.m17n.org", }, { name: "1524", refsource: "BID", url: "http://www.securityfocus.com/bid/1524", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2000-0680", datePublished: "2000-09-21T04:00:00", dateReserved: "2000-09-19T00:00:00", dateUpdated: "2024-08-08T05:28:40.711Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2000-0338
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
http://www.securityfocus.com/frames/?content=/templates/archive.pike%3Flist%3D1%26msg%3D20000423174038.A520%40clico.pl | mailing-list, x_refsource_BUGTRAQ | |
http://www.securityfocus.com/bid/1136 | vdb-entry, x_refsource_BID |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-08T05:14:21.271Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20000423 CVS DoS", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/frames/?content=/templates/archive.pike%3Flist%3D1%26msg%3D20000423174038.A520%40clico.pl", }, { name: "1136", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/1136", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2000-04-23T00:00:00", descriptions: [ { lang: "en", value: "Concurrent Versions Software (CVS) uses predictable temporary file names for locking, which allows local users to cause a denial of service by creating the lock directory before it is created for use by a legitimate CVS user.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2005-11-02T10:00:00", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "20000423 CVS DoS", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/frames/?content=/templates/archive.pike%3Flist%3D1%26msg%3D20000423174038.A520%40clico.pl", }, { name: "1136", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/1136", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2000-0338", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Concurrent Versions Software (CVS) uses predictable temporary file names for locking, which allows local users to cause a denial of service by creating the lock directory before it is created for use by a legitimate CVS user.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "20000423 CVS DoS", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/frames/?content=/templates/archive.pike%3Flist%3D1%26msg%3D20000423174038.A520%40clico.pl", }, { name: "1136", refsource: "BID", url: "http://www.securityfocus.com/bid/1136", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2000-0338", datePublished: "2000-10-13T04:00:00", dateReserved: "2000-05-11T00:00:00", dateUpdated: "2024-08-08T05:14:21.271Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2004-1343
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
http://www.debian.org/security/2005/dsa-715 | vendor-advisory, x_refsource_DEBIAN |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-08T00:46:12.326Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "DSA-715", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2005/dsa-715", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "CVS 1.12 and earlier on Debian GNU/Linux does not properly handle when a mapping for the current repository does not exist in the cvs-repouids file, which allows remote attackers to cause a denial of service (server crash).", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2005-04-27T04:00:00Z", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "DSA-715", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2005/dsa-715", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2004-1343", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "CVS 1.12 and earlier on Debian GNU/Linux does not properly handle when a mapping for the current repository does not exist in the cvs-repouids file, which allows remote attackers to cause a denial of service (server crash).", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "DSA-715", refsource: "DEBIAN", url: "http://www.debian.org/security/2005/dsa-715", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2004-1343", datePublished: "2005-04-27T04:00:00Z", dateReserved: "2005-01-06T00:00:00Z", dateUpdated: "2024-09-17T02:01:39.656Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
var-201011-0260
Vulnerability from variot
Array index error in the apply_rcs_change function in rcs.c in CVS 1.11.23 allows local users to gain privileges via an RCS file containing crafted delta fragment changes that trigger a heap-based buffer overflow. Concurrent Versions System is an open source version control system. Enticing users to examine specially constructed files can trigger a heap-based buffer overflow. CVS is prone to a heap-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input before copying it to an insufficiently sized buffer. A local attacker can exploit this issue by storing a malicious RCS file in the CVS repository, and enticing an unsuspecting user to update their CVS repository tree with the file. Successful exploitation allows the attacker to execute arbitrary code with the privileges of the user running the vulnerable application. Failed attempts will result in denial-of-service conditions. ----------------------------------------------------------------------
Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM) Beta.
Join the beta: http://secunia.com/products/corporate/vim/
TITLE: CVS Delta Fragment Array Indexing Vulnerability
SECUNIA ADVISORY ID: SA41079
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41079/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41079
RELEASE DATE: 2010-10-29
DISCUSS ADVISORY: http://secunia.com/advisories/41079/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/41079/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=41079
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: A vulnerability has been reported in CVS, which can be exploited by malicious, local users to gain escalated privileges.
The vulnerability is reported in version 1.11.23. Other versions may also be affected.
SOLUTION: Fixed in the CVS repository.
PROVIDED AND/OR DISCOVERED BY: Red Hat credits Ralph Loader
ORIGINAL ADVISORY: CVS: http://cvs.savannah.gnu.org/viewvc/cvs/ccvs/src/rcs.c?r1=1.262.4.65&r2=1.262.4.66&sortby=rev
Red Hat: https://bugzilla.redhat.com/show_bug.cgi?id=642146
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges.
For more information: SA41079
SOLUTION: Apply updated packages via the yum utility ("yum update cvs")
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-201011-0260", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "cvs", scope: "eq", trust: 1.7, vendor: "cvs", version: "1.11.23", }, { model: "cvs", scope: "eq", trust: 1.6, vendor: "nongnu", version: "1.11.23", }, { model: "enterprise linux desktop", scope: "eq", trust: 0.8, vendor: "red hat", version: "6", }, { model: "enterprise linux hpc node", scope: "eq", trust: 0.8, vendor: "red hat", version: "6", }, { model: "enterprise linux server", scope: "eq", trust: 0.8, vendor: "red hat", version: "6", }, { model: "enterprise linux workstation", scope: "eq", trust: 0.8, vendor: "red hat", version: "6", }, { model: "enterprise linux workstation", scope: "eq", trust: 0.3, vendor: "redhat", version: "6", }, { model: "enterprise linux server", scope: "eq", trust: 0.3, vendor: "redhat", version: "6", }, { model: "enterprise linux hpc node", scope: "eq", trust: 0.3, vendor: "redhat", version: "6", }, { model: "enterprise linux desktop", scope: "eq", trust: 0.3, vendor: "redhat", version: "6", }, ], sources: [ { db: "CNVD", id: "CNVD-2010-2595", }, { db: "BID", id: "44528", }, { db: "JVNDB", id: "JVNDB-2010-002534", }, { db: "NVD", id: "CVE-2010-3846", }, { db: "CNNVD", id: "CNNVD-201011-046", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:nongnu:cvs:1.11.23:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2010-3846", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Jan Lieskovsky", sources: [ { db: "BID", id: "44528", }, ], trust: 0.3, }, cve: "CVE-2010-3846", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "MEDIUM", accessVector: "LOCAL", authentication: "NONE", author: "NVD", availabilityImpact: "COMPLETE", baseScore: 6.9, confidentialityImpact: "COMPLETE", exploitabilityScore: 3.4, impactScore: 10, integrityImpact: "COMPLETE", obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "MEDIUM", trust: 1, userInteractionRequired: false, vectorString: "AV:L/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Medium", accessVector: "Local", authentication: "None", author: "NVD", availabilityImpact: "Complete", baseScore: 6.9, confidentialityImpact: "Complete", exploitabilityScore: null, id: "CVE-2010-3846", impactScore: null, integrityImpact: "Complete", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "Medium", trust: 0.8, userInteractionRequired: null, vectorString: "AV:L/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, ], cvssV3: [], severity: [ { author: "NVD", id: "CVE-2010-3846", trust: 1.8, value: "MEDIUM", }, { author: "CNNVD", id: "CNNVD-201011-046", trust: 0.6, value: "MEDIUM", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2010-002534", }, { db: "NVD", id: "CVE-2010-3846", }, { db: "CNNVD", id: "CNNVD-201011-046", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Array index error in the apply_rcs_change function in rcs.c in CVS 1.11.23 allows local users to gain privileges via an RCS file containing crafted delta fragment changes that trigger a heap-based buffer overflow. Concurrent Versions System is an open source version control system. Enticing users to examine specially constructed files can trigger a heap-based buffer overflow. CVS is prone to a heap-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input before copying it to an insufficiently sized buffer. \nA local attacker can exploit this issue by storing a malicious RCS file in the CVS repository, and enticing an unsuspecting user to update their CVS repository tree with the file. \nSuccessful exploitation allows the attacker to execute arbitrary code with the privileges of the user running the vulnerable application. Failed attempts will result in denial-of-service conditions. ----------------------------------------------------------------------\n\n\nSecure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM) Beta. \n\nJoin the beta: \nhttp://secunia.com/products/corporate/vim/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nCVS Delta Fragment Array Indexing Vulnerability\n\nSECUNIA ADVISORY ID:\nSA41079\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/41079/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory&vuln_id=41079\n\nRELEASE DATE:\n2010-10-29\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/41079/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/41079/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory&vuln_id=41079\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA vulnerability has been reported in CVS, which can be exploited by\nmalicious, local users to gain escalated privileges. \n\nThe vulnerability is reported in version 1.11.23. Other versions may\nalso be affected. \n\nSOLUTION:\nFixed in the CVS repository. \n\nPROVIDED AND/OR DISCOVERED BY:\nRed Hat credits Ralph Loader\n\nORIGINAL ADVISORY:\nCVS:\nhttp://cvs.savannah.gnu.org/viewvc/cvs/ccvs/src/rcs.c?r1=1.262.4.65&r2=1.262.4.66&sortby=rev\n\nRed Hat:\nhttps://bugzilla.redhat.com/show_bug.cgi?id=642146\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. This fixes a vulnerability,\nwhich can be exploited by malicious, local users to gain escalated\nprivileges. \n\nFor more information:\nSA41079\n\nSOLUTION:\nApply updated packages via the yum utility (\"yum update cvs\")", sources: [ { db: "NVD", id: "CVE-2010-3846", }, { db: "JVNDB", id: "JVNDB-2010-002534", }, { db: "CNVD", id: "CNVD-2010-2595", }, { db: "BID", id: "44528", }, { db: "PACKETSTORM", id: "95293", }, { db: "PACKETSTORM", id: "96222", }, { db: "PACKETSTORM", id: "95295", }, ], trust: 2.7, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2010-3846", trust: 3.3, }, { db: "SECUNIA", id: "41079", trust: 3.1, }, { db: "BID", id: "44528", trust: 2.7, }, { db: "SECUNIA", id: "42409", trust: 2.5, }, { db: "SECTRACK", id: "1024795", trust: 2.4, }, { db: "VUPEN", id: "ADV-2010-2845", trust: 2.4, }, { db: "VUPEN", id: "ADV-2010-3080", trust: 2.4, }, { db: "OSVDB", id: "68952", trust: 2.4, }, { db: "SECUNIA", id: "42041", trust: 1.7, }, { db: "VUPEN", id: "ADV-2010-2846", trust: 1.6, }, { db: "VUPEN", id: "ADV-2010-2869", trust: 1.6, }, { db: "VUPEN", id: "ADV-2010-2899", trust: 1.6, }, { db: "XF", id: "62858", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2010-002534", trust: 0.8, }, { db: "CNVD", id: "CNVD-2010-2595", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-201011-046", trust: 0.6, }, { db: "PACKETSTORM", id: "95293", trust: 0.1, }, { db: "PACKETSTORM", id: "96222", trust: 0.1, }, { db: "PACKETSTORM", id: "95295", trust: 0.1, }, ], sources: [ { db: "CNVD", id: "CNVD-2010-2595", }, { db: "BID", id: "44528", }, { db: "JVNDB", id: "JVNDB-2010-002534", }, { db: "PACKETSTORM", id: "95293", }, { db: "PACKETSTORM", id: "96222", }, { db: "PACKETSTORM", id: "95295", }, { db: "NVD", id: "CVE-2010-3846", }, { db: "CNNVD", id: "CNNVD-201011-046", }, ], }, id: "VAR-201011-0260", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2010-2595", }, ], trust: 0.06, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2010-2595", }, ], }, last_update_date: "2023-12-18T13:20:19.071000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Top Page", trust: 0.8, url: "http://savannah.nongnu.org/projects/cvs/", }, { title: "RHSA-2010:0918", trust: 0.8, url: "https://rhn.redhat.com/errata/rhsa-2010-0918.html", }, { title: "Patch for CVS Delta Fragment Array Indexing Vulnerability", trust: 0.6, url: "https://www.cnvd.org.cn/patchinfo/show/1552", }, { title: "FreeBSD CVSweb Buffer error vulnerability fix", trust: 0.6, url: "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=234755", }, ], sources: [ { db: "CNVD", id: "CNVD-2010-2595", }, { db: "JVNDB", id: "JVNDB-2010-002534", }, { db: "CNNVD", id: "CNNVD-201011-046", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-119", trust: 1.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2010-002534", }, { db: "NVD", id: "CVE-2010-3846", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.4, url: "http://www.osvdb.org/68952", }, { trust: 2.4, url: "http://secunia.com/advisories/41079", }, { trust: 2.4, url: "http://secunia.com/advisories/42409", }, { trust: 2.4, url: "http://www.securityfocus.com/bid/44528", }, { trust: 2.4, url: "http://www.securitytracker.com/id?1024795", }, { trust: 2.4, url: "http://www.vupen.com/english/advisories/2010/2845", }, { trust: 2.4, url: "http://www.vupen.com/english/advisories/2010/3080", }, { trust: 2, url: "https://bugzilla.redhat.com/show_bug.cgi?id=642146", }, { trust: 1.7, url: "http://cvs.savannah.gnu.org/viewvc/cvs/ccvs/src/rcs.c?r1=1.262.4.65&r2=1.262.4.66&sortby=rev", }, { trust: 1.7, url: "http://lists.fedoraproject.org/pipermail/package-announce/2010-october/050090.html", }, { trust: 1.6, url: "http://lists.fedoraproject.org/pipermail/package-announce/2010-november/050212.html", }, { trust: 1.6, url: "http://lists.fedoraproject.org/pipermail/package-announce/2010-november/050287.html", }, { trust: 1.6, url: "http://secunia.com/advisories/42041", }, { trust: 1.6, url: "http://www.redhat.com/support/errata/rhsa-2010-0918.html", }, { trust: 1.6, url: "http://www.vupen.com/english/advisories/2010/2846", }, { trust: 1.6, url: "http://www.vupen.com/english/advisories/2010/2869", }, { trust: 1.6, url: "http://www.vupen.com/english/advisories/2010/2899", }, { trust: 1.6, url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/62858", }, { trust: 0.8, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3846", }, { trust: 0.8, url: "http://xforce.iss.net/xforce/xfdb/62858", }, { trust: 0.8, url: "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-3846", }, { trust: 0.7, url: "http://secunia.com/advisories/41079/", }, { trust: 0.6, url: "https://access.redhat.com/errata/rhsa-2010:0918", }, { trust: 0.6, url: "https://access.redhat.com/security/cve/cve-2010-3846", }, { trust: 0.3, url: "http://www.cvshome.org/eng/", }, { trust: 0.3, url: "http://secunia.com/products/corporate/evm/", }, { trust: 0.3, url: "http://secunia.com/advisories/secunia_security_advisories/", }, { trust: 0.3, url: "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/", }, { trust: 0.3, url: "http://secunia.com/products/corporate/vim/", }, { trust: 0.3, url: "http://secunia.com/vulnerability_scanning/personal/", }, { trust: 0.3, url: "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org", }, { trust: 0.3, url: "http://secunia.com/advisories/about_secunia_advisories/", }, { trust: 0.1, url: "http://secunia.com/advisories/41079/#comments", }, { trust: 0.1, url: "https://ca.secunia.com/?page=viewadvisory&vuln_id=41079", }, { trust: 0.1, url: "https://rhn.redhat.com/errata/rhsa-2010-0918.html", }, { trust: 0.1, url: "http://secunia.com/advisories/42409/#comments", }, { trust: 0.1, url: "https://ca.secunia.com/?page=viewadvisory&vuln_id=42409", }, { trust: 0.1, url: "http://secunia.com/advisories/42409/", }, { trust: 0.1, url: "http://secunia.com/advisories/42041/#comments", }, { trust: 0.1, url: "http://secunia.com/advisories/42041/", }, { trust: 0.1, url: "https://ca.secunia.com/?page=viewadvisory&vuln_id=42041", }, ], sources: [ { db: "CNVD", id: "CNVD-2010-2595", }, { db: "BID", id: "44528", }, { db: "JVNDB", id: "JVNDB-2010-002534", }, { db: "PACKETSTORM", id: "95293", }, { db: "PACKETSTORM", id: "96222", }, { db: "PACKETSTORM", id: "95295", }, { db: "NVD", id: "CVE-2010-3846", }, { db: "CNNVD", id: "CNNVD-201011-046", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2010-2595", }, { db: "BID", id: "44528", }, { db: "JVNDB", id: "JVNDB-2010-002534", }, { db: "PACKETSTORM", id: "95293", }, { db: "PACKETSTORM", id: "96222", }, { db: "PACKETSTORM", id: "95295", }, { db: "NVD", id: "CVE-2010-3846", }, { db: "CNNVD", id: "CNNVD-201011-046", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2010-11-02T00:00:00", db: "CNVD", id: "CNVD-2010-2595", }, { date: "2010-10-28T00:00:00", db: "BID", id: "44528", }, { date: "2010-12-21T00:00:00", db: "JVNDB", id: "JVNDB-2010-002534", }, { date: "2010-11-01T01:34:47", db: "PACKETSTORM", id: "95293", }, { date: "2010-11-30T05:50:29", db: "PACKETSTORM", id: "96222", }, { date: "2010-11-01T01:34:52", db: "PACKETSTORM", id: "95295", }, { date: "2010-11-05T17:00:02.530000", db: "NVD", id: "CVE-2010-3846", }, { date: "2010-11-09T00:00:00", db: "CNNVD", id: "CNNVD-201011-046", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2010-11-02T00:00:00", db: "CNVD", id: "CNVD-2010-2595", }, { date: "2015-04-13T21:59:00", db: "BID", id: "44528", }, { date: "2010-12-21T00:00:00", db: "JVNDB", id: "JVNDB-2010-002534", }, { date: "2023-02-13T04:26:00.547000", db: "NVD", id: "CVE-2010-3846", }, { date: "2023-04-25T00:00:00", db: "CNNVD", id: "CNNVD-201011-046", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "local", sources: [ { db: "PACKETSTORM", id: "95293", }, { db: "PACKETSTORM", id: "96222", }, { db: "PACKETSTORM", id: "95295", }, { db: "CNNVD", id: "CNNVD-201011-046", }, ], trust: 0.9, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "CVS of rcs.c Is in apply_rcs_change Elevation of privilege vulnerability in functions", sources: [ { db: "JVNDB", id: "JVNDB-2010-002534", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "buffer error", sources: [ { db: "CNNVD", id: "CNNVD-201011-046", }, ], trust: 0.6, }, }