Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2004-0418 | First vendor Publication | 2004-08-06 |
Vendor | Cve | Last vendor Modification | 2018-05-03 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
serve_notify in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle empty data lines, which may allow remote attackers to perform an "out-of-bounds" write for a single byte to execute arbitrary code or modify critical program data. |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0418 |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:1003 | |||
Oval ID: | oval:org.mitre.oval:def:1003 | ||
Title: | CVS serve_notify Improper Handling of Empty Data Lines | ||
Description: | serve_notify in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle empty data lines, which may allow remote attackers to perform an "out-of-bounds" write for a single byte to execute arbitrary code or modify critical program data. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2004-0418 | Version: | 1 |
Platform(s): | Red Hat Enterprise Linux 3 | Product(s): | CVS |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11242 | |||
Oval ID: | oval:org.mitre.oval:def:11242 | ||
Title: | serve_notify in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle empty data lines, which may allow remote attackers to perform an "out-of-bounds" write for a single byte to execute arbitrary code or modify critical program data. | ||
Description: | serve_notify in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle empty data lines, which may allow remote attackers to perform an "out-of-bounds" write for a single byte to execute arbitrary code or modify critical program data. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2004-0418 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 | Product(s): | |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2008-09-24 | Name : Gentoo Security Advisory GLSA 200406-06 (CVS) File : nvt/glsa_200406_06.nasl |
2008-09-04 | Name : FreeBSD Ports: cvs+ipv6 File : nvt/freebsd_cvs+ipv6.nasl |
2008-09-04 | Name : FreeBSD Security Advisory (FreeBSD-SA-04:14.cvs.asc) File : nvt/freebsdsa_cvs2.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 519-1 (cvs) File : nvt/deb_519_1.nasl |
2005-11-03 | Name : CVS malformed entry lines flaw File : nvt/cvs_malformed_entry_lines_flaw.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2004-161-01 cvs File : nvt/esoft_slk_ssa_2004_161_01.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
6835 | CVS serve_notify Out-of-Bounds Arbitrary Code Execution |
6834 | CVS serve_notify Overflow Command Execution A remote overflow exists in Concurrent Versions System. The CVS fails to handle an empty data line input resulting in a potential single byte overflow. With a specially crafted request, an attacker can cause the execution of the supplied code resulting in a loss of confidentiality, integrity, and/or availability. Since the CVS system is used to version control source code, these flaws put the source code in the repository at risk of being changed. This could lead to future exploits of any software that was checked into the system. These problems were discovered after a system compromise. The subsequent CVS code audit discovered several issues. This should be considered a critical issue and any source code located on public CVS servers should be verified to be correct. |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2009-04-23 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_d2102505f03d11d881b0000347a4fa7d.nasl - Type : ACT_GATHER_INFO |
2005-07-13 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2004-161-01.nasl - Type : ACT_GATHER_INFO |
2004-09-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-517.nasl - Type : ACT_GATHER_INFO |
2004-09-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-519.nasl - Type : ACT_GATHER_INFO |
2004-08-30 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200406-06.nasl - Type : ACT_GATHER_INFO |
2004-07-31 | Name : The remote Mandrake Linux host is missing a security update. File : mandrake_MDKSA-2004-058.nasl - Type : ACT_GATHER_INFO |
2004-07-25 | Name : The remote host is missing a vendor-supplied security patch File : suse_SA_2004_015.nasl - Type : ACT_GATHER_INFO |
2004-07-23 | Name : The remote Fedora Core host is missing a security update. File : fedora_2004-169.nasl - Type : ACT_GATHER_INFO |
2004-07-23 | Name : The remote Fedora Core host is missing a security update. File : fedora_2004-170.nasl - Type : ACT_GATHER_INFO |
2004-07-06 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2004-233.nasl - Type : ACT_GATHER_INFO |
2004-06-09 | Name : The remote CVS server is affected by multiple issues. File : cvs_malformed_entry_lines_flaw.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
Date | Informations |
---|---|
2021-05-04 12:02:19 |
|
2021-04-22 01:02:28 |
|
2020-05-23 00:15:47 |
|
2018-05-03 09:19:26 |
|
2016-10-18 12:01:20 |
|
2016-04-26 12:49:43 |
|
2014-02-17 10:27:29 |
|
2013-05-11 11:41:34 |
|