CVE-2004-0396

EPSS 86.79%
Veröffentlicht 14.06.2004 04:00:00
Zuletzt bearbeitet 03.04.2025 01:03:51
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

Heap-based buffer overflow in CVS 1.11.x up to 1.11.15, and 1.12.x up to 1.12.7, when using the pserver mechanism allows remote attackers to execute arbitrary code via Entry lines.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 31

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Cvs ≫ Cvs Version1.11

Cvs ≫ Cvs Version1.12

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	86.79%	0.994

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

http://marc.info/?l=bugtraq&m=108636445031613&w=2

ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2004-008.txt.asc

ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:10.cvs.asc

http://archives.neohapsis.com/archives/fulldisclosure/2004-05/0980.html

http://cert.uni-stuttgart.de/archive/bugtraq/2004/05/msg00219.html

http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021742.html

http://marc.info/?l=bugtraq&m=108498454829020&w=2

http://marc.info/?l=bugtraq&m=108500040719512&w=2

http://marc.info/?l=openbsd-security-announce&m=108508894405639&w=2

http://secunia.com/advisories/11641

http://secunia.com/advisories/11647

http://secunia.com/advisories/11651

http://secunia.com/advisories/11652

http://secunia.com/advisories/11674

http://security.e-matters.de/advisories/072004.html

http://security.gentoo.org/glsa/glsa-200405-12.xml

http://www.ciac.org/ciac/bulletins/o-147.shtml

http://www.debian.org/security/2004/dsa-505

Patch

Vendor Advisory

http://www.kb.cert.org/vuls/id/192038

Patch

Third Party Advisory

US Government Resource

http://www.mandriva.com/security/advisories?name=MDKSA-2004:048

http://www.osvdb.org/6305

http://www.redhat.com/support/errata/RHSA-2004-190.html

Patch

Vendor Advisory

http://www.securityfocus.com/bid/10384

http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.395865

http://www.us-cert.gov/cas/techalerts/TA04-147A.html

US Government Resource

https://exchange.xforce.ibmcloud.com/vulnerabilities/16193

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9058

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A970

https://nvd.nist.gov/vuln/detail/CVE-2004-0396

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2004-0396

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2004-0396

EUVD