what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 5 of 5 RSS Feed

CVE-2004-0396

Status Candidate

Overview

Heap-based buffer overflow in CVS 1.11.x up to 1.11.15, and 1.12.x up to 1.12.7, when using the pserver mechanism allows remote attackers to execute arbitrary code via Entry lines.

Related Files

freedom.c
Posted Aug 12, 2004
Authored by Gyan Chawdhary

Remote CVS exploit for versions 1.11.15 and below that makes use of the Argumentx error_prog_name double free heap overflow on RedHat 8.0.

tags | exploit, remote, overflow
systems | linux, redhat
advisories | CVE-2004-0396
SHA-256 | 1ef0f00bc5dd2efbcfedccbeaf427ca4d38d3c2fcf5a2710c02762f6489148f1
Technical Cyber Security Alert 2004-147A
Posted May 28, 2004
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert TA04-147A - A heap overflow vulnerability in the Concurrent Versions System (CVS) could allow a remote attacker to execute arbitrary code on a vulnerable system. Systems affected: Concurrent Versions System (CVS) versions prior to 1.11.16. CVS Features versions prior to 1.12.8.

tags | advisory, remote, overflow, arbitrary
advisories | CVE-2004-0396
SHA-256 | eb076a8b5b46b1ff5cdb1e09fb7058dfaf0b977564279a22443f627e735d5bc8
cvs_solaris_HEAP.c
Posted May 20, 2004

Remote root exploit for stable CVS releases up to 1.11.15 and CVS feature releases up to 1.12.7. Solaris version. Anonymously submitted.

tags | exploit, remote, root
systems | solaris
advisories | CVE-2004-0396
SHA-256 | 65c674ac77ccd4a45957f097a3fcebfc7836743e95663c5b329449a7e1d5d93e
cvs_linux_freebsd_HEAP.c
Posted May 20, 2004

Remote root exploit for stable CVS releases up to 1.11.15 and CVS feature releases up to 1.12.7. Linux and FreeBSD version. Anonymously submitted.

tags | exploit, remote, root
systems | linux, freebsd
advisories | CVE-2004-0396
SHA-256 | cbba2ce54b3c6d2fab06e83029be065535aa55e80f9747949b5f4579b7f3ef21
072004.txt
Posted May 19, 2004
Authored by Stefan Esser | Site security.e-matters.de

Stable CVS releases up to 1.11.15 and CVS feature releases up to 1.12.7 both contain a flaw when deciding if a CVS entry line should get a modified or unchanged flag attached. This results in a heap overflow which can be exploited to execute arbitrary code on the CVS server. This could allow a repository compromise.

tags | advisory, overflow, arbitrary
advisories | CVE-2004-0396
SHA-256 | 00c2f250dd0b9f331e85b739415381b86f0e2189bb6869f8fc74364b3f7c03d1
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close