CVE Vulnerabilities

CVE-2004-1343

Published: Dec 31, 2004 | Modified: Sep 05, 2008
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
RedHat/V2
RedHat/V3
Ubuntu

CVS 1.12 and earlier on Debian GNU/Linux does not properly handle when a mapping for the current repository does not exist in the cvs-repouids file, which allows remote attackers to cause a denial of service (server crash).

Affected Software

Name Vendor Start Version End Version
Cvs Cvs 1.10 1.10
Cvs Cvs 1.10.6 1.10.6
Cvs Cvs 1.10.7 1.10.7
Cvs Cvs 1.10.8 1.10.8
Cvs Cvs 1.11 1.11
Cvs Cvs 1.11.1 1.11.1
Cvs Cvs 1.11.1_p1 1.11.1_p1
Cvs Cvs 1.11.2 1.11.2
Cvs Cvs 1.11.3 1.11.3
Cvs Cvs 1.11.4 1.11.4
Cvs Cvs 1.11.5 1.11.5
Cvs Cvs 1.11.6 1.11.6
Cvs Cvs 1.11.10 1.11.10
Cvs Cvs 1.11.11 1.11.11
Cvs Cvs 1.11.14 1.11.14
Cvs Cvs 1.11.15 1.11.15
Cvs Cvs 1.11.16 1.11.16
Cvs Cvs 1.12 1.12
Cvs Ubuntu dapper *
Cvs Ubuntu devel *
Cvs Ubuntu edgy *
Cvs Ubuntu feisty *

References