Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.1
CVSSv2

CVE-2004-1471

Published: 31/12/2004 Updated: 11/07/2017
CVSS v2 Base Score: 7.1 | Impact Score: 10 | Exploitability Score: 3.9
VMScore: 715
Vector: AV:N/AC:H/Au:S/C:C/I:C/A:C
Subscribe to Cvs

Vulnerability Summary

Format string vulnerability in wrapper.c in CVS 1.12.x up to and including 1.12.8, and 1.11.x up to and including 1.11.16 allows remote attackers with CVSROOT commit access to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in a wrapper line.

Vulnerable Product Search on Vulmon Subscribe to Product

cvs cvs 1.11.10

cvs cvs 1.11.11

cvs cvs 1.11.5

cvs cvs 1.11.6

openpkg openpkg 2.0

openpkg openpkg current

cvs cvs 1.10.7

cvs cvs 1.10.8

cvs cvs 1.11

cvs cvs 1.11.16

cvs cvs 1.11.2

cvs cvs 1.12.5

cvs cvs 1.12.7

cvs cvs 1.11.14

cvs cvs 1.11.15

cvs cvs 1.12.1

cvs cvs 1.12.2

sgi propack 2.4

sgi propack 3.0

cvs cvs 1.11.1

cvs cvs 1.11.1_p1

cvs cvs 1.11.3

cvs cvs 1.11.4

cvs cvs 1.12.8

openpkg openpkg 1.3

freebsd freebsd 2.1.5

freebsd freebsd 2.1.6

freebsd freebsd 2.2.5

freebsd freebsd 2.2.6

freebsd freebsd 3.4

freebsd freebsd 3.5

freebsd freebsd 3.5.1

freebsd freebsd 4.1

freebsd freebsd 4.1.1

freebsd freebsd 4.2

freebsd freebsd 4.3

freebsd freebsd 1.1.5.1

freebsd freebsd 2.0

freebsd freebsd 2.2

freebsd freebsd 2.2.2

freebsd freebsd 3.0

freebsd freebsd 3.1

freebsd freebsd 4.0

freebsd freebsd 4.10

freebsd freebsd 4.5

freebsd freebsd 4.7

freebsd freebsd 4.8

freebsd freebsd 4.9

freebsd freebsd 5.1

openbsd openbsd 3.4

openbsd openbsd 3.5

freebsd freebsd 4.4

freebsd freebsd 4.6

freebsd freebsd 5.0

freebsd freebsd 5.2

freebsd freebsd 5.2.1

freebsd freebsd 2.1.6.1

freebsd freebsd 2.1.7.1

freebsd freebsd 2.2.8

gentoo linux 1.4

freebsd freebsd 2.0.5

freebsd freebsd 2.1.0

freebsd freebsd 2.2.3

freebsd freebsd 2.2.4

freebsd freebsd 3.2

freebsd freebsd 3.3

freebsd freebsd 4.6.2

openbsd openbsd current

Exploits

Exploit DB: CVS 1.11.x - Multiple Vulnerabilities
source: wwwsecurityfocuscom/bid/10499/info CVS is prone to multiple vulnerabilities The issues include a double free vulnerability, format string vulnerabilities, and integer overflows There is also a null termination issue in the security patch for BID 10384, potentially leading to a server crash Some of these issues may be leveraged ...

References

NVD-CWE-Otherhttp://lists.grok.org.uk/pipermail/full-disclosure/2004-June/022441.htmlhttp://security.e-matters.de/advisories/092004.htmlftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:14.cvs.aschttp://www.securityfocus.com/bid/10499https://exchange.xforce.ibmcloud.com/vulnerabilities/16365https://nvd.nist.govhttps://www.exploit-db.com/exploits/24182/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4644unprivilegedCVE-2024-3494CVE-2024-22460CVE-2024-26026CVE-2024-23473firewallCVE-2024-28889XML external entity
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook