Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: General --> Category: infos

CVS malformed entry lines flaw Vulnerability Scan

Vulnerability Scan Summary
Logs into the remote CVS server and asks the version

Detailed Explanation for this Vulnerability Test

Synopsis :

The remote CVS server is affected by multiple issues.

Description :

The remote CVS server, according to its version number, might allow an
attacker to execute arbitrary commands on the remote system because of
a flaw relating to malformed Entry lines which lead to a missing NULL

Among the issues deemed likely to be exploitable were:

- a double-free relating to the error_prog_name string (CVE-2004-0416)
- an argument integer overflow (CVE-2004-0417)
- out-of-bounds writes in serv_notify (CVE-2004-0418)

See also :

Solution :

Upgrade to CVS 1.12.9 or 1.11.17

Threat Level:

Medium / CVSS Base Score : 4

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.