CVE-2004-1343

Published: Dec 31, 2004Modified: Apr 16, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

CVS 1.12 and earlier on Debian GNU/Linux does not properly handle when a mapping for the current repository does not exist in the cvs-repouids file, which allows remote attackers to cause a denial of service (server crash).

Affected (18)

Products: Cvs: Cvs

Cvs

1 product

Cvs

Configuration A

18 vulnerable

Vulnerable Software	Affected Versions
Cvs Cvs	Version 1.10.6
Cvs Cvs	Version 1.10.7
Cvs Cvs	Version 1.10.8
Cvs Cvs	Version 1.10
Cvs Cvs	Version 1.11.10
Cvs Cvs	Version 1.11.11
Cvs Cvs	Version 1.11.14
Cvs Cvs	Version 1.11.15
Cvs Cvs	Version 1.11.16
Cvs Cvs	Version 1.11.1
Cvs Cvs	Version 1.11.1_p1
Cvs Cvs	Version 1.11.2
Cvs Cvs	Version 1.11.3
Cvs Cvs	Version 1.11.4
Cvs Cvs	Version 1.11.5
Cvs Cvs	Version 1.11.6
Cvs Cvs	Version 1.11
Cvs Cvs	Version 1.12

References (2)

http://www.debian.org/security/2005/dsa-715

Source: cve@mitre.org

PatchVendor Advisory

http://www.debian.org/security/2005/dsa-715

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

Timeline

No history available yet.