exploits , vulnerabilities , articles , CVS Malformed Entry Modified and Unchanged Flag Insertion Heap Overflow Vulnerability
| Title |
CVS Malformed Entry Modified and Unchanged Flag Insertion Heap Overflow Vulnerability |
| Published |
2004-05-19-12:00AM |
| Updated |
2004-07-01-08:15PM |
| Class |
Boundary Condition Error |
| CVE |
CAN-2004-0396 |
| Remote |
Yes |
| Local |
No |
| Credit |
This issue was discovered by Stefan Esser <s.esser@ematters.de>. |
| Vulnerable |
NetBSD NetBSD 1.6.2
NetBSD NetBSD 1.6.1
NetBSD NetBSD 1.6
NetBSD NetBSD Current
Gentoo Linux 1.4
CVS CVS 1.12.7
CVS CVS 1.12.5
OpenPKG OpenPKG 2.0
CVS CVS 1.12.2
OpenPKG OpenPKG Current
CVS CVS 1.12.1
OpenPKG OpenPKG 1.3
CVS CVS 1.11.15
CVS CVS 1.11.14
MandrakeSoft Corporate Server 2.1
MandrakeSoft Corporate Server 2.1 x86_64
MandrakeSoft Linux Mandrake 9.1
MandrakeSoft Linux Mandrake 9.1 ppc
MandrakeSoft Linux Mandrake 9.2
MandrakeSoft Linux Mandrake 9.2 amd64
MandrakeSoft Linux Mandrake 10.0
CVS CVS 1.11.11
CVS CVS 1.11.10
CVS CVS 1.11.6
S.u.S.E. Linux Personal 9.0
S.u.S.E. Linux Personal 9.0 x86_64
CVS CVS 1.11.5
OpenPKG OpenPKG 1.2
S.u.S.E. Linux Personal 8.2
CVS CVS 1.11.4
CVS CVS 1.11.3
CVS CVS 1.11.2
MandrakeSoft Linux Mandrake 9.0
RedHat Linux 8.0
RedHat Linux 8.0 i386
Slackware Linux 8.1
CVS CVS 1.11.1 p1
Debian Linux 3.0
Debian Linux 3.0 alpha
Debian Linux 3.0 arm
Debian Linux 3.0 hppa
Debian Linux 3.0 ia32
Debian Linux 3.0 ia64
Debian Linux 3.0 m68k
Debian Linux 3.0 mips
Debian Linux 3.0 mipsel
Debian Linux 3.0 ppc
Debian Linux 3.0 s/390
Debian Linux 3.0 sparc
OpenBSD OpenBSD 3.1
OpenBSD OpenBSD 3.2
OpenBSD OpenBSD 3.3
OpenBSD OpenBSD 3.4
OpenBSD OpenBSD 3.5
RedHat Linux 6.2
RedHat Linux 6.2 i386
RedHat Linux 6.2 sparc
RedHat Linux 7.0
RedHat Linux 7.0 alpha
RedHat Linux 7.0 i386
RedHat Linux 7.0 sparc
RedHat Linux 7.1
RedHat Linux 7.1 alpha
RedHat Linux 7.1 i386
RedHat Linux 7.1 ia64
RedHat Linux 7.2
RedHat Linux 7.2 alpha
RedHat Linux 7.2 i386
RedHat Linux 7.2 ia64
RedHat Linux 7.3
RedHat Linux 7.3 i386
S.u.S.E. Linux 8.0
S.u.S.E. Linux 8.1
Wirex Immunix OS 7
Wirex Immunix OS 7.0
CVS CVS 1.11.1
Debian Linux 3.0
Debian Linux 3.0 alpha
Debian Linux 3.0 arm
Debian Linux 3.0 hppa
Debian Linux 3.0 ia32
Debian Linux 3.0 ia64
Debian Linux 3.0 m68k
Debian Linux 3.0 mips
Debian Linux 3.0 mipsel
Debian Linux 3.0 ppc
Debian Linux 3.0 s/390
Debian Linux 3.0 sparc
MandrakeSoft Linux Mandrake 8.1
MandrakeSoft Linux Mandrake 8.1 ia64
MandrakeSoft Linux Mandrake 8.2
MandrakeSoft Linux Mandrake 8.2 ppc
CVS CVS 1.11
Caldera OpenLinux Server 3.1
Caldera OpenLinux Server 3.1.1
Caldera OpenLinux Workstation 3.1
Caldera OpenLinux Workstation 3.1.1
Conectiva Linux 7.0
Conectiva Linux 8.0
MandrakeSoft Linux Mandrake 8.0
MandrakeSoft Linux Mandrake 8.0 ppc
CVS CVS 1.10.8
Conectiva Linux 6.0
MandrakeSoft Linux Mandrake 7.2
MandrakeSoft Single Network Firewall 7.2
CVS CVS 1.10.7
Debian Linux 2.2
Debian Linux 2.2 68k
Debian Linux 2.2 alpha
Debian Linux 2.2 arm
Debian Linux 2.2 IA32
Debian Linux 2.2 powerpc
Debian Linux 2.2 sparc
|
| Not Vulnerable |
CVS CVS 1.12.8
CVS CVS 1.11.16 |
| Code |
CORE has developed a working commercial exploit for their IMPACT
product. This exploit is not otherwise publicly available or known
to be circulating in the wild.
Symantec has confirmed successful exploitation of this vulnerability in the wild. The following exploit code has been published:
/data/vulnerabilities/exploits/cvs_linux_freebsd_HEAP.c
/data/vulnerabilities/exploits/cvs_solaris_HEAP.c
|
| TXT |
 |
|
Advertising
|
|
Copyright 2007,
SecurityDot
Fri, 18 Dec 2009 11:34:19 +0000
Friends : milw0rm.com , secunia.com , securityfocus.com
GOOGLE
NEWS
EXPLOITS
VULNS
exploits , 0day exploits , newest exploits , vulnerabilities , newest vulnerabilities , 0day vulnerabilities , newest articles , linux articles , articles
lp32.zw78. maxcpm.inf SunONE Web sex +vados tramnwesti sextoon.c php-nuke 2 www.gethdt Www.Kajols Asia sex v kernel 3.4 simpel mac 2.6.17.6. mambo Remo john the r Www.sexe v keywork sq www.job588 iss pop3 v ps2 game c U.S. trip.lt99. rss feeds ////////r/ sexi .com sex vedio WPAD tamilsex p loca xp/exploit maxcpm.inf Tamil actr www.luckou ww xnxx.co www.58fb.c PHP bypass components php-nuke 2 www.tvspic asyan ts indiatrip saxy garl www.58fb.c /search/ex Movx.com horder 3 Testing Sexveduo WWW.Sexgir Samba
|
