CVE-2004-0778

CVS 1.11.x before 1.11.17, and 1.12.x before 1.12.9, allows remote attackers to determine the existence of arbitrary files and directories via the -X command for an alternate history file, which causes different error messages to be returned.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:gnu:cvs:*:*:*:*:*:*:*:*
cpe:2.3:a:gnu:cvs:*:*:*:*:*:*:*:*

History

20 Nov 2024, 23:49

Type Values Removed Values Added
References () http://www.idefense.com/application/poi/display?id=130&type=vulnerabilities - Broken Link, Vendor Advisory () http://www.idefense.com/application/poi/display?id=130&type=vulnerabilities - Broken Link, Vendor Advisory
References () http://www.kb.cert.org/vuls/id/579225 - Patch, Third Party Advisory, US Government Resource () http://www.kb.cert.org/vuls/id/579225 - Patch, Third Party Advisory, US Government Resource
References () http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:108 - Broken Link () http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:108 - Broken Link
References () http://www.securityfocus.com/bid/10955 - Broken Link, Patch, Third Party Advisory, VDB Entry, Vendor Advisory () http://www.securityfocus.com/bid/10955 - Broken Link, Patch, Third Party Advisory, VDB Entry, Vendor Advisory
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/17001 - Third Party Advisory, VDB Entry () https://exchange.xforce.ibmcloud.com/vulnerabilities/17001 - Third Party Advisory, VDB Entry
References () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10688 - Broken Link () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10688 - Broken Link

14 Feb 2024, 15:07

Type Values Removed Values Added
CPE cpe:2.3:a:cvs:cvs:1.11.4:*:*:*:*:*:*:*
cpe:2.3:a:cvs:cvs:1.11.15:*:*:*:*:*:*:*
cpe:2.3:a:cvs:cvs:1.11.2:*:*:*:*:*:*:*
cpe:2.3:a:cvs:cvs:1.10.7:*:*:*:*:*:*:*
cpe:2.3:a:cvs:cvs:1.11.1_p1:*:*:*:*:*:*:*
cpe:2.3:a:cvs:cvs:1.11.11:*:*:*:*:*:*:*
cpe:2.3:a:cvs:cvs:1.12.8:*:*:*:*:*:*:*
cpe:2.3:a:cvs:cvs:1.11.14:*:*:*:*:*:*:*
cpe:2.3:a:cvs:cvs:1.11.5:*:*:*:*:*:*:*
cpe:2.3:a:cvs:cvs:1.11.16:*:*:*:*:*:*:*
cpe:2.3:a:cvs:cvs:1.11.1:*:*:*:*:*:*:*
cpe:2.3:a:cvs:cvs:1.12.7:*:*:*:*:*:*:*
cpe:2.3:a:cvs:cvs:1.12.2:*:*:*:*:*:*:*
cpe:2.3:a:cvs:cvs:1.12.5:*:*:*:*:*:*:*
cpe:2.3:a:cvs:cvs:1.11:*:*:*:*:*:*:*
cpe:2.3:a:cvs:cvs:1.11.6:*:*:*:*:*:*:*
cpe:2.3:a:cvs:cvs:1.10.6:*:*:*:*:*:*:*
cpe:2.3:a:cvs:cvs:1.12.1:*:*:*:*:*:*:*
cpe:2.3:a:cvs:cvs:1.11.10:*:*:*:*:*:*:*
cpe:2.3:a:cvs:cvs:1.10.8:*:*:*:*:*:*:*
cpe:2.3:a:cvs:cvs:1.11.3:*:*:*:*:*:*:*
cpe:2.3:a:gnu:cvs:*:*:*:*:*:*:*:*
References (MANDRAKE) http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:108 - (MANDRAKE) http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:108 - Broken Link
References (BID) http://www.securityfocus.com/bid/10955 - Patch, Vendor Advisory (BID) http://www.securityfocus.com/bid/10955 - Broken Link, Patch, Third Party Advisory, VDB Entry, Vendor Advisory
References (IDEFENSE) http://www.idefense.com/application/poi/display?id=130&type=vulnerabilities - Vendor Advisory (IDEFENSE) http://www.idefense.com/application/poi/display?id=130&type=vulnerabilities - Broken Link, Vendor Advisory
References (XF) https://exchange.xforce.ibmcloud.com/vulnerabilities/17001 - (XF) https://exchange.xforce.ibmcloud.com/vulnerabilities/17001 - Third Party Advisory, VDB Entry
References (OVAL) https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10688 - (OVAL) https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10688 - Broken Link
CWE NVD-CWE-Other CWE-203
First Time Gnu cvs
Gnu

Information

Published : 2004-10-20 04:00

Updated : 2024-11-20 23:49


NVD link : CVE-2004-0778

Mitre link : CVE-2004-0778

CVE.ORG link : CVE-2004-0778


JSON object : View

Products Affected

gnu

  • cvs
CWE
CWE-203

Observable Discrepancy