CVS Unspecified Buffer Overflow And Memory Access Vulnerabilities

BID:13217

Info

CVS Unspecified Buffer Overflow And Memory Access Vulnerabilities

Bugtraq ID: 13217
Class: Boundary Condition Error
CVE: CVE-2005-0753
Remote: Yes
Local: No
Published: Apr 18 2005 12:00AM
Updated: Jul 12 2009 05:56PM
Credit: Discovery of these issues is credited to Alen Zukich.
Vulnerable: Ubuntu Ubuntu Linux 5.0 4 powerpc
Ubuntu Ubuntu Linux 5.0 4 i386
Ubuntu Ubuntu Linux 5.0 4 amd64
Ubuntu Ubuntu Linux 4.1 ppc
Ubuntu Ubuntu Linux 4.1 ia64
Ubuntu Ubuntu Linux 4.1 ia32
Turbolinux Turbolinux Workstation 8.0
Turbolinux Turbolinux Workstation 7.0
Turbolinux Turbolinux Server 10.0
Turbolinux Turbolinux Server 8.0
Turbolinux Turbolinux Server 7.0
Turbolinux Turbolinux Desktop 10.0
Turbolinux Turbolinux 10 F...
Turbolinux Appliance Server Workgroup Edition 1.0
Turbolinux Appliance Server Hosting Edition 1.0
SuSE SUSE Linux Enterprise Server 8
+ Linux kernel 2.4.21
+ Linux kernel 2.4.19
SuSE Linux Enterprise Server 9
SGI ProPack 3.0
S.u.S.E. UnitedLinux 1.0
S.u.S.E. SuSE Linux School Server for i386
S.u.S.E. SUSE CORE 9 for x86
S.u.S.E. Open-Enterprise-Server 9.0
S.u.S.E. Linux Personal 9.3
S.u.S.E. Linux Personal 9.2 x86_64
S.u.S.E. Linux Personal 9.2
S.u.S.E. Linux Personal 9.1 x86_64
S.u.S.E. Linux Personal 9.1
S.u.S.E. Linux Personal 9.0
S.u.S.E. Linux Personal 8.2
Redhat Linux 9.0 i386
Redhat Linux 7.3 i686
Redhat Linux 7.3 i386
Redhat Linux 7.3
Redhat Fedora Core2
Redhat Fedora Core1
Redhat Enterprise Linux WS 4
Redhat Enterprise Linux WS 3
Redhat Enterprise Linux WS 2.1 IA64
Redhat Enterprise Linux WS 2.1
Redhat Enterprise Linux ES 4
Redhat Enterprise Linux ES 3
Redhat Enterprise Linux ES 2.1 IA64
Redhat Enterprise Linux ES 2.1
Redhat Enterprise Linux AS 4
Redhat Enterprise Linux AS 3
Redhat Enterprise Linux AS 2.1 IA64
Redhat Enterprise Linux AS 2.1
Redhat Desktop 4.0
Redhat Desktop 3.0
Redhat Advanced Workstation for the Itanium Processor 2.1 IA64
Redhat Advanced Workstation for the Itanium Processor 2.1
Peachtree Linux release 1
OpenBSD OpenBSD 3.7
OpenBSD OpenBSD 3.6
OpenBSD OpenBSD 3.5
NetBSD NetBSD 2.0.2
NetBSD NetBSD 2.0.1
NetBSD NetBSD 2.0
Gentoo Linux
FreeBSD FreeBSD 5.4 -RELEASE
FreeBSD FreeBSD 5.4 -PRERELEASE
FreeBSD FreeBSD 5.3 -STABLE
FreeBSD FreeBSD 5.3 -RELENG
FreeBSD FreeBSD 5.3 -RELEASE
FreeBSD FreeBSD 5.3
FreeBSD FreeBSD 5.2.1 -RELEASE
FreeBSD FreeBSD 5.2 -RELENG
FreeBSD FreeBSD 5.2 -RELEASE
FreeBSD FreeBSD 5.2
FreeBSD FreeBSD 5.1 -RELENG
FreeBSD FreeBSD 5.1 -RELEASE/Alpha
FreeBSD FreeBSD 5.1 -RELEASE-p5
FreeBSD FreeBSD 5.1 -RELEASE
FreeBSD FreeBSD 5.1
FreeBSD FreeBSD 5.0 -RELENG
FreeBSD FreeBSD 5.0 -RELEASE-p14
FreeBSD FreeBSD 5.0 alpha
FreeBSD FreeBSD 5.0
FreeBSD FreeBSD 4.11 -STABLE
FreeBSD FreeBSD 4.11 -RELENG
FreeBSD FreeBSD 4.11 -RELEASE-p3
FreeBSD FreeBSD 4.10 -RELENG
FreeBSD FreeBSD 4.10 -RELEASE-p8
FreeBSD FreeBSD 4.10 -RELEASE
FreeBSD FreeBSD 4.10
FreeBSD FreeBSD 4.9 -RELENG
FreeBSD FreeBSD 4.9 -PRERELEASE
FreeBSD FreeBSD 4.9
FreeBSD FreeBSD 4.8 -RELENG
FreeBSD FreeBSD 4.8 -RELEASE-p7
FreeBSD FreeBSD 4.8 -PRERELEASE
FreeBSD FreeBSD 4.8
FreeBSD FreeBSD 4.7 -STABLE
FreeBSD FreeBSD 4.7 -RELENG
FreeBSD FreeBSD 4.7 -RELEASE-p17
FreeBSD FreeBSD 4.7 -RELEASE
FreeBSD FreeBSD 4.7
FreeBSD FreeBSD 4.6.2
FreeBSD FreeBSD 4.6 -STABLE
FreeBSD FreeBSD 4.6 -RELENG
FreeBSD FreeBSD 4.6 -RELEASE-p20
FreeBSD FreeBSD 4.6 -RELEASE
FreeBSD FreeBSD 4.6
FreeBSD FreeBSD 4.5 -STABLEpre2002-03-07
FreeBSD FreeBSD 4.5 -STABLE
FreeBSD FreeBSD 4.5 -RELENG
FreeBSD FreeBSD 4.5 -RELEASE-p32
FreeBSD FreeBSD 4.5 -RELEASE
FreeBSD FreeBSD 4.5
FreeBSD FreeBSD 4.4 -STABLE
FreeBSD FreeBSD 4.4 -RELENG
FreeBSD FreeBSD 4.4 -RELENG
FreeBSD FreeBSD 4.4 -RELEASE-p42
FreeBSD FreeBSD 4.4
FreeBSD FreeBSD 4.3 -STABLE
FreeBSD FreeBSD 4.3 -RELENG
FreeBSD FreeBSD 4.3 -RELEASE-p38
FreeBSD FreeBSD 4.3 -RELEASE
FreeBSD FreeBSD 4.3
FreeBSD FreeBSD 4.2 -STABLEpre122300
FreeBSD FreeBSD 4.2 -STABLEpre050201
FreeBSD FreeBSD 4.2 -STABLE
FreeBSD FreeBSD 4.2 -RELEASE
FreeBSD FreeBSD 4.2
FreeBSD FreeBSD 4.1.1 -STABLE
FreeBSD FreeBSD 4.1.1 -RELEASE
FreeBSD FreeBSD 4.1.1
FreeBSD FreeBSD 4.1
FreeBSD FreeBSD 4.0 .x
FreeBSD FreeBSD 4.0 -RELENG
FreeBSD FreeBSD 4.0 alpha
FreeBSD FreeBSD 4.0
FreeBSD FreeBSD 4.10-PRERELEASE
Debian Linux 3.1 sparc
Debian Linux 3.1 s/390
Debian Linux 3.1 ppc
Debian Linux 3.1 mipsel
Debian Linux 3.1 mips
Debian Linux 3.1 m68k
Debian Linux 3.1 ia-64
Debian Linux 3.1 ia-32
Debian Linux 3.1 hppa
Debian Linux 3.1 arm
Debian Linux 3.1 amd64
Debian Linux 3.1 alpha
Debian Linux 3.1
CVS CVS 1.12.11
CVS CVS 1.12.10
CVS CVS 1.12.9
CVS CVS 1.12.8
CVS CVS 1.12.7
CVS CVS 1.12.5
+ OpenPKG OpenPKG 2.0
CVS CVS 1.12.2
CVS CVS 1.12.1
+ OpenPKG OpenPKG 1.3
CVS CVS 1.11.19
+ Mandriva Linux Mandrake 10.2 x86_64
 + Mandriva Linux Mandrake 10.2
+ Redhat Fedora Core4
 CVS CVS 1.11.17
+ MandrakeSoft Corporate Server 3.0 x86_64
 + MandrakeSoft Corporate Server 3.0
+ Mandriva Linux Mandrake 10.1 x86_64
 + Mandriva Linux Mandrake 10.1
+ Redhat Fedora Core3
 CVS CVS 1.11.16
CVS CVS 1.11.15
CVS CVS 1.11.14
+ MandrakeSoft Corporate Server 2.1 x86_64
 + MandrakeSoft Corporate Server 2.1
+ Mandriva Linux Mandrake 10.0
+ Mandriva Linux Mandrake 9.2 amd64
 + Mandriva Linux Mandrake 9.2
+ Mandriva Linux Mandrake 9.1 ppc
 + Mandriva Linux Mandrake 9.1
CVS CVS 1.11.11
CVS CVS 1.11.10
CVS CVS 1.11.6
+ S.u.S.E. Linux Personal 9.0 x86_64
 + S.u.S.E. Linux Personal 9.0
CVS CVS 1.11.5
CVS CVS 1.11.1 p1
Not Vulnerable: NetBSD NetBSD 2.0.3

Discussion

CVS Unspecified Buffer Overflow And Memory Access Vulnerabilities

CVS is prone to unspecified buffer overflow, memory access vulnerabilities, and a NULL pointer dereference denial of service.

It is conjectured that the issues may be leveraged by a remote authenticated user to disclose regions of the CVS process memory, and to corrupt CVS process memory. The two issues combined may lead to a remote attacker reliably executing arbitrary code in the context of the vulnerable process, although this is not confirmed.

This BID will be updated as soon as further information is made available.

Exploit / POC

CVS Unspecified Buffer Overflow And Memory Access Vulnerabilities

Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.

Solution / Fix

CVS Unspecified Buffer Overflow And Memory Access Vulnerabilities

Solution:
Conectiva has released advisory CLSA-2005:966 along with fixes dealing with these issues. Please see the referenced advisory for more information.

Turbolinux has released advisory TLSA-2005-51 along with fixes dealing with this issue. Please see the referenced advisory for more information.

Peachtree Linux has released an advisory (PLSN-0005) and updates to address these issues. Please see the referenced advisory for further information regarding obtaining and applying appropriate updates.

Red Hat has released advisory RHSA-2005:387-06 and fixes to address this issue on Red Hat Linux Enterprise platforms. Customers who are affected by this issue are advised to apply the appropriate updates. Customers subscribed to the Red Hat Network may apply the appropriate fixes using the Red Hat Update Agent (up2date). Please see referenced advisory for additional information.

FreeBSD has released an advisory (FreeBSD-SA-05:05.cvs) and updates to address these issues. Please see the referenced advisory for further information regarding obtaining and applying appropriate updates.

SuSE has released an advisory (SUSE-SA:2005:024) and updates to address these issues. Please see the referenced advisory for further information regarding obtaining and applying appropriate updates.

Gentoo has re-released their advisory (GLSA 200504-16:02) and an updated eBuild to address this vulnerability. The original fixes did not address a number of vulnerabilities. Gentoo users that are running the affected software may apply the update by issuing the following sequence of commands as a superuser:
emerge --sync
emerge --ask --oneshot --verbose ">=dev-util/cvs-1.11.20"

RedHat Fedora has released advisory FEDORA-2005-330 along with fixes dealing with this issue. For more information, please see the reference section.

Mandriva has released advisory MDKSA-2005:073 to address this issue. Please see the attached advisory for further information on obtaining and applying fixes.

Trustix has released advisory TSLSA-2005-0013 to address this issue. Please see the attached advisory for further information on obtaining and applying fixes.

OpenBSD has released advisories and patches dealing with these issues. Please see the reference section for more information.

Ubuntu Linux has released advisory USN-117-1 to address this issue. Please see the referenced advisory for further information.

SGI has released an advisory 20050501-01-U including updated SGI ProPack 3
Service Pack 5 packages to address this BID and other issues. Please see
the referenced advisory for more information.

The Fedora Legacy project has released advisory FLSA:155508 to address this issue in RedHat Linux 7.3, 9, and Fedora Core 1 and 2. Please see the referenced advisory for further information.

OpenBSD has released a patch to address this issue in OpenBSD 3.7.

Debian has released advisory DSA 742-1 addressing this issue. Please see the referenced advisory for further information.

Debian has released security advisory DSA 773-1 addressing several issues for their AMD64 port of the operating system. Please see the referenced advisory for further information.

NetBSD has released version 2.0.3 of their operating system addressing this and other issues. Please see the referenced advisory for further information.


OpenBSD OpenBSD 3.5

CVS CVS 1.11.11

CVS CVS 1.11.14

CVS CVS 1.11.17

CVS CVS 1.11.19

CVS CVS 1.11.6

CVS CVS 1.12.11

References

CVS Unspecified Buffer Overflow And Memory Access Vulnerabilities

References:
© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

Free CVE JSON API cve.report/api

CVE.report and Source URL Uptime Status status.cve.report