Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-0778

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2004-0778
Last Modified 21 Aug 2010 12:21:15
Published 20 Oct 2004 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-0778

Summary

CVS 1.11.x before 1.11.17, and 1.12.x before 1.12.9, allows remote attackers to determine the existence of arbitrary files and directories via the -X command for an alternate history file, which causes different error messages to be returned.

Vulnerable Systems

Application

  • Cvs 1.10.6

  • Cvs 1.10.7

  • Cvs 1.10.8

  • Cvs 1.11

  • Cvs 1.11.1

  • Cvs 1.11.1 P1

  • Cvs 1.11.10

  • Cvs 1.11.11

  • Cvs 1.11.14

  • Cvs 1.11.15

  • Cvs 1.11.16

  • Cvs 1.11.2

  • Cvs 1.11.3

  • Cvs 1.11.4

  • Cvs 1.11.5

  • Cvs 1.11.6

  • Cvs 1.12.1

  • Cvs 1.12.2

  • Cvs 1.12.5

  • Cvs 1.12.7

  • Cvs 1.12.8


References

CERT-VN - VU#579225

XF - cvs-history-info-disclosure(17001)

BID - 10955

MANDRAKE - MDKSA-2004:108

IDEFENSE - 20040816 CVS Undocumented Flag Information Disclosure Vulnerability


Last Updated: 27 May 2016 10:38:45