CVE-2005-0753
published 2005-04-18CVE-2005-0753: Buffer overflow in CVS before 1.11.20 allows remote attackers to execute arbitrary code.
PriorityP335high7.5CVSS 2.0
AVNACLAuNCPIPAP
EPSS
4.75%
90.7th percentile
Buffer overflow in CVS before 1.11.20 allows remote attackers to execute arbitrary code.
Affected
22 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cvs | cvs | — | — |
| cvs | cvs | — | — |
| cvs | cvs | — | — |
| cvs | cvs | — | — |
| cvs | cvs | — | — |
| cvs | cvs | — | — |
| cvs | cvs | — | — |
| cvs | cvs | — | — |
| cvs | cvs | — | — |
| cvs | cvs | — | — |
| cvs | cvs | — | — |
| cvs | cvs | — | — |
| cvs | cvs | — | — |
| cvs | cvs | — | — |
| cvs | cvs | — | — |
| cvs | cvs | — | — |
| cvs | cvs | — | — |
| cvs | cvs | >= 0 < 1:1.12.9-13 | 1:1.12.9-13 |
| cvs | cvs | >= 0 < 1:1.12.9-13 | 1:1.12.9-13 |
| cvs | cvs | >= 0 < 1:1.12.9-13 | 1:1.12.9-13 |
| cvs | cvs | >= 0 < 1:1.12.9-13 | 1:1.12.9-13 |
| debian | cvs | < cvs 1:1.12.9-13 (bookworm) | cvs 1:1.12.9-13 (bookworm) |
CVSS provenance
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
osv7.5HIGH
vendor_debian7.5HIGH
vendor_redhat7.5HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-m73f-6chm-3m86: Buffer overflow in CVS before 1
ghsa_unreviewed·2022-05-01
CVE-2005-0753 [HIGH] GHSA-m73f-6chm-3m86: Buffer overflow in CVS before 1
Buffer overflow in CVS before 1.11.20 allows remote attackers to execute arbitrary code.
OSV
CVE-2005-0753: Buffer overflow in CVS before 1
osv·2005-04-18·CVSS 7.5
CVE-2005-0753 [HIGH] CVE-2005-0753: Buffer overflow in CVS before 1
Buffer overflow in CVS before 1.11.20 allows remote attackers to execute arbitrary code.
Ubuntu
cvs vulnerability
vendor_ubuntu·2005-05-04
CVE-2005-0753 cvs vulnerability
Title: cvs vulnerability
Summary: cvs vulnerability
Alen Zukich discovered a buffer overflow in the processing of version
and author information in the CVS client. By tricking an user to
connect to a malicious CVS server, an attacker could exploit this to
execute arbitrary code with the privileges of the connecting user.
Instructions: In general, a standard system update will make all the necessary changes.
Red Hat
security flaw
vendor_redhat·2005-04-18·CVSS 7.5
CVE-2005-0753 [HIGH] security flaw
security flaw
Buffer overflow in CVS before 1.11.20 allows remote attackers to execute arbitrary code.
Debian
CVE-2005-0753: cvs - Buffer overflow in CVS before 1.11.20 allows remote attackers to execute arbitra...
vendor_debian·2005·CVSS 7.5
CVE-2005-0753 [HIGH] CVE-2005-0753: cvs - Buffer overflow in CVS before 1.11.20 allows remote attackers to execute arbitra...
Buffer overflow in CVS before 1.11.20 allows remote attackers to execute arbitrary code.
Scope: local
bookworm: resolved (fixed in 1:1.12.9-13)
bullseye: resolved (fixed in 1:1.12.9-13)
forky: resolved (fixed in 1:1.12.9-13)
sid: resolved (fixed in 1:1.12.9-13)
trixie: resolved (fixed in 1:1.12.9-13)
No detection rules found.
No public exploits indexed.
http://bugs.gentoo.org/attachment.cgi?id=54352&action=viewhttp://secunia.com/advisories/14976/http://www.debian.org/security/2005/dsa-742http://www.gentoo.org/security/en/glsa/glsa-200504-16.xmlhttp://www.novell.com/linux/security/advisories/2005_24_cvs.htmlhttp://www.redhat.com/support/errata/RHSA-2005-387.htmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/20148https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9688http://bugs.gentoo.org/attachment.cgi?id=54352&action=viewhttp://secunia.com/advisories/14976/http://www.debian.org/security/2005/dsa-742http://www.gentoo.org/security/en/glsa/glsa-200504-16.xmlhttp://www.novell.com/linux/security/advisories/2005_24_cvs.htmlhttp://www.redhat.com/support/errata/RHSA-2005-387.htmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/20148https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9688
2005-04-18
Published