pkg:Debian/cvs

All known vulnerabilities

• HIGH7.8CVE-2002-0844Off-by-one overflow in the CVS PreservePermissions of rcs.c for CVSD before 1.11.2 allows local users to execute arbitrary code.
  from 0, < 1:1.11.2
• HIGH7.5CVE-2017-12836cvs - security update
  from 0, < 2:1.12.13+real-24
• HIGH7.5CVE-2017-12836cvs - security update
  from 0, < 2:1.12.13+real-9+deb7u1
• HIGH7.5CVE-2017-12836cvs - security update
  from 0, < 2:1.12.13+real-15+deb8u1
• —cvs - heap overflow
  from 0, < 2:1.12.13+real-7
• —cvs - heap overflow
  from 0, < 1:1.12.13-12+squeeze1
• —gcvs - insecure temporary files
  from 0, < 1.11.1p1debian-13
• —gcvs - insecure temporary files
  from 0, < 1:1.11.5-4
• —cvs - several
  from 0, < 1.11.1p1debian-10
• —cvs - several
  from 0, < 1:1.12.9-12
• —cvs - buffer overflow
  from 0, < 1:1.12.9-13
• —cvs - buffer overflow
  from 0, < 1.11.1p1debian-12
• —Format string vulnerability in wrapper.c in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16 allows remote attackers with CVSROOT comm…
  from 0, < 1:1.12.9
• —CVS 1.12 and earlier on Debian GNU/Linux does not properly handle when a mapping for the current repository does not exist in the cvs-repou…
  from 0, < 1:1.12.9-12
• —CVS 1.11.x before 1.11.17, and 1.12.x before 1.12.9, allows remote attackers to determine the existence of arbitrary files and directories…
  from 0, < 1:1.12.9
• —Integer overflow in the "Max-dotdot" CVS protocol command (serve_max_dotdot) for CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may…
  from 0, < 1:1.12.9-1
• —cvs - buffer overflow
  from 0, < 1:1.12.9-1
• —serve_notify in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle empty data lines, which may allow remote at…
  from 0, < 1:1.12.9-1
• —cvs - buffer overflow
  from 0, < 1.11.1p1debian-9woody6
• —cvs - several vulnerabilities
  from 0, < 1:1.12.9-1
• —cvs - several vulnerabilities
  from 0, < 1.11.1p1debian-9woody7
• —cvs - heap overflow
  from 0, < 1:1.12.5-6
• —cvs - heap overflow
  from 0, < 1.11.1p1debian-9woody4
• —cvs - several vulnerabilities
  from 0, < 1:1.12.5-4
• —CVS before 1.11 allows CVS clients to read arbitrary files via ..
  from 0, < 1:1.12.5-4
• —cvs - several vulnerabilities
  from 0, < 1.11.1p1debian-9woody2
• —CVS server before 1.11.10 may allow attackers to cause the CVS server to create directories and files in the file system root directory via…
  from 0, < 1:1.11.10
• —cvs - doubly freed memory
  from 0, < 1.11.2-5.1
• —cvs - doubly freed memory
  from 0, < 1.11.1p1debian-8.1