CVE-2004-0418

Impact:
Important
Public Date:
2004-06-09
Bugzilla:
1617202: CVE-2004-0418 security flaw

The MITRE CVE dictionary describes this issue as:

serve_notify in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle empty data lines, which may allow remote attackers to perform an "out-of-bounds" write for a single byte to execute arbitrary code or modify critical program data.

Find out more about CVE-2004-0418 from the MITRE CVE dictionary dictionary and NIST NVD.

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 3 (cvs) RHSA-2004:233 2004-06-09
Red Hat Enterprise Linux 2.1 (cvs) RHSA-2004:233 2004-06-09

Acknowledgements

Red Hat would like to thank Stefan Esser and Sebastian Krahmer for auditing, disclosing, and providing a patch for this issue.

Last Modified

CVE description copyright © 2017, The MITRE Corporation

Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.