CVS Malformed Entry Modified and Unchanged Flag Insertion Heap Overflow Vulnerability

CVS Malformed Entry Modified and Unchanged Flag Insertion Heap Overflow Vulnerability

References:

Advisory 07/2004 - CVS remote vulnerability (Stefan Esser)
CVS flag insertion heap exploit (CORE Security)
CVS Home Page (CVS)
cvs server buffer overflow vulnerability (Otto Moerbeek )
RHSA-2004:190-14 - Updated cvs package fixes security issue (RedHat)
TA04-147A CVS Heap Overflow Vulnerability (US-CERT)

Privacy Statement
Copyright 2010, SecurityFocus