CVE-2004-1342: High severity CVS CVS vulnerability
Published Apr 27, 2005
·Updated
CVS 1.12 and earlier on Debian GNU/Linux, when using the repouid patch, allows remote attackers to bypass authentication via the pserver access method.
Affected Software
18 affected components
CVS CVS=1.10
CVS CVS=1.10.6
CVS CVS=1.10.7
CVS CVS=1.10.8
CVS CVS=1.11
CVS CVS=1.11.1
CVS CVS=1.11.1_p1
CVS CVS=1.11.2
CVS CVS=1.11.3
CVS CVS=1.11.4
CVS CVS=1.11.5
CVS CVS=1.11.6
CVS CVS=1.11.10
CVS CVS=1.11.11
CVS CVS=1.11.14
CVS CVS=1.11.15
CVS CVS=1.11.16
CVS CVS=1.12
Remediation
Patch Available
Event History
Apr 27, 2005
CVE Published
via MITRE·04:00 AM
Data Sourced
via MITRE·04:00 AM
Description
Frequently Asked Questions
1
What is the severity of CVE-2004-1342?
CVE-2004-1342 is considered to have a medium severity due to the potential for unauthorized access.
2
How do I fix CVE-2004-1342?
To fix CVE-2004-1342, it is recommended to upgrade CVS to a version newer than 1.12 that does not include the vulnerable repouid patch.
3
What versions of CVS are affected by CVE-2004-1342?
CVE-2004-1342 affects CVS versions 1.10 through 1.12 and certain earlier versions.
4
Can CVE-2004-1342 be exploited remotely?
Yes, CVE-2004-1342 allows remote attackers to bypass authentication using the pserver access method.
5
What specific access method is involved in CVE-2004-1342?
The specific access method involved in CVE-2004-1342 is the pserver access method used by CVS.