Vulnerability/
CVE-2004-1343

CVE-2004-1343: Medium severity distrotech cvs vulnerability

Published Dec 31, 2004

·

Updated

CVS 1.12 and earlier on Debian GNU/Linux does not properly handle when a mapping for the current repository does not exist in the cvs-repouids file, which allows remote attackers to cause a denial of service (server crash).

Affected Software

18 affected components

CVS CVS=1.11.14

CVS CVS=1.10.6

CVS CVS=1.11.1

CVS CVS=1.11

CVS CVS=1.11.4

CVS CVS=1.11.16

CVS CVS=1.11.5

CVS CVS=1.10.8

CVS CVS=1.11.15

CVS CVS=1.11.11

CVS CVS=1.11.6

CVS CVS=1.10

CVS CVS=1.11.3

CVS CVS=1.11.2

CVS CVS=1.11.10

CVS CVS=1.12

CVS CVS=1.10.7

CVS CVS=1.11.1_p1

Remediation

Patch Available

http://www.debian.org/security/2005/dsa-715

Event History

Dec 31, 2004

CVE Published

05:00 AM

Apr 27, 2005

CVE Published

via MITRE·04:00 AM

Data Sourced

via MITRE·04:00 AM

Description

Frequently Asked Questions

1

What is the severity of CVE-2004-1343?

CVE-2004-1343 has been classified as a denial of service vulnerability.

2

How do I fix CVE-2004-1343?

To fix CVE-2004-1343, upgrade to CVS version 1.12 or later.

3

Which versions of CVS are affected by CVE-2004-1343?

CVEs 1.10.x and 1.11.x versions of CVS prior to 1.12 are affected by CVE-2004-1343.

4

Can CVE-2004-1343 be exploited remotely?

Yes, CVE-2004-1343 can be exploited remotely to cause a denial of service.

5

What systems are impacted by CVE-2004-1343?

Debian GNU/Linux systems running CVS 1.12 and earlier are impacted by CVE-2004-1343.

CVSS Score

5.0Medium

Medium Severity

AV:N/AC:L/Au:N/C:N/I:N/A:P

Security Metrics

Risk Score26

Severitymedium(5)

CWE

NVD-CWE-Other

Timeline

PublishedDec 31, 2004

Updated

References

debian.org/security/2005/dsa-715

Tags

agent/typeagent/first-publish-dateagent/weaknessagent/severityagent/referencesagent/remedyagent/authoragent/descriptioncollector/mitre-cvesource/MITREagent/last-modified-dateagent/eventagent/sourcecollector/nvd-historicalagent/software-canonical-lookup-requestcollector/nvd-indexagent/tagsagent/softwarecombineagent/risk-scorevendor/cvscanonical/distrotech cvsversion/distrotech cvs/1.11.14version/distrotech cvs/1.10.6version/distrotech cvs/1.11.1version/distrotech cvs/1.11version/distrotech cvs/1.11.4version/distrotech cvs/1.11.16version/distrotech cvs/1.11.5version/distrotech cvs/1.10.8version/distrotech cvs/1.11.15version/distrotech cvs/1.11.11version/distrotech cvs/1.11.6version/distrotech cvs/1.10version/distrotech cvs/1.11.3version/distrotech cvs/1.11.2version/distrotech cvs/1.11.10version/distrotech cvs/1.12version/distrotech cvs/1.10.7version/distrotech cvs/1.11.1_p1

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.

© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203