CVE-2004-0417

EPSS 4.5%

Published: 8/6/2004Modified: 4/28/2026

Description

Integer overflow in the "Max-dotdot" CVS protocol command (serve_max_dotdot) for CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to cause a server crash, which could cause temporary data to remain undeleted and consume disk space.

Affected packages (1)

Debian/cvsfrom 0, < 1:1.12.9-1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2004-0417