CVE

Id
42459  
CVE No.
CVE-2009-5024  
Status
Candidate  
Description
ViewVC before 1.1.11 allows remote attackers to bypass the cvsdb row_limit configuration setting, and consequently conduct resource-consumption attacks, via the limit parameter, as demonstrated by a "query revision history" request.  
Phase
Assigned (20101209)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
462874 42459 CVE-2009-5024 MLIST:[oss-security] 20110519 CVE Request: viewvc DoS  View
462875 42459 CVE-2009-5024 URL:http://openwall.com/lists/oss-security/2011/05/19/1  View
462876 42459 CVE-2009-5024 MLIST:[oss-security] 20110519 Re: CVE Request: viewvc DoS  View
462877 42459 CVE-2009-5024 URL:http://openwall.com/lists/oss-security/2011/05/19/9  View
462878 42459 CVE-2009-5024 CONFIRM:http://viewvc.tigris.org/issues/show_bug.cgi?id=433  View
462879 42459 CVE-2009-5024 CONFIRM:http://viewvc.tigris.org/source/browse/*checkout*/viewvc/tags/1.1.11/CHANGES  View
462880 42459 CVE-2009-5024 CONFIRM:http://viewvc.tigris.org/source/browse/viewvc/trunk/lib/cvsdb.py?diff_format=u&view=log#rev2547  View
462881 42459 CVE-2009-5024 CONFIRM:http://viewvc.tigris.org/source/browse/viewvc/trunk/lib/viewvc.py?diff_format=u&r1=2547&r2=2546&pathrev=2547  View
462882 42459 CVE-2009-5024 DEBIAN:DSA-2563  View
462883 42459 CVE-2009-5024 URL:http://www.debian.org/security/2012/dsa-2563  View
462884 42459 CVE-2009-5024 BID:47928  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
32927 JVNDB-2011-003167 Namazu におけるスタックベースのバッファオーバーフローの脆弱性 Namazu には、スタックベースのバッファオーバーフローの脆弱性が存在します。 CVE-2009-5028 42459 7.5 http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-003167.html  View