Vulnerability Details : CVE-2004-0778

CVS 1.11.x before 1.11.17, and 1.12.x before 1.12.9, allows remote attackers to determine the existence of arbitrary files and directories via the -X command for an alternate history file, which causes different error messages to be returned.

Published 2004-10-20 04:00:00

Updated 2017-10-11 01:29:33

Source MITRE

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2004-0778

Probability of exploitation activity in the next 30 days: 95.67%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 99 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2004-0778

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Source
5.0	MEDIUM	AV:N/AC:L/Au:N/C:P/I:N/A:N	10.0	2.9	nvd@nist.gov
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: None Availability Impact: None

References for CVE-2004-0778

http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:108
http://www.kb.cert.org/vuls/id/579225

Patch;Third Party Advisory;US Government Resource
http://www.idefense.com/application/poi/display?id=130&type=vulnerabilities

Vendor Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10688
http://www.securityfocus.com/bid/10955

Patch;Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/17001

Products affected by CVE-2004-0778

CVS » CVS » Version: 1.10.7
cpe:2.3:a:cvs:cvs:1.10.7:*:*:*:*:*:*:*
Matching versions
CVS » CVS » Version: 1.10.8
cpe:2.3:a:cvs:cvs:1.10.8:*:*:*:*:*:*:*
Matching versions
CVS » CVS » Version: 1.11.1
cpe:2.3:a:cvs:cvs:1.11.1:*:*:*:*:*:*:*
Matching versions
CVS » CVS » Version: 1.11
cpe:2.3:a:cvs:cvs:1.11:*:*:*:*:*:*:*
Matching versions
CVS » CVS » Version: 1.11.2
cpe:2.3:a:cvs:cvs:1.11.2:*:*:*:*:*:*:*
Matching versions
CVS » CVS » Version: 1.11.3
cpe:2.3:a:cvs:cvs:1.11.3:*:*:*:*:*:*:*
Matching versions
CVS » CVS » Version: 1.11.4
cpe:2.3:a:cvs:cvs:1.11.4:*:*:*:*:*:*:*
Matching versions
CVS » CVS » Version: 1.11.6
cpe:2.3:a:cvs:cvs:1.11.6:*:*:*:*:*:*:*
Matching versions
CVS » CVS » Version: 1.11.5
cpe:2.3:a:cvs:cvs:1.11.5:*:*:*:*:*:*:*
Matching versions
CVS » CVS » Version: 1.11.1 P1
cpe:2.3:a:cvs:cvs:1.11.1_p1:*:*:*:*:*:*:*
Matching versions
CVS » CVS » Version: 1.11.14
cpe:2.3:a:cvs:cvs:1.11.14:*:*:*:*:*:*:*
Matching versions
CVS » CVS » Version: 1.11.15
cpe:2.3:a:cvs:cvs:1.11.15:*:*:*:*:*:*:*
Matching versions
CVS » CVS » Version: 1.12.1
cpe:2.3:a:cvs:cvs:1.12.1:*:*:*:*:*:*:*
Matching versions
CVS » CVS » Version: 1.12.2
cpe:2.3:a:cvs:cvs:1.12.2:*:*:*:*:*:*:*
Matching versions
CVS » CVS » Version: 1.12.8
cpe:2.3:a:cvs:cvs:1.12.8:*:*:*:*:*:*:*
Matching versions
CVS » CVS » Version: 1.11.16
cpe:2.3:a:cvs:cvs:1.11.16:*:*:*:*:*:*:*
Matching versions
CVS » CVS » Version: 1.12.5
cpe:2.3:a:cvs:cvs:1.12.5:*:*:*:*:*:*:*
Matching versions
CVS » CVS » Version: 1.12.7
cpe:2.3:a:cvs:cvs:1.12.7:*:*:*:*:*:*:*
Matching versions
CVS » CVS » Version: 1.11.10
cpe:2.3:a:cvs:cvs:1.11.10:*:*:*:*:*:*:*
Matching versions
CVS » CVS » Version: 1.11.11
cpe:2.3:a:cvs:cvs:1.11.11:*:*:*:*:*:*:*
Matching versions
CVS » CVS » Version: 1.10.6
cpe:2.3:a:cvs:cvs:1.10.6:*:*:*:*:*:*:*
Matching versions