Subject: cvs server buffer overflow vulnerability


Stefan Esser discovered a heap overflow in the CVS server that can be
exploited by clients sending malformed requests, enabling these clients to
run arbitrary code with the same privileges as the CVS server program.

CVE ID: CAN-2004-0396

The problem has been fixed in OpenBSD-current as well as the 3.5-stable
and 3.4-stable branches.

Patches are available from:
    ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.5/common/007_cvs2.patch
    ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.4/common/021_cvs2.patch

For more information, see:
    http://marc.theaimsgroup.com/?l=bugtraq&m=108498454829020&w=2
    http://ccvs.cvshome.org/servlets/NewsItemView?newsID=107