[TriLUG] CVS remote vulnerability

Mark Turner markt at siteseers.net
Wed Jan 22 09:49:54 EST 2003


CVS has a remote vulnerability...

Concurrent Versions System (CVS) is the dominant open-source version
control software that allows developers to access the latest code using
a network connection. CVS version 1.11.4 and below contain a flaw that
can be used by a remote attacker to execute arbitrary code on the
server. 

http://security.e-matters.de/advisories/012003.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0015
http://ccvs.cvshome.org/servlets/NewsItemView?newsID=51





More information about the TriLUG mailing list