[TriLUG] CVS remote vulnerability
Mark Turner
markt at siteseers.net
Wed Jan 22 09:49:54 EST 2003
CVS has a remote vulnerability...
Concurrent Versions System (CVS) is the dominant open-source version
control software that allows developers to access the latest code using
a network connection. CVS version 1.11.4 and below contain a flaw that
can be used by a remote attacker to execute arbitrary code on the
server.
http://security.e-matters.de/advisories/012003.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0015
http://ccvs.cvshome.org/servlets/NewsItemView?newsID=51
More information about the TriLUG
mailing list