| VID |
21271 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The CVSWeb CGI, according to its version number, has an insecure perl "open" vulnerability. Henner Zeller CVSWeb is used to share programming source code and to browse the content of a CVS repository. The CVSWeb package version 1.85 and earlier could allow a remote attacker with write access to a CVS repository to cause the CGI program to execute arbitrary commands. The Perl code in the cvsweb.cgi program invokes an open() call insecurely. An attacker can create a file name containing shell metacharacters to execute the shell code on the affected system.
* References:
http://www.securityfocus.com/archive/1/69942
* Platforms Affected:
Henner Zeller CVSWeb 1.85 and earlier
UNIX Any version
Linux Any version |
| Recommendation |
Upgrade to the latest version of CVSWeb (1.86 or later), available from Hen's cvsweb CVS Repository at http://stud.fh-heilbronn.de/~zeller/cgi/cvsweb.cgi
For Mandrake Linux:
Upgrade to the latest version of CVSWeb (1.80-3 or later), as listed in MandrakeSoft Security Advisory MDKSA-2000:019 at http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2000:019
For Debian GNU/Linux:
Upgrade to the latest version of CVSWeb, as listed in Debian Security Advisory 20000719b at http://www.debian.org/security/2000/20000719b
For other distributions:
Contact your vendor for patch or upgrade information. |
| Related URL |
CVE-2000-0670 (CVE) |
| Related URL |
1469 (SecurityFocus) |
| Related URL |
4925 (ISS) |
|
