| VID |
23068 |
| Severity |
30 |
| Port |
2401 |
| Protocol |
TCP |
| Class |
CVS |
| Detailed Description |
The CVS server, according to its version number, has a Piped Checkout Access Validation Vulnerability.
CVS (Concurrent Versions System) is an open-source source code management and distribution system available for most Linux and Unix-based operating systems. Some versions of CVS server could allow a remote authenticated user to view arbitrary RCS(Revision Control System) files anywhere on a CVS server, caused by insufficiently validating Piped Checkout(Checkout: it's work that copy some modules in CVS server to local system) Input. A remote attacker could exploit this vulnerability using relative pathnames containing the '../' directory traversal strings.
* Note: This check solely relied on the version number of the remote CVS server to assess this vulnerability, so this might be a false positive.
* References:
http://www.securitytracker.com/alerts/2004/Apr/1009853.html
* Platforms Affected:
CVS 1.10.7, 1.10.8
CVS 1.11, 1.11.1 p1, 1.11.1
CVS 1.11.2, 1.11.3, 1.11.4, 1.11.5, 1.11.6,
CVS 1.11.10, 1.11.11, 1.11.12, 1.11.13, 1.11.14
CVS 1.12.1, 1.12.2
Linux Any version
UNIX Any version |
| Recommendation |
Upgrade to a fixed version of CVS (1.11.15 stable, 1.12.7 development), available from the CVS Web site at http://ccvs.cvshome.org/servlets/ProjectDownloadList |
| Related URL |
CVE-2004-0405 (CVE) |
| Related URL |
10140 (SecurityFocus) |
| Related URL |
(ISS) |
|
