Korean

<< Back VID 23071 Severity 40 Port 2401 Protocol TCP Class CVS Detailed Description The CVS server, according to its version number, has a heap-based buffer overflow vulnerability. CVS (Concurrent Versions System) is an open-source source code management and distribution system available for most Linux and Unix-based operating systems. CVS versions 1.11.x up to 1.11.15, and 1.12.x up to 1.12.7 could allow a remote attacker to execute arbitrary code on the affected host, caused by improper validation of malformed "Entry" lines. A attacker who has access to a CVS server could use this vulnerability to execute arbitrary code under the UID which the CVS server is executing. * Note: This check solely relied on the version number of the remote CVS server to assess this vulnerability, so this might be a false positive. * References: http://security.e-matters.de/advisories/072004.html * Platforms Affected: CVS 1.11.x up to 1.11.15 CVS 1.12.x up to 1.12.7 Linux Any version UNIX Any version Recommendation Upgrade to a fixed version of CVS (1.11.16 or 1.12.8), available from the CVS Web site at http://ccvs.cvshome.org/servlets/ProjectDownloadList For SuSE Linux: Upgrade to the latest cvs package, as listed in SuSE Security Announcement SuSE-SA:2004:013 at http://www.suse.com/de/security/2004_13_cvs.html For FreeBSD: Upgrade to the latest version of CVS, as listed in FreeBSD, Inc. Security Advisory FreeBSD-SA-04:10 at ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:10.cvs.asc For Red Hat Linux 9: Upgrade to the latest version of cvs, as listed in Red Hat Security Advisory RHSA-2004:190-14 at http://www.redhat.com/support/errata/RHSA-2004-190.html For Debian GNU/Linux 3.0 (woody): Upgrade to the latest cvs package, as listed in Debian Security Advisory DSA-505-1 at http://www.debian.org/security/2004/dsa-505 For other distributions: Contact your vendor for patch or upgrade information. Related URL CVE-2004-0396 (CVE) Related URL 10384 (SecurityFocus) Related URL (ISS)