| VID |
23072 |
| Severity |
40 |
| Port |
2401 |
| Protocol |
TCP |
| Class |
CVS |
| Detailed Description |
The CVS server, according to its version number, has multiple vulnerabilities.
CVS (Concurrent Versions System) is an open-source source code management and distribution system available for most Linux and Unix-based operating systems. CVS versions 1.11.x up to 1.11.16, and 1.12.x up to 1.12.8 could allow a remote attacker to execute arbitrary code on the affected host or to cause the CVS service crash.
Among the vulnerabilities deemed likely to be exploitable were:
- a flaw relating to malformed "Entry" lines (CAN-2004-0414)
- a double-free relating to the error_prog_name string (CAN-2004-0416)
- an argument integer overflow (CAN-2004-0417)
- out-of-bounds writes in serv_notify (CAN-2004-0418)
* Note: This check solely relied on the version number of the remote CVS server to assess this vulnerability, so this might be a false positive.
* References:
http://archives.neohapsis.com/archives/fulldisclosure/2004-06/0215.html
* Platforms Affected:
CVS 1.11.x up to 1.11.16
CVS 1.12.x up to 1.12.8
Linux Any version
UNIX Any version |
| Recommendation |
Upgrade to a fixed version of CVS (1.11.17 or 1.12.9), available from the CVS Web site at http://ccvs.cvshome.org/servlets/ProjectDownloadList
For SuSE Linux:
Upgrade to the latest cvs package, as listed in SuSE Security Announcement SuSE-SA:2004:015 at http://www.suse.de/de/security/2004_15_cvs.html
For Red Hat Linux:
Upgrade to the latest version of cvs, as listed in Red Hat Security Advisory RHSA-2004:233-07 at http://www.redhat.com/support/errata/RHSA-2004-233.html
For other distributions:
Contact your vendor for patch or upgrade information. |
| Related URL |
CVE-2004-0414,CVE-2004-0416,CVE-2004-0417,CVE-2004-0418 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
16364,16365,16366,16367 (ISS) |
|
