Slackware Advisory SSA:2004-108-02 Cvs Security Update Network Vulnerability

Summary

The remote host is missing an update as announced via advisory SSA:2004-108-02.

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2004-108-02

Insight

CVS is a client/server version control system. As a server, it is used to host source code repositories. As a client, it is used to access such repositories. This advisory affects both uses of CVS. A security problem which could allow a server to create arbitrary files on a client machine, and another security problem which may allow a client to view files outside of the CVS repository have been fixed with the release of cvs-1.11.15. Any sites running CVS should upgrade to the new CVS package.

Severity

Classification

CVE CVE-2004-0180, CVE-2004-0405
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N

Related Vulnerabilities

Slackware Advisory SSA:2006-200-01 Samba 2.0.23 repackaged
Slackware Advisory SSA:2005-278-01 Thunderbird email client
Slackware Advisory SSA:2005-310-04 apache
Slackware Advisory SSA:2007-230-01 tcpdump
Slackware Advisory SSA:2006-178-02 gnupg DoS

Slackware Advisory SSA:2004-108-02 cvs security update

Take action and discover your vulnerabilities