CVS Kit CVS Server 1.10.8 - 'Checkin.prog' Binary Execution

source: https://www.securityfocus.com/bid/1524/info A CVS committer can execute arbitrary binaries by using Checkin.prog. Usually CVS/Checkin.prog in a working directory is copied from CVSROOT/modules when the directory is "checkout"ed and it is sent back to the server and executed with committin...