Lucene search
K

4 matches found

securityvulns
securityvulns
added 2010/09/17 12:0 a.m.50 views

[SECURITY] [DSA 2108-1] New cvsnt package fixes arbitrary code execution

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - ------------------------------------------------------------------------ Debian Security Advisory DSA-2108-1 [email protected] http://www.debian.org/security/ Sebastien Delafond Sep 14, 2010 http://www.debian.org/security/faq - -...

9.3CVSS0.8AI score0.0515EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2010/09/15 6:0 p.m.24 views

CVE-2010-1326

perms.cpp in March Hare Software CVSNT 2.0.58, 2.5.01, 2.5.02, 2.5.03 before build 3736, 2.5.04 before build 2862; CVS Suite 2.5.03, 2008 before build 3736, and 2009 before 3729 allows remote attackers to bypass the permissions check, modify arbitrary modules and directories within CVSROOT, and...

9.3CVSS6.2AI score0.0515EPSS
Exploits0References1
CVE
CVE
added 2010/09/15 5:26 p.m.56 views

CVE-2010-1326

CVE-2010-1326 affects CVSNT and related CVS Suite components from March Hare: versions 2.0.58, 2.5.01–2.5.03 (before builds 3736), 2.5.04 (before 2862), and CVS Suite 2008/2009 builds (before 3736/3729). The vulnerability allows remote attackers to bypass the permissions check, modify arbitrary m...

9.3CVSS7.5AI score0.0515EPSS
Exploits0References7Affected Software2
Tenable Nessus
Tenable Nessus
added 2010/09/15 12:0 a.m.27 views

Debian DSA-2108-1 : cvsnt - programming error

It has been discovered that in cvsnt, a multi-platform version of the original source code versioning system CVS, an error in the authentication code allows a malicious, unprivileged user, through the use of a specially crafted branch name, to gain write access to any module or directory, includi...

9.3CVSS5.7AI score0.0515EPSS
Exploits0References3
Rows per page
Query Builder