Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

Tenable Nessus
Tenable Nessusadded 2004/07/31 12:0 a.m.27 views

Mandrake Linux Security Advisory : cvs (MDKSA-2004:028)

Sebastian Krahmer from the SUSE security team discovered a remotely exploitable vulnerability in the CVS client. When doing a cvs checkout or update over a network, the client accepts absolute pathnames in the RCS diff files. A maliciously configured server could then create any file with content...

2.6CVSS5.4AI score0.04165EPSS
Exploits0References1
Tenable Nessus
Tenable Nessusadded 2004/07/23 12:0 a.m.15 views

Fedora Core 1 : cvs-1.11.15-1 (2004-110)

The client for CVS before 1.11.15 allows a remote malicious CVS server to create arbitrary files using certain RCS diff files that use absolute pathnames during checkouts or updates. Updated packages were made available in April 2004 however the original update notification email did not make it ...

5.7AI score
Exploits0References1
UbuntuCve
UbuntuCveadded 2004/06/01 4:0 a.m.37 views

CVE-2004-0180

The client for CVS before 1.11 allows a remote malicious CVS server to create arbitrary files using certain RCS diff files that use absolute pathnames during checkouts or updates, a different vulnerability than CVE-2004-0405...

2.6CVSS6.1AI score0.04165EPSS
Exploits0References1
NVD
NVDadded 2004/06/01 4:0 a.m.12 views

CVE-2004-0180

The client for CVS before 1.11 allows a remote malicious CVS server to create arbitrary files using certain RCS diff files that use absolute pathnames during checkouts or updates, a different vulnerability than CVE-2004-0405...

2.6CVSS6.5AI score0.04165EPSS
Exploits0References23
Debian CVE
Debian CVEadded 2004/04/16 4:0 a.m.27 views

CVE-2004-0180

The client for CVS before 1.11 allows a remote malicious CVS server to create arbitrary files using certain RCS diff files that use absolute pathnames during checkouts or updates, a different vulnerability than CVE-2004-0405...

2.6CVSS6.5AI score0.04165EPSS
Exploits0
Cvelist
Cvelistadded 2001/01/22 5:0 a.m.17 views

CVE-2000-0679

The CVS 1.10.8 client trusts pathnames that are provided by the CVS server, which allows the server to force the client to create arbitrary files...

6.7AI score0.00942EPSS
Exploits1References2
NVD
NVDadded 2000/10/20 4:0 a.m.13 views

CVE-2000-0679

The CVS 1.10.8 client trusts pathnames that are provided by the CVS server, which allows the server to force the client to create arbitrary files...

2.1CVSS6.7AI score0.00942EPSS
Exploits1References2
exploitpack
exploitpackadded 2000/07/28 12:0 a.m.11 views

CVS Kit CVS Server 1.10.8 - Instructed File Create

CVS Kit CVS Server 1.10.8 - Instructed File Create source: https://www.securityfocus.com/bid/1523/info The cvs client blindly trust paths returned to it by the server. Therefore, a cvs client could be tricked into creating a file anywhere on the system by a malicious server. This problem can be...

7.4AI score
Exploits0
Exploit DB
Exploit DBadded 2000/07/28 12:0 a.m.26 views

CVS Kit CVS Server 1.10.8 - Instructed File Create

source: https://www.securityfocus.com/bid/1523/info The cvs client blindly trust paths returned to it by the server. Therefore, a cvs client could be tricked into creating a file anywhere on the system by a malicious server. This problem can be tested yourself as follows. Although this example ru...

7.4AI score
Exploits0
Rows per page
Query Builder