CVS Kit CVS Server 1.10 .8 Instructed File Create Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1523/info The cvs client blindly trust paths returned to it by the server. Therefore, a cvs client could be tricked into creating a file anywhere on the system by a malicious server. This problem can be tested yourself as...

CVS Kit CVS Server 1.10 .8 Checkin.prog Binary Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1524/info A CVS committer can execute arbitrary binaries by using Checkin.prog. Usually CVS/Checkin.prog in a working directory is copied from CVSROOT/modules when the directory is checkouted and it is sent back to the...