12 matches found
cvs-brute NSE Script
Performs brute force password auditing against CVS pserver authentication. Script Arguments cvs-brute.repo string containing the name of the repository to brute if no repo was given the script checks the registry for any repositories discovered by the cvs-brute-repository script. If the registry...
CVS pserver Detection
This script retrieves the version of CVS pserver. SPDX-FileCopyrightText: 2009 Greenbone AG SPDX-FileCopyrightText: 2009 LSS Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later...
CVS pserver version
Overview : This script retrieves the version of CVS pserver and saves the result in KB. OpenVAS Vulnerability Test $Id: cvspserverversion.nasl 5877 2017-04-06 09:01:48Z teissa $ CVS pserver version Detection Authors: Michael Meyer LSS Security Team Copyright: Copyright c 2009 Greenbone Networks...
Debian DSA-486-1 : cvs - several vulnerabilities
Two vulnerabilities have been discovered and fixed in CVS : - CAN-2004-0180 Sebastian Krahmer discovered a vulnerability whereby a malicious CVS pserver could create arbitrary files on the client system during an update or checkout operation, by supplying absolute pathnames in RCS diffs. -...
Debian DSA-422-1 : cvs - remote vulnerability
The account management of the CVS pserver which is used to give remote access to CVS repositories uses a CVSROOT/passwd file in each repository which contains the accounts and their authentication information as well as the name of the local unix account to use when a pserver account is used. Sin...
FreeBSD : SA-04:10.cvs
The remote host is running a version of FreeBSD which contains a heap overflow in the cvs pserver code. This flaw may be used by an attacker to execute arbitrary code on the remote host, provided that it's running a cvs pserver. C Tenable Network Security, Inc. if ! definedfunc"bnrandom" exit0;...
FreeBSD-SA-04:10.cvs
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-04:10.cvs Security Advisory The FreeBSD Project Topic: CVS pserver protocol parser errors Category: contrib Module: contribcvs Announced: 2004-05-19 Revised:...
DSA-486 cvs - several vulnerabilities
Bulletin has no description...
DSA-422 cvs - remote vulnerability
Bulletin has no description...
CVS: possible root compromise when using CVS pserver
Background CVS, which stands for Concurrent Versions System, is a client/server application which tracks changes to sets of files. It allows multiple users to work concurrently on files, and then merge their changes back into the main tree which can be on a remote system. It also allows branching...
CVS pserver Crafted Module Request Arbitrary File / Directory Creation
According to its version number, the CVS server running on the remote remote host may allow an attacker to create directories and possibly files at the root of the filesystem where the CVS repository is located. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid11947;...
CVS pserver Detection
Concurrent Versions System CVS, an open source versioning system, is running on the remote port. The CVS server can be accessed either using third-party tools e.g., RSH or SSH or via the 'pserver' protocol, which is unencrypted. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...