RHSA-2004:004 Red Hat Security Advisory: cvs security update

Bulletin has no description...

CVS Repository Detected

The web server on the remote host allows read access to files within a 'CVSROOT' directory exposing files tracked inside. This potential flaw can be used to access content from the web server that might otherwise be private & permit download of the source code of listed pages hosted on the remote...

cvs security update

1.11.23-11.el60.1 - Fix CVE-2010-3846 Resolves: 644813...

SuSE-SA:2004:008: cvs

The remote host is missing the patch for the advisory SuSE-SA:2004:008 cvs. The Concurrent Versions System CVS offers tools which allow developers to share and maintain large software projects. During the analyzation of the CVS protocol and their implementation, the SuSE Security Team discovered ...

RHEL 2.1 / 3 : cvs (RHSA-2004:190)

An updated cvs package that fixes a server vulnerability that could be exploited by a malicious client is now available. CVS is a version control system frequently used to manage source code repositories. Stefan Esser discovered a flaw in cvs where malformed 'Entry' lines could cause a heap...

CVS - Remote Entry Line Root Heap Overflow

CVS - Remote Entry Line Root Heap Overflow include include include include include include include include include include include include include include define CVSPORT 2401 define RET 0xffbffd20 define NOP 0x82102017 define ROUNDs if s % wordsize s += wordsize - s % wordsize unsigned char root;...

Critical: Red Hat Security Advisory: cvs security update

An updated cvs package that fixes several server vulnerabilities, which could be exploited by a malicious client, is now available. CVS is a version control system frequently used to manage source code repositories. While investigating a previously fixed vulnerability, Derek Price discovered a fl...

Critical: Red Hat Security Advisory: cvs security update

An updated cvs package that fixes a server vulnerability that could be exploited by a malicious client is now available. CVS is a version control system frequently used to manage source code repositories. Stefan Esser discovered a flaw in cvs where malformed "Entry" lines could cause a heap...

cvs security update

CVS is a client/server version control system. As a server, it is used to host source code repositories. As a client, it is used to access such repositories. This advisory affects both uses of CVS. A security problem which could allow a server to create arbitrary files on a client machine, and...

Moderate: Red Hat Security Advisory: cvs security update

Updated cvs packages that fix a client vulnerability that could be exploited by a malicious server are now available. Updated Apr 19 2004 The description text has been updated to include CAN-2004-0405 which was also fixed but not mentioned when this advisory was first released. There has been no...

Low: Red Hat Security Advisory: cvs security update

Updated cvs packages closing a vulnerability that could allow cvs to attempt to create files and directories in the root file system are now available. CVS is a version control system frequently used to manage source code repositories. A flaw was found in versions of CVS prior to 1.11.10 where a...

Low: Red Hat Security Advisory: : Updated CVS packages fix minor security issue

Updated cvs packages closing a vulnerability that could allow cvs to attempt to create files and directories in the root file system are now available. CVS is a version control system frequently used to manage source code repositories. A flaw was found in versions of CVS prior to 1.11.10 where a...

[slackware-security] cvs security update

CVS is a client/server version control system. As a server, it is used to host source code repositories. As a client, it is used to access such repositories. This advisory deals with the use of CVS as a server. A security problem which could allow an attacker to create directories and possibly...

CVS: malformed module request vulnerability

Background CVS, which stands for Concurrent Versions System, is a client/server application which tracks changes to sets of files. It allows multiple users to work concurrently on files, and then merge their changes back into the main tree which can be on a remote system. It also allows branching...

Critical: Red Hat Security Advisory: : : : Updated CVS packages available

Updated cvs packages are now available for Red Hat Linux 6.2, 7, 7.1, 7.2, 7.3, and 8.0. These updates close a vulnerability which would permit arbitrary command execution on servers configured to allow anonymous read-only access. Updated 16 April 2003 Added packages for Red Hat Linux on IBM...

Critical: Red Hat Security Advisory: cvs security update

Updated CVS packages are now available for Red Hat Linux Advanced Server. These updates fix a vulnerability which would permit arbitrary command execution on servers configured to allow anonymous read-only access. Updated 06 Feb 2003 Added fixed packages for Advanced Workstation 2.1 CVS is a...

cvs security problem

I found two security problems in cvs-1.10.8. 1 A committer can execute any binary in server using CVS/Checkin.prog or CVS/Update.prog. A committer can execute arbitrary binary on a cvs server using Checkin.prog. Usually CVS/Checkin.prog in a working directory is copied from CVSROOT/modules when t...