EUVD-2003-0967

Malware in sbrugna...

EUVD-2006-3628

Malware in sbrugna...

Slackware Advisory SSA:2003-345-01 cvs security update

The remote host is missing an update as announced via advisory SSA:2003-345-01. OpenVAS Vulnerability Test $Id: esoftslkssa200334501.nasl 6598 2017-07-07 09:36:44Z cfischer $ Description: Auto-generated from the corresponding slackware advisory Authors: Thomas Reinke Copyright: Copyright c 2012...

Debian Security Advisory DSA 517-1 (cvs)

The remote host is missing an update to cvs announced via advisory DSA 517-1. OpenVAS Vulnerability Test $Id: deb5171.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 517-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

CVE-2006-3633

OSSP shiela 1.1.5 and earlier allows remote authenticated users to execute arbitrary commands on the CVS server via shell metacharacters in a filename that is committed...

CVE-2006-3633

OSSP shiela 1.1.5 and earlier allows remote authenticated users to execute arbitrary commands on the CVS server via shell metacharacters in a filename that is committed...

A CVS pserver is running

A CVS Concurrent Versions System server is installed, and it is configured to have its own password file, or use that of the system. This service starts as a daemon, listening on port TCP:port. SPDX-FileCopyrightText: 2005 SecuriTeam Some text descriptions might be excerpted from a referenced...

A CVS pserver is running

A CVS Concurrent Versions System server is installed, and it is configured to have its own password file, or use that of the system. This service starts as a daemon, listening on port TCP:port. Knowing that a CVS server is present on the system gives attackers additional information about the...

CVS file existence information disclosure weakness

The remote CVS server, according to its version number, can be exploited by malicious users to gain knowledge of certain system information. This behaviour can be exploited to determine the existence and permissions of arbitrary files and directories on a vulnerable system. OpenVAS Vulnerability...

DSA-715-1 cvs - several

Bulletin has no description...

Debian DSA-505-1 : cvs - heap overflow

Stefan Esser discovered a heap overflow in the CVS server, which serves the popular Concurrent Versions System. Malformed 'Entry' Lines in combination with Is-modified and Unchanged can be used to overflow malloced memory. This was proven to be exploitable. %NASLMINLEVEL 70300 C Tenable Network...

GLSA-200405-12 : CVS heap overflow vulnerability

The remote host is affected by the vulnerability described in GLSA-200405-12 CVS heap overflow vulnerability Stefan Esser discovered a heap overflow in the CVS server, which can be triggered by sending malicious 'Entry' lines and manipulating the flags related to that Entry. This vulnerability wa...

CVS Server Detection

Binary data 1898.prm...

CVS history.c File Existence Information Disclosure

The remote CVS server, according to its version number, can be exploited by malicious users to gain knowledge of certain system information. This behavior can be exploited to determine the existence and permissions of arbitrary files and directories on a vulnerable system. C Tenable Network...

Mandrake Linux Security Advisory : cvs (MDKSA-2003:009)

Two vulnerabilities were discoverd by Stefen Esser in the cvs program. The first is an exploitable double free bug within the server, which can be used to execute arbitrary code on the CVS server. To accomplish this, the attacker must have an anonymous read-only login to the CVS server. The secon...

Fedora Core 1 : cvs-1.11.15-5 (2004-126)

Stefan Esser discovered a flaw in cvs where malformed 'Entry' lines could cause a heap overflow. An attacker who has access to a CVS server could use this flaw to execute arbitrary code under the UID which the CVS server is executing. The Common Vulnerabilities and Exposures project cve.mitre.org...

[SECURITY] [DSA 517-1] New CVS packages fix buffer overflow

-------------------------------------------------------------------------- Debian Security Advisory DSA 517-1 [email protected] http://www.debian.org/security/ Martin Schulze June 10th, 2004 http://www.debian.org/security/faq -...

DSA-517 cvs - buffer overflow

Bulletin has no description...

CVS heap overflow vulnerability

Background CVS Concurrent Versions System is an open-source network-transparent version control system. It contains both a client utility and a server. Description Stefan Esser discovered a heap overflow in the CVS server, which can be triggered by sending malicious "Entry" lines and manipulating...

[SECURITY] [DSA 505-1] New cvs packages fix remote exploit

-------------------------------------------------------------------------- Debian Security Advisory DSA 505-1 [email protected] http://www.debian.org/security/ Martin Schulze May 19th, 2004 http://www.debian.org/security/faq -...