Horde Chora CVS Viewer diff Utility Arbitrary Command Execution

The remote server is running at least one instance of Chora version 1.2.1 or earlier. Such versions have a flaw in the diff viewer that enables a remote attacker to run arbitrary code with the permissions of the web user. %NASLMINLEVEL 70300 This script was written by George A. Theall, . See the...

[UNIX] Chora CVS/SVN Viewer Remote Vulnerability

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...