EUVD-2010-1355

Malware in sbrugna...

CVSNT 2.0.51d Privilege Escalation Vulnerability

Exploit for windows platform in category local exploits + Credits: John Page aka hyp3rlinx Vendor: ====================== www.march-hare.com www.wincvs.org cvsgui.sourceforge.net Product: ============== CVSNT v2.0.51d Is part of "WinCvs" install zip archive. The CVSNT Versioning System implements...

CVSNT 2.0.51d Privilege Escalation

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/CVSNT-PRIVILEGE-ESCALATION.txt + ISR: ApparitionSec Vendor: ====================== www.march-hare.com www.wincvs.org cvsgui.sourceforge.net Product: ============== CVSNT...

KLA10098 Vulnerability in CVSNT

An unspecified vulnerability was found in CVSNT. By exploiting this vulnerability malicious users can bypass permission checks, modify directories and execute arbitrary code. This vulnerability can be exploited remotely via specially designed branching. Original advisories March Hare bulletin...

Debian Security Advisory DSA 2108-1 (cvsnt)

The remote host is missing an update to cvsnt announced via advisory DSA 2108-1. OpenVAS Vulnerability Test $Id: deb21081.nasl 6614 2017-07-07 12:09:12Z cfischer $ Description: Auto-generated from advisory DSA 2108-1 cvsnt Authors: Thomas Reinke Copyright: Copyright c 2010 E-Soft Inc...

Debian: Security Advisory (DSA-2108-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

cvsnt unauthorized access

Directory traversal via branch name...

[SECURITY] [DSA 2108-1] New cvsnt package fixes arbitrary code execution

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - ------------------------------------------------------------------------ Debian Security Advisory DSA-2108-1 [email protected] http://www.debian.org/security/ Sebastien Delafond Sep 14, 2010 http://www.debian.org/security/faq - -...

CVE-2010-1326

perms.cpp in March Hare Software CVSNT 2.0.58, 2.5.01, 2.5.02, 2.5.03 before build 3736, 2.5.04 before build 2862; CVS Suite 2.5.03, 2008 before build 3736, and 2009 before 3729 allows remote attackers to bypass the permissions check, modify arbitrary modules and directories within CVSROOT, and...

CVE-2010-1326

perms.cpp in March Hare Software CVSNT 2.0.58, 2.5.01, 2.5.02, 2.5.03 before build 3736, 2.5.04 before build 2862; CVS Suite 2.5.03, 2008 before build 3736, and 2009 before 3729 allows remote attackers to bypass the permissions check, modify arbitrary modules and directories within CVSROOT, and...

Design/Logic Flaw

perms.cpp in March Hare Software CVSNT 2.0.58, 2.5.01, 2.5.02, 2.5.03 before build 3736, 2.5.04 before build 2862; CVS Suite 2.5.03, 2008 before build 3736, and 2009 before 3729 allows remote attackers to bypass the permissions check, modify arbitrary modules and directories within CVSROOT, and...

CVE-2010-1326

CVE-2010-1326 affects CVSNT and related CVS Suite components from March Hare: versions 2.0.58, 2.5.01–2.5.03 (before builds 3736), 2.5.04 (before 2862), and CVS Suite 2008/2009 builds (before 3736/3729). The vulnerability allows remote attackers to bypass the permissions check, modify arbitrary m...

CVE-2010-1326

perms.cpp in March Hare Software CVSNT 2.0.58, 2.5.01, 2.5.02, 2.5.03 before build 3736, 2.5.04 before build 2862; CVS Suite 2.5.03, 2008 before build 3736, and 2009 before 3729 allows remote attackers to bypass the permissions check, modify arbitrary modules and directories within CVSROOT, and...

Debian DSA-2108-1 : cvsnt - programming error

It has been discovered that in cvsnt, a multi-platform version of the original source code versioning system CVS, an error in the authentication code allows a malicious, unprivileged user, through the use of a specially crafted branch name, to gain write access to any module or directory, includi...

[SECURITY] [DSA 2108-1] New cvsnt package fixes arbitrary code execution

------------------------------------------------------------------------ Debian Security Advisory DSA-2108-1 [email protected] http://www.debian.org/security/ Sébastien Delafond Sep 14, 2010 http://www.debian.org/security/faq - -...

DSA-2108-1 cvsnt - arbitrary code execution

Bulletin has no description...