CVS Kit CVS Server 1.10.8 - Instructed File Create
source: https://www.securityfocus.com/bid/1523/info The cvs client blindly trust paths returned to it by the server. Therefore, a cvs client could be tricked into creating a file anywhere on the system by a malicious server. This problem can be tested yourself as follows. Although this example ru...