29 matches found
CVE-2004-0396
Heap-based buffer overflow in CVS 1.11.x up to 1.11.15, and 1.12.x up to 1.12.7, when using the pserver mechanism allows remote attackers to execute arbitrary code via Entry lines...
security flaw
Heap-based buffer overflow in CVS 1.11.x up to 1.11.15, and 1.12.x up to 1.12.7, when using the pserver mechanism allows remote attackers to execute arbitrary code via Entry lines...
FreeBSD-SA-04:10.cvs
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-04:10.cvs Security Advisory The FreeBSD Project Topic: CVS pserver protocol parser errors Category: contrib Module: contribcvs Announced: 2004-05-19 Revised:...
DSA-486 cvs - several vulnerabilities
Bulletin has no description...
DSA-422 cvs - remote vulnerability
Bulletin has no description...
CVS: possible root compromise when using CVS pserver
Background CVS, which stands for Concurrent Versions System, is a client/server application which tracks changes to sets of files. It allows multiple users to work concurrently on files, and then merge their changes back into the main tree which can be on a remote system. It also allows branching...
CVS pserver Crafted Module Request Arbitrary File / Directory Creation
According to its version number, the CVS server running on the remote remote host may allow an attacker to create directories and possibly files at the root of the filesystem where the CVS repository is located. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid11947;...
FreeBSD-SA-03:01.cvs
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-03:01.cvs Security Advisory The FreeBSD Project Topic: remotely exploitable vulnerability in cvs server Category: contrib Module: contribcvs Announced: 2003-02-04...
CVS pserver Detection
Concurrent Versions System CVS, an open source versioning system, is running on the remote port. The CVS server can be accessed either using third-party tools e.g., RSH or SSH or via the 'pserver' protocol, which is unencrypted. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...