remote code execution in cvs

2005-04-18T14:31:00
ID SUSE-SA:2005:024
Type suse
Reporter Suse
Modified 2005-04-18T14:31:00

Description

The Concurrent Versions System (CVS) offers tools which allow developers to share and maintain large software projects. The current maintainer of CVS reported various problems within CVS such as a buffer overflow and memory access problems which have been fixed within the available updates. The CVE project has assigned the CAN number CAN-2005-0753.

Solution

There is no easy workaround except shutting down the CVS server.