New Search

Malicious CVS Server RCS diff File Vulnerability in CVS Client

oval:org.mitre.oval:def:1042

The client for CVS before 1.11 allows a remote malicious CVS server to create arbitrary files using certain RCS diff files that use absolute pathnames during checkouts or updates a different vulnerability than CVE-2004-0405.

Family:
unix
Status:
ACCEPTED
Platform(s):
  • Red Hat Enterprise Linux 3
Class:
vulnerability
Reference(s):
  • CVE-2004-0180
Product(s):