CVS v1.11.4 and below contains a double free bug which allows attackers with read access to execute code on the server by sending a malformed directory name. By default, CVS runs with root privileges. Patch available here.
cf1e29270d759e81797059b571c99eff0c58d3aa9fffcdeb234d72fc4c3a22a7Vulnerabilities in Your Code Part II - Format string vulnerabilities and exploitation. Shows the exact location of the vulnerabilities, providing detailed explanations and exploits for each one found.
8c24f5e7710930cc45684d33d0daebaf7d08df845a23878ef36b0304e4c5c79fCERT Advisory CA-2003-02 - Systems running CVS Home project versions of CVS prior to 1.11.5 allow non-authenticated remote attackers with read only access to execute arbitrary code. Vendor status information available here.
17de6d4fcd37cb08a404a427065be676f4b3066c9a1c51f006c3a279d9291e05iDEFENSE Security Advisory 01.21.03: Buffer Overflows in Mandrake Linux printer-drivers Package. Three vulnerabilities exist, the worst of which allows local root compromise. Overflows in the mtink and escputil binaries, which are set group id sys, allow an attacker to gain sys group privileges. A race condition in the ml85p binary, which is set user id root, allows an attacker to create a file with super user privileges.
7176f37ea45e1920e9e214222d1b7446b1bb27eb36daf186f9b7edeb3b38a417
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed