Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: Debian Local Security Checks --> Category: infos

[DSA605] DSA-605-1 viewcvs Vulnerability Scan

Vulnerability Scan Summary
DSA-605-1 viewcvs

Detailed Explanation for this Vulnerability Test

Haris Sehic discovered several vulnerabilities in viewcvs, a utility
for viewing CVS and Subversion repositories via HTTP. When exporting
a repository as a tar archive the hide_cvsroot and forbidden settings
were not honoured enough.
When upgrading the package for woody, please make a copy of your
/etc/viewcvs/viewcvs.conf file if you have manually edited this file.
Upon upgrade the debconf mechanism may alter it in a way so that
viewcvs doesn't understand it anymore.
For the stable distribution (woody) these problems have been fixed in
version 0.9.2-4woody1.
For the unstable distribution (sid) these problems have been fixed in
We recommend that you upgrade your viewcvs package.

Solution :
Threat Level: High

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.