Family: Mandrake Local Security Checks --> Category: infos
MDKSA-2004:048: cvs Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the cvs package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory MDKSA-2004:048 (cvs).
Stefan Esser discovered that malformed 'Entry' lines in combination with
Is-modified and Unchanged can be used to overflow malloc()ed memory in a way
that can be remotely exploited.
The updated packages contain a patch to correct the problem.
Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2004:048
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.