Family: Ubuntu Local Security Checks --> Category: infos
USN117-1 : cvs vulnerability Vulnerability Scan
Vulnerability Scan Summary
Detailed Explanation for this Vulnerability Test
The remote package "cvs" is missing a security patch.
Alen Zukich discovered a buffer overflow in the processing of version
and author information in the CVS client. By tricking an user to
connect to a malicious CVS server, a possible hacker could exploit this to
execute arbitrary code with the rights of the connecting user.
Upgrade to :
- cvs-1.12.9-9ubuntu0.1 (Ubuntu 4.10)
- cvs-1.12.9-9ubuntu0.1 (Ubuntu 5.04)
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.