|
Family: CGI abuses --> Category: infos
ViewCVS HTTP Response Splitting Vulnerability Scan
Vulnerability Scan Summary viewcvs flaw
Detailed Explanation for this Vulnerability Test
The remote host is running ViewCVS, a tool to browse CVS repositories over
the web written in python.
There is a flaw in the remote version of this web site which may allow
a possible hacker to use the remote site thru an HTTP response splitting attack
to steal the credentials of third-party users.
Solution : Upgrade to ViewCVS 1.0.0 or newer
Threat Level: Medium
Click HERE for more information and discussions on this network vulnerability scan.
|