|
Family: Debian Local Security Checks --> Category: infos
[DSA802] DSA-802-1 cvs Vulnerability Scan
Vulnerability Scan Summary DSA-802-1 cvs
Detailed Explanation for this Vulnerability Test
Marcus Meissner discovered that the cvsbug program from CVS, which
serves the popular Concurrent Versions System, uses temporary files in
an insecure fashion.
For the old stable distribution (woody) this problem has been fixed in
version 1.11.1p1debian-13.
In the stable distribution (sarge) the cvs package does not expose the
cvsbug program anymore.
In the unstable distribution (sid) the cvs package does not expose the
cvsbug program anymore.
We recommend that you upgrade your cvs package.
Solution : http://www.debian.org/security/2005/dsa-802
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|