|
Family: Debian Local Security Checks --> Category: infos
[DSA806] DSA-806-1 gcvs Vulnerability Scan
Vulnerability Scan Summary DSA-806-1 gcvs
Detailed Explanation for this Vulnerability Test
Marcus Meissner discovered that the cvsbug program from gcvs, the
Graphical frontend for CVS, which serves the popular Concurrent
Versions System, uses temporary files in an insecure fashion.
For the old stable distribution (woody) this problem has been fixed in
version 1.0a7-2woody1.
For the stable distribution (sarge) this problem has been fixed in
version 1.0final-5sarge1.
The unstable distribution (sid) does not expose the cvsbug program.
We recommend that you upgrade your gcvs package.
Solution : http://www.debian.org/security/2005/dsa-806
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|