GLSA
Bodhisattva
Joined: 13 Jun 2003
Posts: 4087
Location: Dresden, Germany
|
 Posted: Thu Jun 10, 2004 7:56 pm Post subject: [ GLSA 200406-06 ] CVS: additional DoS and arbitrary code ex |
 |
|
Gentoo Linux Security Advisory
Title: CVS: additional DoS and arbitrary code execution vulnerabilities (GLSA 200406-06)
Severity: high
Exploitable: remote
Date: June 10, 2004
Bug(s): #53408
ID: 200406-06
Synopsis
Several serious new vulnerabilities have been found in CVS, which may allow
an attacker to remotely compromise a CVS server.
Background
CVS (Concurrent Versions System) is an open-source network-transparent
version control system. It contains both a client utility and a server.
Affected Packages
Package: dev-util/cvs
Vulnerable: <= 1.11.16-r1
Unaffected: >= 1.11.17
Architectures: All supported architectures
Description
A team audit of the CVS source code performed by Stefan Esser and Sebastian
Krahmer resulted in the discovery of several remotely exploitable
vulnerabilities including:
- no-null-termination of "Entry" lines
- error_prog_name "double-free()"
- Argument integer overflow
- serve_notify() out of bounds writes
Impact
An attacker could use these vulnerabilities to cause a Denial of Service or
execute arbitrary code with the permissions of the user running cvs.
Workaround
There is no known workaround at this time. All users are advised to upgrade
to the latest available version of CVS.
Resolution
All CVS users should upgrade to the latest stable version:
| Code: | # emerge sync
# emerge -pv ">=dev-util/cvs-1.11.17"
# emerge ">=dev-util/cvs-1.11.17" |
References
E-matters Advisory 09/2004
CAN-2004-0414
CAN-2004-0416
CAN-2004-0417
CAN-2004-0418
Last edited by GLSA on Mon Dec 08, 2014 4:16 am; edited 3 times in total |
|
News & Announcements
