The remote host is affected by the vulnerability described in GLSA-200504-16 (CVS: Multiple vulnerabilities)

    Alen Zukich has discovered several serious security issues in CVS,     including at least one buffer overflow (CAN-2005-0753), memory leaks     and a NULL pointer dereferencing error. Furthermore when launching     trigger scripts CVS includes a user controlled directory.
  Impact :

    An attacker could exploit these vulnerabilities to cause a Denial of     Service or execute arbitrary code with the permissions of the CVS     pserver or the authenticated user (depending on the connection method     used).
  Workaround :

    There is no known workaround at this time.

According to its version number, the remote CVS server has unspecified vulnerabilities.  This includes a double free, and a buffer overflow.
A remote attacker could exploit these to crash the server, or possibly execute arbitrary code.

New CVS packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, and -current to fix security issues.

This advisory adds security support for the stable amd64 distribution.
It covers all security updates since the release of sarge, which were missing updated packages for the not yet official amd64 port. Future security advisories will include updates for this port as well.

Alen Zukich discovered a buffer overflow in the processing of version and author information in the CVS client. By tricking an user to connect to a malicious CVS server, an attacker could exploit this to execute arbitrary code with the privileges of the connecting user.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

The remote Redhat Enterprise Linux 4 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2005:387 advisory.

    CVS (Concurrent Version System) is a version control system.

    A buffer overflow bug was found in the way the CVS client processes version     and author information. If a user can be tricked into connecting to a     malicious CVS server, an attacker could execute arbitrary code. The Common     Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name     CAN-2005-0753 to this issue.

    Additionally, a bug was found in which CVS freed an invalid pointer.
    However, this issue does not appear to be exploitable.

    All users of cvs should upgrade to this updated package, which includes a     backported patch to correct these issues.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

A buffer overflow and memory access problem in CVS have been discovered by the CVS maintainer. The updated packages have been patched to correct the problem.

An updated cvs package that fixes security bugs is now available.

This update has been rated as having moderate security impact by the Red Hat Security Response Team.

CVS (Concurrent Version System) is a version control system.

A buffer overflow bug was found in the way the CVS client processes version and author information. If a user can be tricked into connecting to a malicious CVS server, an attacker could execute arbitrary code. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-0753 to this issue.

Additionally, a bug was found in which CVS freed an invalid pointer.
However, this issue does not appear to be exploitable.

All users of cvs should upgrade to this updated package, which includes a backported patch to correct these issues.

Derek Price, the current maintainer of CVS, discovered a buffer overflow in the CVS server, that serves the popular Concurrent Versions System, which could lead to the execution of arbitrary code.

The remote host is missing the patch for the advisory SUSE-SA:2005:024 (cvs).


The Concurrent Versions System (CVS) offers tools which allow developers to share and maintain large software projects.
The current maintainer of CVS reported various problems within CVS such as a buffer overflow and memory access problems which have been fixed within the available updates.
The CVE project has assigned the CAN number CVE-2005-0753.

The remote host is running a CVS server that, according to its version number, is vulnerable to an undisclosed remote buffer overflow.  An attacker exploiting this flaw is alleged to be able to execute arbitrary code on the target CVS server.

ID	Name	Product	Family	Published	Updated	Severity
18088	GLSA-200504-16 : CVS: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	4/19/2005	1/6/2021	high
18097	CVS < 1.11.20 / 1.12.12 Multiple Unspecified Vulnerabilities	Nessus	Misc.	4/20/2005	7/6/2018	critical
18804	Slackware 10.0 / 10.1 / 8.1 / 9.0 / 9.1 / current : CVS (SSA:2005-111-01)	Nessus	Slackware Local Security Checks	7/13/2005	1/14/2021	high
57528	Debian DSA-773-1 : amd64 - several vulnerabilities	Nessus	Debian Local Security Checks	1/12/2012	1/4/2021	critical
20505	Ubuntu 4.10 / 5.04 : cvs vulnerability (USN-117-1)	Nessus	Ubuntu Local Security Checks	1/15/2006	1/19/2021	high
18130	RHEL 4 : cvs (RHSA-2005:387)	Nessus	Red Hat Local Security Checks	4/25/2005	11/4/2024	critical
18103	Mandrake Linux Security Advisory : cvs (MDKSA-2005:073)	Nessus	Mandriva Local Security Checks	4/21/2005	1/6/2021	high
21817	CentOS 3 / 4 : cvs (CESA-2005:387)	Nessus	CentOS Local Security Checks	7/3/2006	1/4/2021	high
18646	Debian DSA-742-1 : cvs - buffer overflow	Nessus	Debian Local Security Checks	7/8/2005	1/4/2021	high
18082	SUSE-SA:2005:024: cvs	Nessus	SuSE Local Security Checks	4/18/2005	1/14/2021	high
2838	CVS < 1.12.12 Unspecified Remote Overflow	Nessus Network Monitor	Generic	4/18/2005	3/6/2019	medium

Detections

Analytics

Plugins Search

high

critical

high

critical

high

critical

high

high

high

high

medium