[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[linux-security] remote exploit in cvs
Topic
=====
remote exploit in cvs server
Problem Description
===================
The Concurrent Versions System (CVS) offers tools which allow developers
to share and maintain large software projects.
CVS releases up to 1.11.15 contain a flaw when deciding if a CVS entry line
should get a modified or unchanged flag attached. This results in a heap
overflow which can be exploited to execute arbitrary code on the CVS server.
This could allow a repository compromise.
(CAN-2004-0396)
Remark
======
How serious this vulnerability is becomes clear from the fact that the
CVS development site itself (www.cvshome.org) is currently down because
of it.
Affected Versions
=================
cvs-1.11.15 and earlier
Solution
========
upgrade to version 1.11.16 or a patched version for your distribution
SuSE-8.0
--------
rpm -Fvh cvs-1.11.1p1-329.i386.rpm
SuSE-8.1
--------
rpm -Fvh cvs-1.11.1p1-329.i586.rpm
SuSE-8.2
--------
rpm -Fvh cvs-1.11.5-112.i586.rpm
SuSE-9.0
--------
rpm -Fvh cvs-1.11.6-81.i586.rpm
SuSE-9.1
--------
rpm -Fvh cvs-1.11.14-24.3.i586.rpm
SFU 1.0 (RedHat 7.3)
--------------------
[packages available from ftp://ftp.sfu.ca/pub/linux/1.0/RPMS/]
rpm -Fvh cvs-1.11.2-21.7.i386.rpm
Mandrake 9.1
------------
rpm -Fvh cvs-1.11.14-0.2.91mdk.i586.rpm
Mandrake 9.2
------------
rpm -Fvh cvs-1.11.14-0.2.92mdk.i586.rpm
Mandrake 10.0
-------------
rpm -Fvh cvs-1.11.14-0.2.100mdk.i586.rpm
Fedora 1
--------
rpm -Fvh cvs-1.11.15-5.i386.rpm
Fedora 2
--------
rpm -Fvh cvs-1.11.15-6.i386.rpm
Debian 3.0 (woody)
------------------
upgrade to cvs_1.11.1p1debian-9woody4_i386.deb