RHEL 2.1 : cvs (RHSA-2003:013)

This script is Copyright (C) 2004-2014 Tenable Network Security, Inc.

Synopsis :

The remote Red Hat host is missing a security update.

Description :

Updated CVS packages are now available for Red Hat Linux Advanced
Server. These updates fix a vulnerability which would permit arbitrary
command execution on servers configured to allow anonymous read-only

[Updated 06 Feb 2003] Added fixed packages for Advanced Workstation

CVS is a version control system frequently used to manage source code
repositories. During an audit of the CVS sources, Stefan Esser
discovered an exploitable double-free bug in the CVS server.

On servers which are configured to allow anonymous read-only access,
this bug could be used by anonymous users to gain write privileges.
Users with CVS write privileges can then use the Update-prog and
Checkin-prog features to execute arbitrary commands on the server.

All users of CVS are advised to upgrade to these packages which
contain patches to correct the double-free bug.

Our thanks go to Stefan Esser of e-matters for reporting this issue to

See also :


Solution :

Update the affected cvs package.

Risk factor :

High / CVSS Base Score : 7.5
Public Exploit Available : true

Family: Red Hat Local Security Checks

Nessus Plugin ID: 12351 ()

Bugtraq ID:

CVE ID: CVE-2003-0015