Slackware 8.1 / 9.0 / 9.1 / current : cvs security update (SSA:2003-345-01)

This script is Copyright (C) 2005-2013 Tenable Network Security, Inc.


Synopsis :

The remote Slackware host is missing a security update.

Description :

CVS is a client/server version control system. As a server, it is
used to host source code repositories. As a client, it is used to
access such repositories. This advisory deals with the use of CVS as a
server. A security problem which could allow an attacker to create
directories and possibly files outside of the CVS repository has been
fixed with the release of cvs-1.11.10. Any sites running a CVS server
should upgrade to the new CVS package.

See also :

http://www.nessus.org/u?7e7d94c4

Solution :

Update the affected cvs package.

Risk factor :

High

Family: Slackware Local Security Checks

Nessus Plugin ID: 18735 ()

Bugtraq ID:

CVE ID: