FreeBSD : CVS path validation errors (0792e7a7-8e37-11d8-90d1-0020ed76ef5a)

This script is Copyright (C) 2009-2013 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing a security-related update.

Description :

Two programming errors were discovered in which path names handled by
CVS were not properly validated. In one case, the CVS client accepts
absolute path names from the server when determining which files to
update. In another case, the CVS server accepts relative path names
from the client when determining which files to transmit, including
those containing references to parent directories (`../').

These programming errors generally only have a security impact when
dealing with remote CVS repositories.

A malicious CVS server may cause a CVS client to overwrite arbitrary
files on the client's system.

A CVS client may request RCS files from a remote system other than
those in the repository specified by $CVSROOT. These RCS files need
not be part of any CVS repository themselves.

See also :

http://www.nessus.org/u?c76295b2
http://www.nessus.org/u?d7a16ad1

Solution :

Update the affected package.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 36645 (freebsd_pkg_0792e7a78e3711d890d10020ed76ef5a.nasl)

Bugtraq ID:

CVE ID: CVE-2004-0180
CVE-2004-0405

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now