CVS PServer CVSROOT Passwd File Arbitrary Code Execution
High Nessus Plugin ID 11970
SynopsisThe remote version control service has a code execution vulnerability.
DescriptionAccording to its version number, the remote CVS server has an arbitrary code execution vulnerability. Any user with the ability to write the CVSROOT/passwd file could execute arbitrary code as root.
SolutionUpgrade to CVS 1.11.11 or later.