SuSE 10 Security Update : CVS (ZYPP Patch Number 7991)

Critical Nessus Plugin ID 58142


The remote SuSE 10 host is missing a security-related patch.


A heap-based buffer overflow flaw was found in the way CVS read proxy connection HTTP responses. An attacker could exploit this to cause the application to crash or, potentially, execute arbitrary code in the context of the user running the application. (CVE-2012-0804)


Apply ZYPP patch number 7991.

See Also

Plugin Details

Severity: Critical

ID: 58142

File Name: suse_cvs-7991.nasl

Version: Revision: 1.4

Type: local

Agent: unix

Published: 2012/02/28

Updated: 2012/05/31

Dependencies: 12634

Risk Information

Risk Factor: Critical

CVSS v2.0

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/o:suse:suse_linux

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Patch Publication Date: 2012/02/22

Reference Information

CVE: CVE-2012-0804