CVS < 1.11.10 / 1.12.3 pserver Crafted Module Request Arbitrary File / Directory Creation
Medium Nessus Network Monitor Plugin ID 1180
SynopsisThe remote host allows unauthorized users to create or modify files/directories.
DescriptionThe remote CVS server, according to its version number, may allow an attacker to create directories and possibly files at the root of the filesystem holding the CVS repository.
SolutionUpgrade CVS to 1.11.10, 1.12.3 or later.