CVS pserver CVSROOT Passwd File Arbitrary Code Execution
High Nessus Network Monitor Plugin ID 1181
SynopsisAn attacker may execute arbitrary commands on the remote system.
DescriptionThe remote CVS server, according to its version number, might allow an attacker to execute arbitrary commands on the remote system as cvs does not drop root privileges properly.
SolutionUpgrade to most recent version of CVS.