Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

CVS pserver CVSROOT Passwd File Arbitrary Code Execution

High

Synopsis

An attacker may execute arbitrary commands on the remote system.

Description

The remote CVS server, according to its version number, might allow an attacker to execute arbitrary commands on the remote system as cvs does not drop root privileges properly.

Solution

Upgrade to most recent version of CVS.