Oval Definition:oval:org.mitre.oval:def:1042
Revision Date:2007-04-25Version:19
Title:Malicious CVS Server RCS diff File Vulnerability in CVS Client
Description:The client for CVS before 1.11 allows a remote malicious CVS server to create arbitrary files using certain RCS diff files that use absolute pathnames during checkouts or updates, a different vulnerability than CVE-2004-0405.
Family:unixClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2004-0180
Platform(s):Red Hat Enterprise Linux 3
Product(s):
Definition Synopsis
  • Software section
  • Red Hat Enterprise 3 is installed
  • AND ix86 architecture
  • AND cvs version is less than 1.11.2-18
  • AND Configuration section
  • /usr/bin/cvs is executable
  • /usr/bin/cvs is executable
  • OR /usr/bin/cvs is executable
  • OR /usr/bin/cvs is executable
    • BACK