Oval Definition:oval:org.mitre.oval:def:1060
Revision Date:2007-04-25Version:19
Title:Directory Traversal Vulnerability in CVS Server
Description:CVS before 1.11 allows CVS clients to read arbitrary files via .. (dot dot) sequences in filenames via CVS client requests, a different vulnerability than CVE-2004-0180.
Family:unixClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2004-0405
Platform(s):Red Hat Enterprise Linux 3
Product(s):
Definition Synopsis
  • Software section
  • Red Hat Enterprise 3 is installed
  • AND ix86 architecture
  • AND cvs version is less than 1.11.2-18
  • AND Configuration section
  • /usr/bin/cvs is executable
  • /usr/bin/cvs is executable
  • OR /usr/bin/cvs is executable
  • OR /usr/bin/cvs is executable
    • BACK