Mageni Mageni Security LLC

Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

Debian Security Advisory DSA 605-1 (viewcvs)

Information

Severity

Severity

Medium

Family

Family

Debian Local Security Checks

CVSSv2 Base

CVSSv2 Base

5.0

CVSSv2 Vector

CVSSv2 Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Solution Type

Solution Type

Vendor Patch

Created

Created

16 years ago

Modified

Modified

6 years ago

Share

Summary

The remote host is missing an update to viewcvs announced via advisory DSA 605-1.

Insight

Insight

Hajvan Sehic discovered several vulnerabilities in viewcvs, a utility for viewing CVS and Subversion repositories via HTTP. When exporting a repository as a tar archive the hide_cvsroot and forbidden settings were not honoured enough. When upgrading the package for woody, please make a copy of your /etc/viewcvs/viewcvs.conf file if you have manually edited this file. Upon upgrade the debconf mechanism may alter it in a way so that viewcvs doesn't understand it anymore. For the stable distribution (woody) these problems have been fixed in version 0.9.2-4woody1. For the unstable distribution (sid) these problems have been fixed in version 0.9.2+cvs.1.0.dev.2004.07.28-1.2. We recommend that you upgrade your viewcvs package.

Solution

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20605-1

Common Vulnerabilities and Exposures (CVE)