[Full-disclosure] [gentoo-announce] [ GLSA 200504-16 ] CVS: Multiple vulnerabilities

From: Sune Kloppenborg Jeppesen (jaervosz_at_gentoo.org)
Date: 04/18/05

  • Next message: Morning Wood: "[Full-disclosure] WebcamXP"
    Date: Mon, 18 Apr 2005 22:45:05 +0200
    To: the_eye@drei.at
    
    
    
    

    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    Gentoo Linux Security Advisory GLSA 200504-16
    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
                                                http://security.gentoo.org/
    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

      Severity: High
         Title: CVS: Multiple vulnerabilities
          Date: April 18, 2005
          Bugs: #86476
            ID: 200504-16

    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

    Synopsis
    ========

    Several serious vulnerabilities have been found in CVS, which may allow
    an attacker to remotely compromise a CVS server or cause a DoS.

    Background
    ==========

    CVS (Concurrent Versions System) is an open-source network-transparent
    version control system. It contains both a client utility and a server.

    Affected packages
    =================

        -------------------------------------------------------------------
         Package / Vulnerable / Unaffected
        -------------------------------------------------------------------
      1 dev-util/cvs < 1.11.18-r1 >= 1.11.18-r1

    Description
    ===========

    Alen Zukich has discovered several serious security issues in CVS,
    including at least one buffer overflow (CAN-2005-0753), memory leaks
    and a NULL pointer dereferencing error.

    Impact
    ======

    An attacker could exploit these vulnerabilities to cause a Denial of
    Service or execute arbitrary code with the permissions of the CVS
    pserver or the authenticated user (depending on the connection method
    used).

    Workaround
    ==========

    There is no known workaround at this time.

    Resolution
    ==========

    All CVS users should upgrade to the latest version:

        # emerge --sync
        # emerge --ask --oneshot --verbose ">=dev-util/cvs-1.11.18-r1"

    References
    ==========

      [ 1 ] CAN-2005-0753
            http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0753

    Availability
    ============

    This GLSA and any updates to it are available for viewing at
    the Gentoo Security Website:

      http://security.gentoo.org/glsa/glsa-200504-16.xml

    Concerns?
    =========

    Security is a primary focus of Gentoo Linux and ensuring the
    confidentiality and security of our users machines is of utmost
    importance to us. Any security concerns should be addressed to
    security@gentoo.org or alternatively, you may file a bug at
    http://bugs.gentoo.org.

    License
    =======

    Copyright 2005 Gentoo Foundation, Inc; referenced text
    belongs to its owner(s).

    The contents of this document are licensed under the
    Creative Commons - Attribution / Share Alike license.

    http://creativecommons.org/licenses/by-sa/2.0

    
    

    -- 
    gentoo-announce@gentoo.org mailing list
    
    

    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.grok.org.uk/full-disclosure-charter.html
    Hosted and sponsored by Secunia - http://secunia.com/

    -- 
    gentoo-announce@gentoo.org mailing list
    


  • Next message: Morning Wood: "[Full-disclosure] WebcamXP"

    Relevant Pages

    • Re: CVS woes: .cvspass
      ... > in CVS. ... I suppose You're talking about UID/GID based security. ... guarantee any security whatsoever for a CVS repository using CVSpserver ... IPsec can only be used to protect virtual circuts that might happen to ...
      (Bugtraq)
    • [ GLSA 200504-16 ] CVS: Multiple vulnerabilities
      ... Several serious vulnerabilities have been found in CVS, ... an attacker to remotely compromise a CVS server or cause a DoS. ... Alen Zukich has discovered several serious security issues in CVS, ...
      (Bugtraq)
    • Re: NFS and apache...
      ... NFS is insecure (No File Security) since there is no authentication. ... Unless you have problems with diskspace, why not just use rsync? ... When I work on a website I tend to start with the site directory in cvs ... and webserver to be able to reach the cvs server. ...
      (freebsd-questions)
    • Re: NFS and apache...
      ... I didn't want to touch the security problems with this as I assumed that the original poster knows about them. ... I'm an old C programmer and CVS and Make are tools that I'm used to so I usually add a really simple make file to the web tree... ... This is also nice since it only depends on the ability for both your development machine and webserver to be able to reach the cvs server. ...
      (freebsd-questions)
    • [Full-disclosure] [ GLSA 200504-16 ] CVS: Multiple vulnerabilities
      ... Several serious vulnerabilities have been found in CVS, ... an attacker to remotely compromise a CVS server or cause a DoS. ... Alen Zukich has discovered several serious security issues in CVS, ...
      (Full-Disclosure)