CVS server before 1.11.10 may allow attackers to cause the CVS server to create directories and files in the file system root directory via malformed module requests.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Cvs | Cvs | 1.10.7 | 1.10.7 |
Cvs | Cvs | 1.10.8 | 1.10.8 |
Cvs | Cvs | 1.11 | 1.11 |
Cvs | Cvs | 1.11.1 | 1.11.1 |
Cvs | Cvs | 1.11.1_p1 | 1.11.1_p1 |
Cvs | Cvs | 1.11.2 | 1.11.2 |
Cvs | Cvs | 1.11.3 | 1.11.3 |
Cvs | Cvs | 1.11.4 | 1.11.4 |
Cvs | Cvs | 1.11.5 | 1.11.5 |
Cvs | Cvs | 1.11.6 | 1.11.6 |
Red Hat Enterprise Linux 3 | RedHat | cvs-0:1.11.2-14 | * |