Multiple unknown vulnerabilities in viewcvs before 0.9.2, when exporting a repository as a tar archive, does not properly implement the hide_cvsroot and forbidden settings, which could allow remote attackers to gain sensitive information.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Viewcvs | Viewcvs | 0.9.2 (including) | 0.9.2 (including) |
Viewcvs | Ubuntu | dapper | * |
Viewcvs | Ubuntu | devel | * |
Viewcvs | Ubuntu | edgy | * |
Viewcvs | Ubuntu | feisty | * |
Viewvc | Ubuntu | devel | * |