|Category:||Web application abuses|
|Summary:||Checks for the version of ViewCVS|
The remote host seems to be running ViewCVS, an open source CGI written in
python designed to access CVS directories using a web interface.
The remote version of this software is vulnerable to many cross-site scripting
flaws though the script 'viewcvs'.
Using a specially crafted URL, an attacker can cause arbitrary code execution
for third party users, thus resulting in a loss of integrity of their system.
Solution : Update to the latest version of this software
See also: http://viewcvs.sourceforge.net/
BugTraq ID: 4818|
Common Vulnerability Exposure (CVE) ID: CVE-2002-0771
Bugtraq: 20020518 cross-site scripting bug of ViewCVS (Google Search)
|Copyright||This script is Copyright (C) 2004 David Maciejak|
|This is only one of 40605 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.