Test ID:	1.3.6.1.4.1.25623.1.0.51392
Category:	Conectiva Local Security Checks
Title:	Conectiva Security Advisory CLA-2003:561
Summary:	NOSUMMARY
Description:	Description: The remote host is missing updates announced in advisory CLA-2003:561. CVS is a version control system largely used in software projects. During a code audit, Stefan Esser discovered a double free() vulnerability[2][3] in the CVS code. This vulnerability can be exploited by remote users, authenticated or anonymous, to execute arbitrary commands on the server. Please note that users with write access to CVS (the so called commiters) usually already have shell access on the server, or can easily get shell access as has already been discussed elsewhere[4]. Besides fixing the double free vulnerability, the new packages provided with this update now have the Checkin-prog and Update-prog commands disabled. UPDATE The previous CVS update (CLSA-2003:560), while indeed fixing the security vulnerability, introduced problems which prevented it from being used due to the way the Checkin-prog and Update-prog commands where disabled. This has now been fixed. Solution: The apt tool can be used to perform RPM package upgrades by running 'apt-get update' followed by 'apt-get upgrade' http://www.securityspace.com/smysecure/catid.html?in=CLA-2003:561 http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=002003 Risk factor : High CVSS Score: 7.5
Cross-Ref:	BugTraq ID: 6650 Common Vulnerability Exposure (CVE) ID: CVE-2003-0015 http://www.securityfocus.com/bid/6650 Bugtraq: 20030122 [security@slackware.com: [slackware-security] New CVS packages available] (Google Search) http://marc.info/?l=bugtraq&m=104333092200589&w=2 Bugtraq: 20030124 Test program for CVS double-free. (Google Search) http://marc.info/?l=bugtraq&m=104342550612736&w=2 Bugtraq: 20030202 Exploit for CVS double free() for Linux pserver (Google Search) http://marc.info/?l=bugtraq&m=104428571204468&w=2 Caldera Security Advisory: CSSA-2003-006 http://www.cert.org/advisories/CA-2003-02.html CERT/CC vulnerability note: VU#650937 http://www.kb.cert.org/vuls/id/650937 Computer Incident Advisory Center Bulletin: N-032 http://www.ciac.org/ciac/bulletins/n-032.shtml Debian Security Information: DSA-233 (Google Search) http://www.debian.org/security/2003/dsa-233 FreeBSD Security Advisory: FreeBSD-SA-03:01 http://marc.info/?l=bugtraq&m=104438807203491&w=2 http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:009 http://security.e-matters.de/advisories/012003.html http://www.redhat.com/support/errata/RHSA-2003-012.html RedHat Security Advisories: RHSA-2003:013 http://rhn.redhat.com/errata/RHSA-2003-013.html SuSE Security Announcement: SuSE-SA:2003:0007 (Google Search) http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0028.html XForce ISS Database: cvs-doublefree-memory-corruption(11108) https://exchange.xforce.ibmcloud.com/vulnerabilities/11108
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.