English | Deutsch | Español | Português
 UserID:
 Passwd:
new user
 About:   Dedicated  | Advanced  | Standard  | Recurring  | No Risk  | Desktop  | Basic  | Single  | Security Seal  | FAQ
  Price/Feature Summary  | Order  | New Vulnerabilities  | Confidentiality  | Vulnerability Search
 Vulnerability   
Search   
    Search 75803 CVE descriptions
and 40037 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.51392
Category:Conectiva Local Security Checks
Title:Conectiva Security Advisory CLA-2003:561
Summary:Conectiva Security Advisory CLA-2003:561
Description:
The remote host is missing updates announced in
advisory CLA-2003:561.

CVS is a version control system largely used in software projects.

During a code audit, Stefan Esser discovered a double free()
vulnerability[2][3] in the CVS code. This vulnerability can be
exploited by remote users, authenticated or anonymous, to execute
arbitrary commands on the server.

Please note that users with write access to CVS (the so called
commiters) usually already have shell access on the server, or can
easily get shell access as has already been discussed elsewhere[4].

Besides fixing the double free vulnerability, the new packages
provided with this update now have the Checkin-prog and Update-prog
commands disabled.


UPDATE
The previous CVS update (CLSA-2003:560), while indeed fixing the
security vulnerability, introduced problems which prevented it from
being used due to the way the Checkin-prog and Update-prog commands
where disabled. This has now been fixed.


Solution:
The apt tool can be used to perform RPM package upgrades
by running 'apt-get update' followed by 'apt-get upgrade'

http://www.securityspace.com/smysecure/catid.html?in=CLA-2003:561
http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=002003

Risk factor : High
Cross-Ref: BugTraq ID: 6650
Common Vulnerability Exposure (CVE) ID: CVE-2003-0015
http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0028.html
http://security.e-matters.de/advisories/012003.html
Bugtraq: 20030124 Test program for CVS double-free. (Google Search)
http://marc.theaimsgroup.com/?l=bugtraq&m=104342550612736&w=2
Bugtraq: 20030202 Exploit for CVS double free() for Linux pserver (Google Search)
http://marc.theaimsgroup.com/?l=bugtraq&m=104428571204468&w=2
http://www.cert.org/advisories/CA-2003-02.html
Caldera Security Advisory: CSSA-2003-006
Debian Security Information: DSA-233 (Google Search)
http://www.debian.org/security/2003/dsa-233
FreeBSD Security Advisory: FreeBSD-SA-03:01
http://marc.theaimsgroup.com/?l=bugtraq&m=104438807203491&w=2
http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:009
http://www.redhat.com/support/errata/RHSA-2003-012.html
RedHat Security Advisories: RHSA-2003:013
http://rhn.redhat.com/errata/RHSA-2003-013.html
SuSE Security Announcement: SuSE-SA:2003:0007 (Google Search)
Bugtraq: 20030122 [security@slackware.com: [slackware-security] New CVS packages available] (Google Search)
http://marc.theaimsgroup.com/?l=bugtraq&m=104333092200589&w=2
Computer Incident Advisory Center Bulletin: N-032
http://www.ciac.org/ciac/bulletins/n-032.shtml
CERT/CC vulnerability note: VU#650937
http://www.kb.cert.org/vuls/id/650937
http://www.securityfocus.com/bid/6650
XForce ISS Database: cvs-doublefree-memory-corruption(11108)
http://xforce.iss.net/xforce/xfdb/11108
CopyrightCopyright (c) 2005 E-Soft Inc. http://www.securityspace.com

This is only one of 40037 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

New User Registration
Email:
UserID:
Passwd:
Please email me your monthly newsletters, informing the latest services, improvements & surveys.
Please email me a vulnerability test announcement whenever a new test is added.
   Privacy
Registered User Login
 
UserID:   
Passwd:  

 Forgot userid or passwd?
Email/Userid:




Home | About Us | Contact Us | Partner Programs | Developer APIs | Privacy | Mailing Lists | Abuse
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe | Whois

© 1998-2014 E-Soft Inc. All rights reserved.