Test ID:	1.3.6.1.4.1.25623.1.0.51392
Category:	Conectiva Local Security Checks
Title:	Conectiva Security Advisory CLA-2003:561
Summary:	Conectiva Security Advisory CLA-2003:561
Description:	The remote host is missing updates announced in advisory CLA-2003:561. CVS is a version control system largely used in software projects. During a code audit, Stefan Esser discovered a double free() vulnerability[2][3] in the CVS code. This vulnerability can be exploited by remote users, authenticated or anonymous, to execute arbitrary commands on the server. Please note that users with write access to CVS (the so called commiters) usually already have shell access on the server, or can easily get shell access as has already been discussed elsewhere[4]. Besides fixing the double free vulnerability, the new packages provided with this update now have the Checkin-prog and Update-prog commands disabled. UPDATE The previous CVS update (CLSA-2003:560), while indeed fixing the security vulnerability, introduced problems which prevented it from being used due to the way the Checkin-prog and Update-prog commands where disabled. This has now been fixed. Solution: The apt tool can be used to perform RPM package upgrades by running 'apt-get update' followed by 'apt-get upgrade' http://www.securityspace.com/smysecure/catid.html?in=CLA-2003:561 http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=002003 Risk factor : High
Cross-Ref:	BugTraq ID: 6650 Common Vulnerability Exposure (CVE) ID: CVE-2003-0015 http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0028.html http://security.e-matters.de/advisories/012003.html Bugtraq: 20030124 Test program for CVS double-free. (Google Search) http://marc.theaimsgroup.com/?l=bugtraq&m=104342550612736&w=2 Bugtraq: 20030202 Exploit for CVS double free() for Linux pserver (Google Search) http://marc.theaimsgroup.com/?l=bugtraq&m=104428571204468&w=2 http://www.cert.org/advisories/CA-2003-02.html Caldera Security Advisory: CSSA-2003-006 Debian Security Information: DSA-233 (Google Search) http://www.debian.org/security/2003/dsa-233 FreeBSD Security Advisory: FreeBSD-SA-03:01 http://marc.theaimsgroup.com/?l=bugtraq&m=104438807203491&w=2 http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:009 http://www.redhat.com/support/errata/RHSA-2003-012.html RedHat Security Advisories: RHSA-2003:013 http://rhn.redhat.com/errata/RHSA-2003-013.html SuSE Security Announcement: SuSE-SA:2003:0007 (Google Search) Bugtraq: 20030122 [security@slackware.com: [slackware-security] New CVS packages available] (Google Search) http://marc.theaimsgroup.com/?l=bugtraq&m=104333092200589&w=2 Computer Incident Advisory Center Bulletin: N-032 http://www.ciac.org/ciac/bulletins/n-032.shtml CERT/CC vulnerability note: VU#650937 http://www.kb.cert.org/vuls/id/650937 http://www.securityfocus.com/bid/6650 XForce ISS Database: cvs-doublefree-memory-corruption(11108) http://xforce.iss.net/xforce/xfdb/11108
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

This is only one of 32582 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.

New User Registration Email: UserID: Passwd: Please email me your monthly newsletters, informing the latest services, improvements & surveys. Please email me a vulnerability test announcement whenever a new test is added.     Privacy

Registered User Login   UserID:     Passwd:     Forgot userid or passwd? Email/Userid: