Test ID:	1.3.6.1.4.1.25623.1.0.53293
Category:	Debian Local Security Checks
Title:	Debian: Security Advisory (DSA-605-1)
Summary:	The remote host is missing an update for the Debian 'viewcvs' package(s) announced via the DSA-605-1 advisory.
Description:	Summary: The remote host is missing an update for the Debian 'viewcvs' package(s) announced via the DSA-605-1 advisory. Vulnerability Insight: Haris Sehic discovered several vulnerabilities in viewcvs, a utility for viewing CVS and Subversion repositories via HTTP. When exporting a repository as a tar archive the hide_cvsroot and forbidden settings were not honoured enough. When upgrading the package for woody, please make a copy of your /etc/viewcvs/viewcvs.conf file if you have manually edited this file. Upon upgrade the debconf mechanism may alter it in a way so that viewcvs doesn't understand it anymore. For the stable distribution (woody) these problems have been fixed in version 0.9.2-4woody1. For the unstable distribution (sid) these problems have been fixed in version 0.9.2+cvs.1.0.dev.2004.07.28-1.2. We recommend that you upgrade your viewcvs package. Affected Software/OS: 'viewcvs' package(s) on Debian 3.0. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2004-0915 Debian Security Information: DSA-605 (Google Search) http://www.debian.org/security/2004/dsa-605 XForce ISS Database: viewcvs-repository-weak-security(18369) https://exchange.xforce.ibmcloud.com/vulnerabilities/18369
Copyright	Copyright (C) 2008 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.