|Category:||Red Hat Local Security Checks|
|Title:||RedHat Update for cvs RHSA-2012:0321-01|
|Summary:||The remote host is missing an update for the 'cvs'; package(s) announced via the referenced advisory.|
The remote host is missing an update for the 'cvs'
package(s) announced via the referenced advisory.
Concurrent Version System (CVS) is a version control system that can record
the history of your files.
A heap-based buffer overflow flaw was found in the way the CVS client
handled responses from HTTP proxies. A malicious HTTP proxy could use this
flaw to cause the CVS client to crash or, possibly, execute arbitrary code
with the privileges of the user running the CVS client. (CVE-2012-0804)
All users of cvs are advised to upgrade to these updated packages, which
contain a patch to correct this issue.
cvs on Red Hat Enterprise Linux (v. 5 server)
Please Install the Updated Packages.
Common Vulnerability Exposure (CVE) ID: CVE-2012-0804|
BugTraq ID: 51943
Debian Security Information: DSA-2407 (Google Search)
RedHat Security Advisories: RHSA-2012:0321
SuSE Security Announcement: openSUSE-SU-2012:0310 (Google Search)
XForce ISS Database: cvs-proxyconnect-bo(73097)
|Copyright||Copyright (c) 2012 Greenbone Networks GmbH|
|This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.