CVE-2004-0180

描述

The client for CVS before 1.11 allows a remote malicious CVS server to create arbitrary files using certain RCS diff files that use absolute pathnames during checkouts or updates, a different vulnerability than CVE-2004-0405.

受影響套件(2)

• Debian/cvsfrom 0, < 1:1.12.5-4
• Debian/cvsfrom 0, < 1.11.1p1debian-9woody2

參考連結(1)

• ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2004-0180