Remote Arbitrary File Creation Vulnerability in CVS Client

Remote Arbitrary File Creation Vulnerability in CVS Client

CVE-2004-0180 · LOW Severity

AV:N/AC:H/AU:N/C:N/I:P/A:N

The client for CVS before 1.11 allows a remote malicious CVS server to create arbitrary files using certain RCS diff files that use absolute pathnames during checkouts or updates, a different vulnerability than CVE-2004-0405.

Learn more about our Cis Benchmark Audit For Server Software.