[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: CVS/Checkin.prog security hole status?

From: Derek R. Price
Subject: Re: CVS/Checkin.prog security hole status?
Date: Tue, 07 Nov 2000 11:39:22 -0500

Dan Kegel wrote:

> Have the security issues identified in
> been resolved yet?
> They were: "CVS/Checkin.prog and CVS/Update.prog can be
> replaced with an arbitrary binary, which will be blindly
> executed on the server"
> and "the client trusts paths sent from the server too much,
> so a malicious server can overwrite arbitrary files on client".
> I just checked the latest dev sources via anonymous CVS,
> and the quick and dirty fix suggested by that post for the first issue
> hasn't been applied.  Has a more subtle fix been applied, or
> is this still outstanding?

I can't find anything in the ChangeLog, but following the thread, it
seems that the people who might have worked on a fix decided that the
urgency was low as it didn't affect users with read-only access but was
only possible if the attacker already had write access to the repository.

Derek Price                      CVS Solutions Architect ( )
mailto:address@hidden     OpenAvenue ( )
"I wish you and yours every joy in life, old chap, and tons of money, and

may you never die till I shoot you."

 -James Joyce, "Dubliners"

reply via email to

[Prev in Thread] Current Thread [Next in Thread]