5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.011 Low
EPSS
Percentile
84.5%
Two programming errors were discovered in which path names
handled by CVS were not properly validated. In one case,
the CVS client accepts absolute path names from the server
when determining which files to update. In another case,
the CVS server accepts relative path names from the client
when determining which files to transmit, including those
containing references to parent directories (`…/').
These programming errors generally only have a security
impact when dealing with remote CVS repositories.
A malicious CVS server may cause a CVS client to overwrite
arbitrary files on the client’s system.
A CVS client may request RCS files from a remote system
other than those in the repository specified by $CVSROOT.
These RCS files need not be part of any CVS repository
themselves.