Summary
The remote CVS server, according to its version number, can be exploited by malicious users to gain knowledge of certain system information.
This behaviour can be exploited to determine the existence and permissions of arbitrary files and directories on a vulnerable system.
Solution
Upgrade to CVS 1.11.17 and 1.12.9, or newer
Severity
Classification
-
CVE CVE-2004-0778 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N
Related Vulnerabilities
- Apple Safari Multiple Memory Corruption Vulnerabilities-01 Aug14 (Mac OS X)
- Apple Safari Webkit Multiple Vulnerabilities - June13 (Mac OS X)
- Adobe Flex SDK 'SWF' Files Cross-Site Scripting Vulnerability (Windows)
- Apache Tomcat Default Accounts
- Apple Safari Multiple Memory Corruption Vulnerabilities-03 Aug14 (Mac OS X)