CVSTrac invalid ticket DoS

Summary
The remote host seems to be running cvstrac, a web-based bug and patch-set tracking system for CVS. This version contains a flaw related to invalid tickets that may allow an attacker to cause the application to crash. An attacker, exploiting this flaw, would be able to remotely shut down the cvstrac server. ***** OVS has determined the vulnerability exists on the target ***** simply by looking at the version number(s) of CVSTrac ***** installed there.
Solution
Update to version 1.1.4 or disable this CGI suite