First published: Wed Aug 18 2004(Updated: )
CVS 1.11.x before 1.11.17, and 1.12.x before 1.12.9, allows remote attackers to determine the existence of arbitrary files and directories via the -X command for an alternate history file, which causes different error messages to be returned.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Cvs Cvs | =1.11.14 | |
Cvs Cvs | =1.10.6 | |
Cvs Cvs | =1.11.1 | |
Cvs Cvs | =1.11 | |
Cvs Cvs | =1.12.2 | |
Cvs Cvs | =1.11.4 | |
Cvs Cvs | =1.12.7 | |
Cvs Cvs | =1.12.5 | |
Cvs Cvs | =1.11.16 | |
Cvs Cvs | =1.11.5 | |
Cvs Cvs | =1.10.8 | |
Cvs Cvs | =1.11.15 | |
Cvs Cvs | =1.11.11 | |
Cvs Cvs | =1.12.8 | |
Cvs Cvs | =1.11.6 | |
Cvs Cvs | =1.12.1 | |
Cvs Cvs | =1.11.3 | |
Cvs Cvs | =1.11.2 | |
Cvs Cvs | =1.11.10 | |
Cvs Cvs | =1.10.7 | |
Cvs Cvs | =1.11.1_p1 | |
Gnu Cvs | >=1.11.0<1.11.17 | |
Gnu Cvs | >=1.12.0<1.12.9 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.