CVS Client RCS Diff File Corruption Vulnerability

info
discussion
exploit
solution
references

CVS Client RCS Diff File Corruption Vulnerability

A vulnerability has been discovered in the CVS client. It is reported that a problem in the revision control system (RCS) diff files may allow an attacker to create an arbitrary file on a remote system. The file will be created with the privileges of the user who is invoking the CVS client.