• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

CVS Server Piped Checkout Access Validation Vulnerability

CVS server has been reported prone to an access validation vulnerability. It is reported that the CVS server does not sufficiently validate piped checkouts. The CVS server may honor a request for a piped checkout for a path that resides outside of the cvsroot.

Data that is harvested in this manner may be used to aid in further attacks that are launched against the target server.