CVS Cvsbug.In Script Insecure Temporary File Creation Vulnerability

info
discussion
exploit
solution
references

CVS Cvsbug.In Script Insecure Temporary File Creation Vulnerability

CVS creates temporary files in an insecure manner.

The vulnerability is due to the program creating temporary files with a predictable name in the '/tmp' directory.

Exploitation would most likely result in loss of data or a denial of service if critical files are overwritten in the attack. Other attacks may be possible as well.