|[Home] [Credit Search] [Category Browser] [Staff Roll Call]||The LINUX.COM Article Archive|
|Originally Published: Saturday, 15 July 2000||Author: Alexander Reelsen|
|Published to: news_enhance_security/Security News||Page: 1/1 - [Std View]|
Mandrake Security Update - cvsweb
Cvsweb contains a hole that provides attackers who have write access to a cvs repository with shell access. Thus, attackers who have write access to a cvs repository but not shell access can obtain a shell.