Vulnerabilities > CVE-2000-0679 - Unspecified vulnerability in CVS 1.10.8

047910
CVSS 2.1 - LOW
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
local
low complexity
cvs
exploit available
NVD
Published: 2000-10-20
Updated: 2008-09-05

Summary

The CVS 1.10.8 client trusts pathnames that are provided by the CVS server, which allows the server to force the client to create arbitrary files.

Vulnerable Configurations

Part Description Count
Application
Cvs
1

Exploit-Db

descriptionCVS Kit CVS Server 1.10 .8 Instructed File Create Vulnerability. CVE-2000-0679. Local exploit for unix platform
idEDB-ID:20107
last seen2016-02-02
modified2000-07-28
published2000-07-28
reporterTanaka Akira
sourcehttps://www.exploit-db.com/download/20107/
titleCVS Kit CVS Server 1.10.8 - Instructed File Create Vulnerability

References