FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

viewcvs -- information leakage

Affected packages
viewcvs < 0.9.2_2

Details

VuXML ID 323784cf-48a6-11d9-a9e7-0001020eed82
Discovery 2004-11-25
Entry 2004-12-08
Modified 2004-12-12

The hide_cvsroot and forbidden configuration options are not properly honored by viewcvs when exporting to a tar file which can lead to information leakage.

References

Bugtraq ID 11819
CVE Name CVE-2004-0915

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.