CVE-2000-0680
NONE EPSS 67.8%
Published Oct 20, 200025y ago · Modified Jun 16, 20262w ago
Published Oct 20, 2000 25y ago
Last Modified Jun 16, 2026 2w ago
Description
The CVS 1.10.8 server does not properly restrict users from creating arbitrary Checkin.prog or Update.prog programs, which allows remote CVS committers to modify or create Trojan horse programs with the Checkin.prog or Update.prog names, then performing a CVS commit action.
Threat Intelligence
EPSS Exploit Probability
67.8% percentile
Exploit & Patch Status
Public Exploit Known
Patch Available
Affected Products 1
| Vendor | Product | Version | Range |
|---|---|---|---|
| cvs | cvs | 1.10.8 | any |
References 2
- securityfocus.com http://www.securityfocus.com/bid/1524
- securityfocus.com http://www.securityfocus.com/frames/?content=/templates/archive.pike%3Flist%3D1%26msg%3Dhvou2daoebb.fsf%40serein.m17n.org
Remediation
- securityfocus.com http://www.securityfocus.com/bid/1524