CVE-2000-0680

NONE EPSS 67.8%
Published Oct 20, 200025y ago · Modified Jun 16, 20262w ago
Find Similar
Published Oct 20, 2000 25y ago
Last Modified Jun 16, 2026 2w ago

Description

The CVS 1.10.8 server does not properly restrict users from creating arbitrary Checkin.prog or Update.prog programs, which allows remote CVS committers to modify or create Trojan horse programs with the Checkin.prog or Update.prog names, then performing a CVS commit action.

Threat Intelligence

EPSS Exploit Probability
67.8% percentile
Exploit & Patch Status
Public Exploit Known
Patch Available

Affected Products 1

VendorProductVersionRange
cvscvs1.10.8any

References 2

  • securityfocus.com http://www.securityfocus.com/bid/1524
    ExploitPatchVendor Advisory
  • securityfocus.com http://www.securityfocus.com/frames/?content=/templates/archive.pike%3Flist%3D1%26msg%3Dhvou2daoebb.fsf%40serein.m17n.org
    ExploitVendor Advisory

Remediation