CVE-2004-0405

Description

CVS before 1.11 allows CVS clients to read arbitrary files via .. (dot dot) sequences in filenames via CVS client requests, a different vulnerability than CVE-2004-0180.

Affected packages (1)

• Debian/cvsfrom 0, < 1:1.12.5-4

References (1)

• ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2004-0405