THE CERT COORDINATION Center (CERT/CC) security organization has warned of a critical vulnerability in the widely used Concurrent Versions System (CVS) software that could enable an unauthenticated remote attacker with read-only access to execute arbitrary code, alter program operation, read sensitive information, or cause a denial of service to servers. . . .
THE CERT COORDINATION Center (CERT/CC) security organization has warned of a critical vulnerability in the widely used Concurrent Versions System (CVS) software that could enable an unauthenticated remote attacker with read-only access to execute arbitrary code, alter program operation, read sensitive information, or cause a denial of service to servers.

CVS is used by teams of software developers to coordinate their code writing and to maintain a single standard view of the development process to all team members. It runs on several proprietary variants of Unix and on the open-source Linux OS.

It is a key tool for the open-source development community, and has been used in large-scale developments such as the Mozilla browser, the Python programming language, some versions of Linux such as ARM Linux, the freeDOS operating system, and a Palm OS emulator.

The link for this article located at IDG.net is no longer available.