In-Reply-To: <20040805175709.6995.qmail@xxxxxxxxxxxxxxxxxxxxxxx> >Received: (qmail 8445 invoked from network); 5 Aug 2004 19:10:40 -0000 >Received: from outgoing.securityfocus.com (HELO outgoing2.securityfocus.com) (205.206.231.26) > by mail.securityfocus.com with SMTP; 5 Aug 2004 19:10:40 -0000 >Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20]) > by outgoing2.securityfocus.com (Postfix) with QMQP > id 465CF1437C6; Thu, 5 Aug 2004 12:02:39 -0600 (MDT) >Mailing-List: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm >Precedence: bulk >List-Id: <bugtraq.list-id.securityfocus.com> >List-Post: <mailto:bugtraq@xxxxxxxxxxxxxxxxx> >List-Help: <mailto:bugtraq-help@xxxxxxxxxxxxxxxxx> >List-Unsubscribe: <mailto:bugtraq-unsubscribe@xxxxxxxxxxxxxxxxx> >List-Subscribe: <mailto:bugtraq-subscribe@xxxxxxxxxxxxxxxxx> >Delivered-To: mailing list bugtraq@xxxxxxxxxxxxxxxxx >Delivered-To: moderator for bugtraq@xxxxxxxxxxxxxxxxx >Received: (qmail 25727 invoked from network); 5 Aug 2004 11:48:48 -0000 >Message-ID: <20040805175709.6995.qmail@xxxxxxxxxxxxxxxxxxxxxxx> >Date: Thu, 5 Aug 2004 10:57:09 -0700 (PDT) >From: Richard Ngo <rtngo@xxxxxxxxx> >Subject: CVStrac Remote Arbitrary Code Execution exploit >To: vulndb@xxxxxxxxxxxxxxxxx >Cc: bugtraq@xxxxxxxxxxxxxxxxx >MIME-Version: 1.0 >Content-Type: text/plain; charset=us-ascii > >Hi, Im Richard Ngo, this is the first time i report an >exploit and found a remote exploit that could allow >arbitrary code execution in CVStrac. > >sample exploit > >filediff?f=CVSROOT/rcsinfo&v1=1.1&v2=1.2;w; > >All versions vulnerable. I have not contacted >cvstrac.org since i cant find their email address. >Please give me credit for the exploit and *please dont >release the exploit code to the public* for other >websites security. Maybe just create an advisory. >Thank you. > The problem has been patched in the CVS archive and in version 1.1.4 of CVSTrac.
