CVE-2005-2693: Medium severity cvs cvs vulnerability
Published Aug 25, 2005
·Updated
cvsbug in CVS 1.12.12 and earlier creates temporary files insecurely, which allows local users to overwrite arbitrary files and execute arbitrary code via a symlink attack.
Affected Software
1 affected component
CVS CVS=1.12.12
Remediation
Patch Available
Event History
Aug 25, 2005
CVE Published
via MITRE·08:00 AM
Data Sourced
via MITRE·08:00 AM
Description
Frequently Asked Questions
1
What is the severity of CVE-2005-2693?
CVE-2005-2693 is classified as a high severity vulnerability due to its potential for local users to execute arbitrary code.
2
How do I fix CVE-2005-2693?
To mitigate CVE-2005-2693, upgrade to a fixed version of CVS that is newer than 1.12.12.
3
What type of attack does CVE-2005-2693 exploit?
CVE-2005-2693 exploits a symlink attack that allows local users to overwrite arbitrary files.
4
Which versions of CVS are affected by CVE-2005-2693?
CVS versions 1.12.12 and earlier are affected by CVE-2005-2693.
5
Can CVE-2005-2693 be exploited remotely?
No, CVE-2005-2693 can only be exploited locally by users with access to the system.