REDHAT-BUG-1480800: Command Injection
Published Aug 11, 2017
·Updated
Command injection vulnerability was found in CVS that can be triggered via malicious SSH URLs.
References:
http://www.openwall.com/lists/oss-security/2017/08/11/1
Affected Software
1 affected component
CVS CVS
Event History
Aug 11, 2017
Data Sourced
via Red Hat·10:22 PM
DescriptionSeverityAffected Software
Frequently Asked Questions
1
What is the severity of REDHAT-BUG-1480800?
The severity of REDHAT-BUG-1480800 is considered high due to the potential for command injection through malicious SSH URLs.
2
How do I fix REDHAT-BUG-1480800?
To fix REDHAT-BUG-1480800, update the CVS package to the latest version that has addressed this vulnerability.
3
What systems are affected by REDHAT-BUG-1480800?
The affected system includes CVS software that processes SSH URLs.
4
What type of vulnerability is REDHAT-BUG-1480800?
REDHAT-BUG-1480800 is a command injection vulnerability that can be exploited through specially crafted SSH URLs.
5
How can I mitigate the risks associated with REDHAT-BUG-1480800?
To mitigate the risks of REDHAT-BUG-1480800, restrict the use of CVS and monitor for unauthorized access attempts through SSH.