CVE-2000-0679
CVS 1.10.8 - Arbitrary File Creation via Server-Provided Pathnames
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2000-0679. PoCs published by Tanaka Akira.
AI-analyzed exploit summary This exploit demonstrates a path traversal vulnerability in CVS clients where a malicious server can trick the client into creating files in arbitrary locations. The PoC uses a fake CVS server script to create a file in /tmp/foo by manipulating the server's responses.
Description
The CVS 1.10.8 client trusts pathnames that are provided by the CVS server, which allows the server to force the client to create arbitrary files.
Exploits (1)
This exploit demonstrates a path traversal vulnerability in CVS clients where a malicious server can trick the client into creating files in arbitrary locations. The PoC uses a fake CVS server script to create a file in /tmp/foo by manipulating the server's responses.