Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2000-0679

5 documents4 sources
Severity
2.1LOW
EPSS
0.9%
top 23.75%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
CVS CVS
Timeline
PublishedOct 20
Latest updateApr 30

Description

The CVS 1.10.8 client trusts pathnames that are provided by the CVS server, which allows the server to force the client to create arbitrary files.

CVSS vector

AV:L/AC:L/C:N/I:P/A:NExploitability: 3.9 | Impact: 2.9

Affected Packages1 packages

NVDcvs/cvs1.10.8

🔴Vulnerability Details

2
GHSA
GHSA-xvg2-gfxv-qc4c: The CVS 12022-04-30
CVEList
CVE-2000-0679: The CVS 12001-01-22

💥Exploits & PoCs

2
Exploit-DB
CVS Kit CVS Server 1.10.8 - Instructed File Create2000-07-28
Exploit-DB
Trend Micro Interscan VirusWall 3.2.3/3.3 - 'HELO' Remote Buffer Overflow (1)1999-11-07