[thelist] News Item: Major Security Flaw in CVS

shawn allen shawn at alterior.net
Fri Jan 24 11:07:00 CST 2003

quoth Boris Mann:
> But of course, everyone knew that telnet is *inherently insecure*, so
> never used it for anything mission critical.

Well yeah, but you could say the same about the pserver authentication
mode in CVS, which is where the vulnerability was found (you *do* use
CVS over ssh, right? ;)). Jason has a good point, though.

shawn allen

More information about the thelist mailing list