← CVECheck
HomeVulnerabilities

CVE-2000-0680 — HIGH severity vulnerability (The CVS 1.10.8 server does not properly restrict users from)

The CVS 1.10.8 server does not properly restrict users from creating arbitrary Checkin.prog or Update.prog programs, which allows remote CVS committers to modify or create Trojan horse programs with the Checkin.prog or Update.prog names, then performing a CVS commit action.

CVE IDCVE-2000-0680
SeverityHIGH
CVSS score7.2
CVSS vectorAV:L/AC:L/Au:N/C:C/I:C/A:C
CWENVD-CWE-Other
StatusModified
Published2000-10-20
Last modified2026-04-16
DescriptionThe CVS 1.10.8 server does not properly restrict users from creating arbitrary Checkin.prog or Update.prog programs, which allows remote CVS committers to modify or create Trojan horse programs with the Checkin.prog or Update.prog names, then performing a CVS commit action.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →