Pen testing a CVS server

From: Bugsy (bugsy9999@yahoo.com)
Date: Sun May 18 2003 - 10:17:09 EDT


Hi,

Im pentesting a server, which is running CVSpserver. I
have gone through the CVS documentation and read other
posts on securityfocus mailing lists. I am listing
below what I have done so far, and would like to know
if there is anything else that can be done with this.

First, trying to login to the pserver with the
command:

cvs -d :pserver:root@host.domain.com:/wrong/cvs/root
login
yields the information, of whether the repository is
correct or not. Enumerating this, I have found the
correct repository.

Enumerating usernames:
cvs -d :pserver:luser@host.domain.com:/wrong/cvs/root
login
Tells me whether luser exists on the server or not. I
get luser: no such user if its a non-existent
username.

Checking passwords
cvs -d :pserver:root@host.domain.com:/wrong/cvs/root
login
Tells me if i got the root password right or not.

Is there anything else that can be done. More
specifically, is there some way to find out the
version of the CVS server, without being able to
login.

Also, now that CVS server is that popular, shouldn't
they build in basic security measures such as giving
the same failure message whether the username,
password or repository is wrong?

-Bugsy

__________________________________
Do you Yahoo!?
The New Yahoo! Search - Faster. Easier. Bingo.
http://search.yahoo.com

---------------------------------------------------------------------------
*** Wireless LAN Policies for Security & Management - NEW White Paper ***
Just like wired networks, wireless LANs require network security policies
that are enforced to protect WLANs from known vulnerabilities and threats.
Learn to design, implement and enforce WLAN security policies to lockdown enterprise WLANs.

To get your FREE white paper visit us at:
http://www.securityfocus.com/AirDefense-pen-test
----------------------------------------------------------------------------



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:33 EDT