CVE-2003-0977
NONE EPSS 81.1%
Published Jan 5, 200422y ago · Modified Jun 16, 20262w ago
Published Jan 5, 2004 22y ago
Last Modified Jun 16, 2026 2w ago
Description
CVS server before 1.11.10 may allow attackers to cause the CVS server to create directories and files in the file system root directory via malformed module requests.
Threat Intelligence
EPSS Exploit Probability
81.1% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Affected Products 13
References 15
- patches.sgi.com ftp://patches.sgi.com/support/free/security/advisories/20040103-01-U.asc
- patches.sgi.com ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc
- ccvs.cvshome.org http://ccvs.cvshome.org/servlets/NewsItemView?newsID=84&JServSessionIdservlets=8u3x1myav1
- distro.conectiva.com.br http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000808
- marc.info http://marc.info/?l=bugtraq&m=107168035515554&w=2
- marc.info http://marc.info/?l=bugtraq&m=107540163908129&w=2
- secunia.com http://secunia.com/advisories/10601
- debian.org http://www.debian.org/security/2004/dsa-422
- mandriva.com http://www.mandriva.com/security/advisories?name=MDKSA-2003:112
- redhat.com http://www.redhat.com/support/errata/RHSA-2004-003.html
- redhat.com http://www.redhat.com/support/errata/RHSA-2004-004.html
- exchange.xforce.ibmcloud.com https://exchange.xforce.ibmcloud.com/vulnerabilities/13929
- oval.cisecurity.org https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11528
- oval.cisecurity.org https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A855
- oval.cisecurity.org https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A866
Remediation
- ccvs.cvshome.org http://ccvs.cvshome.org/servlets/NewsItemView?newsID=84&JServSessionIdservlets=8u3x1myav1
- debian.org http://www.debian.org/security/2004/dsa-422