CVE-2003-0977

NONE EPSS 81.1%
Published Jan 5, 200422y ago · Modified Jun 16, 20262w ago
Find Similar
Published Jan 5, 2004 22y ago
Last Modified Jun 16, 2026 2w ago

Description

CVS server before 1.11.10 may allow attackers to cause the CVS server to create directories and files in the file system root directory via malformed module requests.

Threat Intelligence

EPSS Exploit Probability
81.1% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 13

VendorProductVersionRange
cvscvs1.10.7any
cvscvs1.10.8any
cvscvs1.11any
cvscvs1.11.1any
cvscvs1.11.1_p1any
cvscvs1.11.2any
cvscvs1.11.3any
cvscvs1.11.4any
cvscvs1.11.5any
cvscvs1.11.6any
slackwareslackware_linux8.1any
slackwareslackware_linux9.0any
slackwareslackware_linux9.1any

References 15

  • patches.sgi.com ftp://patches.sgi.com/support/free/security/advisories/20040103-01-U.asc
  • patches.sgi.com ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc
  • ccvs.cvshome.org http://ccvs.cvshome.org/servlets/NewsItemView?newsID=84&JServSessionIdservlets=8u3x1myav1
    Patch
  • distro.conectiva.com.br http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000808
  • marc.info http://marc.info/?l=bugtraq&m=107168035515554&w=2
  • marc.info http://marc.info/?l=bugtraq&m=107540163908129&w=2
  • secunia.com http://secunia.com/advisories/10601
  • debian.org http://www.debian.org/security/2004/dsa-422
    PatchVendor Advisory
  • mandriva.com http://www.mandriva.com/security/advisories?name=MDKSA-2003:112
  • redhat.com http://www.redhat.com/support/errata/RHSA-2004-003.html
  • redhat.com http://www.redhat.com/support/errata/RHSA-2004-004.html
  • exchange.xforce.ibmcloud.com https://exchange.xforce.ibmcloud.com/vulnerabilities/13929
  • oval.cisecurity.org https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11528
  • oval.cisecurity.org https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A855
  • oval.cisecurity.org https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A866

Remediation

  • ccvs.cvshome.org http://ccvs.cvshome.org/servlets/NewsItemView?newsID=84&JServSessionIdservlets=8u3x1myav1
    Patch
  • debian.org http://www.debian.org/security/2004/dsa-422
    PatchVendor Advisory