ID CVE-2003-0977
Summary CVS server before 1.11.10 may allow attackers to cause the CVS server to create directories and files in the file system root directory via malformed module requests.
References
Vulnerable Configurations
  • cpe:2.3:a:cvs:cvs:1.10.7
    cpe:2.3:a:cvs:cvs:1.10.7
  • cpe:2.3:a:cvs:cvs:1.10.8
    cpe:2.3:a:cvs:cvs:1.10.8
  • cpe:2.3:a:cvs:cvs:1.11
    cpe:2.3:a:cvs:cvs:1.11
  • cpe:2.3:a:cvs:cvs:1.11.1
    cpe:2.3:a:cvs:cvs:1.11.1
  • cpe:2.3:a:cvs:cvs:1.11.1_p1
    cpe:2.3:a:cvs:cvs:1.11.1_p1
  • cpe:2.3:a:cvs:cvs:1.11.2
    cpe:2.3:a:cvs:cvs:1.11.2
  • cpe:2.3:a:cvs:cvs:1.11.3
    cpe:2.3:a:cvs:cvs:1.11.3
  • cpe:2.3:a:cvs:cvs:1.11.4
    cpe:2.3:a:cvs:cvs:1.11.4
  • cpe:2.3:a:cvs:cvs:1.11.5
    cpe:2.3:a:cvs:cvs:1.11.5
  • cpe:2.3:a:cvs:cvs:1.11.6
    cpe:2.3:a:cvs:cvs:1.11.6
  • Slackware Linux 8.1
    cpe:2.3:o:slackware:slackware_linux:8.1
  • Slackware Linux 9.0
    cpe:2.3:o:slackware:slackware_linux:9.0
  • Slackware Linux 9.1
    cpe:2.3:o:slackware:slackware_linux:9.1
CVSS
Base: 7.5 (as of 01-01-2004 - 00:00)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
nessus via4
  • NASL family Mandriva Local Security Checks
    NASL id MANDRAKE_MDKSA-2003-112.NASL
    description A vulnerability was discovered in the CVS server < 1.11.10 where a malformed module request could cause the CVS server to attempt to create directories and possibly files at the root of the filesystem holding the CVS repository. Updated packages are available that fix the vulnerability by providing CVS 1.11.10 on all supported distributions. Update : The previous updates had an incorrect temporary directory hard-coded in the cvs binary for 9.1 and 9.2. This update corrects the problem.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 14094
    published 2004-07-31
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=14094
    title Mandrake Linux Security Advisory : cvs (MDKSA-2003:112-1)
  • NASL family Misc.
    NASL id CVS_DIR_CREATE.NASL
    description According to its version number, the CVS server running on the remote remote host may allow an attacker to create directories (and possibly files) at the root of the filesystem where the CVS repository is located.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 11947
    published 2003-12-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=11947
    title CVS pserver Crafted Module Request Arbitrary File / Directory Creation
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2004-004.NASL
    description Updated cvs packages closing a vulnerability that could allow cvs to attempt to create files and directories in the root file system are now available. CVS is a version control system frequently used to manage source code repositories. A flaw was found in versions of CVS prior to 1.11.10 where a malformed module request could cause the CVS server to attempt to create files or directories at the root level of the file system. However, normal file system permissions would prevent the creation of these misplaced directories. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2003-0977 to this issue. Users of CVS are advised to upgrade to these erratum packages, which contain a patch correcting this issue. For Red Hat Enterprise Linux 2.1, these updates also fix an off-by-one overflow in the CVS PreservePermissions code. The PreservePermissions feature is not used by default (and can only be used for local CVS). The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2002-0844 to this issue.
    last seen 2019-02-21
    modified 2018-11-27
    plugin id 12446
    published 2004-07-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=12446
    title RHEL 2.1 / 3 : cvs (RHSA-2004:004)
oval via4
  • accepted 2013-04-29T04:14:35.172-04:00
    class vulnerability
    contributors
    • name Aharon Chernin
      organization SCAP.com, LLC
    • name Dragos Prisaca
      organization G2, Inc.
    definition_extensions
    • comment The operating system installed on the system is Red Hat Enterprise Linux 3
      oval oval:org.mitre.oval:def:11782
    • comment CentOS Linux 3.x
      oval oval:org.mitre.oval:def:16651
    description CVS server before 1.11.10 may allow attackers to cause the CVS server to create directories and files in the file system root directory via malformed module requests.
    family unix
    id oval:org.mitre.oval:def:11528
    status accepted
    submitted 2010-07-09T03:56:16-04:00
    title CVS server before 1.11.10 may allow attackers to cause the CVS server to create directories and files in the file system root directory via malformed module requests.
    version 24
  • accepted 2007-04-25T19:53:01.591-04:00
    class vulnerability
    contributors
    • name Jay Beale
      organization Bastille Linux
    • name Matt Busby
      organization The MITRE Corporation
    • name Thomas R. Jones
      organization Maitreya Security
    description CVS server before 1.11.10 may allow attackers to cause the CVS server to create directories and files in the file system root directory via malformed module requests.
    family unix
    id oval:org.mitre.oval:def:855
    status accepted
    submitted 2004-03-20T12:00:00.000-04:00
    title Red Hat CVS Server root Directory Access Vulnerability
    version 33
  • accepted 2007-04-25T19:53:04.168-04:00
    class vulnerability
    contributors
    • name Jay Beale
      organization Bastille Linux
    • name Matt Busby
      organization The MITRE Corporation
    • name Thomas R. Jones
      organization Maitreya Security
    description CVS server before 1.11.10 may allow attackers to cause the CVS server to create directories and files in the file system root directory via malformed module requests.
    family unix
    id oval:org.mitre.oval:def:866
    status accepted
    submitted 2004-03-20T12:00:00.000-04:00
    title Red Hat Enterprise 3 CVS Server root Directory Access Vulnerability
    version 34
redhat via4
advisories
  • rhsa
    id RHSA-2004:003
  • rhsa
    id RHSA-2004:004
refmap via4
bugtraq
  • 20031217 [OpenPKG-SA-2003.052] OpenPKG Security Advisory (cvs)
  • 20040129 [FLSA-2004:1207] Updated cvs resolves security vulnerability
conectiva CLA-2004:808
confirm http://ccvs.cvshome.org/servlets/NewsItemView?newsID=84&JServSessionIdservlets=8u3x1myav1
debian DSA-422
mandrake MDKSA-2003:112
secunia 10601
sgi
  • 20040103-01-U
  • 20040202-01-U
xf cvs-module-file-manipulation(13929)
Last major update 17-10-2016 - 22:38
Published 05-01-2004 - 00:00
Last modified 10-10-2017 - 21:29
Back to Top