Vulnerability Details : CVE-2003-0015
Double-free vulnerability in CVS 1.11.4 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malformed Directory request, as demonstrated by bypassing write checks to execute Update-prog and Checkin-prog commands.
Vulnerability category: Memory CorruptionExecute codeDenial of service
Products affected by CVE-2003-0015
- cpe:2.3:o:freebsd:freebsd:5.0:*:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:4.4:*:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:4.5:*:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:4.6:*:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:4.7:*:*:*:*:*:*:*
- cpe:2.3:a:cvs:cvs:1.10.7:*:*:*:*:*:*:*
- cpe:2.3:a:cvs:cvs:1.10.8:*:*:*:*:*:*:*
- cpe:2.3:a:cvs:cvs:1.11.1:*:*:*:*:*:*:*
- cpe:2.3:a:cvs:cvs:1.11.1p1:*:*:*:*:*:*:*
- cpe:2.3:a:cvs:cvs:1.11:*:*:*:*:*:*:*
- cpe:2.3:a:cvs:cvs:1.11.2:*:*:*:*:*:*:*
- cpe:2.3:a:cvs:cvs:1.11.3:*:*:*:*:*:*:*
- cpe:2.3:a:cvs:cvs:1.11.4:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2003-0015
32.57%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 97 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2003-0015
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
CWE ids for CVE-2003-0015
-
The product calls free() twice on the same memory address, potentially leading to modification of unexpected memory locations.Assigned by: nvd@nist.gov (Primary)
References for CVE-2003-0015
-
http://www.kb.cert.org/vuls/id/650937
VU#650937 - Concurrent Versions System (CVS) server improperly deallocates memoryThird Party Advisory;US Government Resource
-
http://marc.info/?l=bugtraq&m=104333092200589&w=2
'[security@slackware.com: [slackware-security] New CVS packages available]' - MARC
-
http://www.debian.org/security/2003/dsa-233
Debian -- The Universal Operating System
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/11108
CVS malformed directory name "double free" memory corruption CVE-2003-0015 Vulnerability Report
-
http://marc.info/?l=bugtraq&m=104342550612736&w=2
'Test program for CVS double-free.' - MARC
-
http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0028.html
-
http://www.cert.org/advisories/CA-2003-02.html
2003 CERT AdvisoriesUS Government Resource
-
http://marc.info/?l=bugtraq&m=104438807203491&w=2
'FreeBSD Security Advisory FreeBSD-SA-03:01.cvs' - MARC
-
http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:009
-
http://marc.info/?l=bugtraq&m=104428571204468&w=2
'Exploit for CVS double free() for Linux pserver' - MARC
-
http://www.ciac.org/ciac/bulletins/n-032.shtml
-
http://www.redhat.com/support/errata/RHSA-2003-012.html
Support
-
http://rhn.redhat.com/errata/RHSA-2003-013.html
RHSA-2003:013 - Security Advisory - Red Hat Customer PortalPatch;Vendor Advisory
-
http://security.e-matters.de/advisories/012003.html
Patch;Vendor Advisory
-
http://www.securityfocus.com/bid/6650
Jump to