CVS Malformed Directory Request Double-free Privilege Escalation

high Nessus Plugin ID 11385

Synopsis

The remote revision control service has a privilege escalation vulnerability.

Description

According to its version number, the CVS server running on the remote host has a double free bug, which could allow a malicious user to elevate their privileges.

Solution

Upgrade to CVS version 1.11.11 or later.

See Also

https://marc.info/?l=bugtraq&m=104428571204468&w=2

Plugin Details

Severity: High

ID: 11385

File Name: cvs_double_free.nasl

Version: 1.27

Type: remote

Family: Misc.

Published: 3/14/2003

Updated: 11/15/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.3

CVSS v2

Risk Factor: High

Base Score: 9

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C

Vulnerability Information

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 12/29/2003

Exploitable With

CANVAS (D2ExploitPack)

Core Impact

Reference Information

CVE: CVE-2003-0015

BID: 6650

RHSA: 2003:012-07

SuSE: SUSE-SA:2003:0007