CVE-2003-0015

EPSS 23.9%

Double-free vulnerability in CVS 1.11.4 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malformed Directory request, as demonstrated by bypassing write checks to execute Update-prog and Checkin-prog commands.

Produtos afetados

n/a · n/a

PoCs públicas encontradas — 1

exploitdbwww.exploit-db.com/exploits/22187não verificado

⚠ Recursos públicos, para você avaliar a exposição de sistemas que controla ou está autorizado a testar. Teste apenas com autorização.

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0028.html http://ccvs.cvshome.org/servlets/NewsItemView?newsID=51&JServSessionIdservlets=5of2iuhr14 http://marc.info/?l=bugtraq&m=104333092200589&w=2 http://marc.info/?l=bugtraq&m=104342550612736&w=2 http://marc.info/?l=bugtraq&m=104428571204468&w=2 http://marc.info/?l=bugtraq&m=104438807203491&w=2 http://rhn.redhat.com/errata/RHSA-2003-013.html http://security.e-matters.de/advisories/012003.html https://exchange.xforce.ibmcloud.com/vulnerabilities/11108 http://www.cert.org/advisories/CA-2003-02.html http://www.ciac.org/ciac/bulletins/n-032.shtml http://www.debian.org/security/2003/dsa-233