Detections
Analytics

CVS < 1.11.5 pserver Directory Request Double Free() Privilege Escalation

high Nessus Network Monitor Plugin ID 1899

Synopsis

The remote host is vulnerable to a buffer overflow.

Description

The remote CVS server is vulnerable to a double free() vulnerability that may allow an attacker to gain a shell on this host.

Solution

Upgrade to CVS 1.11.5 or higher.

See Also

http://marc.info/?l=bugtraq&m=104428571204468&w=2

Plugin Details

Severity: High

ID: 1899

Family: Generic

Published: 8/20/2004

Updated: 3/6/2019

Nessus ID: 11385

Risk Information

VPR

Risk Factor: High

Score: 7.3

CVSS v2

Risk Factor: High

Base Score: 9

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C

CVSS v3

Risk Factor: High

Base Score: 8.8

Temporal Score: 8.2

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:cvs:cvs

Exploitable With

Core Impact

Reference Information

CVE: CVE-2003-0015

BID: 6650