Lucene search
This script is Copyright (C) 2003-2018 Tenable Network Security, Inc.CVS_DIR_CREATE.NASLHistoryDec 11, 2003 - 12:00 a.m.
CVS pserver Crafted Module Request Arbitrary File / Directory Creation
2003-12-1100:00:00
This script is Copyright (C) 2003-2018 Tenable Network Security, Inc.
www.tenable.com
17
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.01 Low
EPSS
Percentile
83.3%
According to its version number, the CVS server running on the remote remote host may allow an attacker to create directories (and possibly files) at the root of the filesystem where the CVS repository is located.
#
# (C) Tenable Network Security, Inc.
#
include("compat.inc");
if(description)
{
script_id(11947);
script_version ("1.19");
script_cve_id("CVE-2003-0977");
script_bugtraq_id(9178);
script_xref(name:"MDKSA", value:"MDKSA-2003:112-1");
script_name(english:"CVS pserver Crafted Module Request Arbitrary File / Directory Creation");
script_summary(english:"Logs into the remote CVS server and asks the version");
script_set_attribute(attribute:"synopsis", value:
"The revision control service running on the remote host has an
arbitrary file creation vulnerability." );
script_set_attribute( attribute:"description", value:
"According to its version number, the CVS server running on the remote
remote host may allow an attacker to create directories (and possibly
files) at the root of the filesystem where the CVS repository is located." );
script_set_attribute(
attribute:"see_also",
value:"https://seclists.org/bugtraq/2003/Dec/183"
);
script_set_attribute(
attribute:"solution",
value:"Upgrade to CVS 1.11.10 or later."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"plugin_publication_date", value: "2003/12/11");
script_set_attribute(attribute:"vuln_publication_date", value: "2003/12/09");
script_cvs_date("Date: 2018/11/15 20:50:23");
script_set_attribute(attribute:"plugin_type", value:"remote");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Misc.");
script_copyright(english:"This script is Copyright (C) 2003-2018 Tenable Network Security, Inc.");
script_require_ports("Services/cvspserver", 2401);
script_dependencies("find_service1.nasl", "cvs_pserver_heap_overflow.nasl");
exit(0);
}
include('global_settings.inc');
port = get_kb_item("Services/cvspserver");
if(!port)port = 2401;
version = get_kb_item(string("cvs/", port, "/version"));
if ( ! version ) exit(0);
if(ereg(pattern:".* 1\.([0-9]\.|10\.|11\.[0-9][^0-9]).*", string:version))
security_warning(port);
Related
openvas
openvas
Debian Security Advisory DSA 422-1 (cvs)
2008-01-17 00:00:00
Debian Security Advisory DSA 422-1 (cvs)
2008-01-17 00:00:00
Gentoo Security Advisory GLSA 200312-04 (CVS)
2008-09-24 00:00:00
gentoo
gentoo
CVS: malformed module request vulnerability
2003-12-08 00:00:00
debiancve
debiancve
CVE-2003-0977
2004-01-05 05:00:00
cve
cve
CVE-2003-0977
2004-01-05 05:00:00
nessus
nessus
Mandrake Linux Security Advisory : cvs (MDKSA-2003:112-1)
2004-07-31 00:00:00
RHEL 2.1 / 3 : cvs (RHSA-2004:004)
2004-07-06 00:00:00
cvelist
cvelist
CVE-2003-0977
2003-12-10 05:00:00
nvd
nvd
CVE-2003-0977
2004-01-05 05:00:00
debian
debian
[SECURITY] [DSA-422-1] multiple CVS improvements
2004-01-13 14:16:46
redhat
redhat
(RHSA-2004:004) cvs security update
2004-01-14 00:00:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.01 Low
EPSS
Percentile
83.3%
Related for CVS_DIR_CREATE.NASL