| GEN:SID | 1:2317 |
| Message | MISC CVS non-relative path error response |
| Summary | This event is generated when an attempt is made to exploit a known vulnerability in the Concurrent Versions System (CVS).
|
| Impact | Serious. Manipulation of the host file system is possible.
|
| Detailed Information | Concurrent Versions System (CVS) is used to track the history of source code files when developing software.
Some versions of CVS contain a vulnerability that may allow an attacker to create directories or files in the host filesystem external to the cvsroot. This is achieved via a malformed module request.
|
| Affected Systems | CVS versions prior to 1.11.10
|
| Attack Scenarios | An attacker may send a specially crafted request to a cvs server and create files and directories of their choosing in the hosts root filesystem. The attacker may then access these files at will to further compromise the system.
|
| Ease of Attack | Simple. No exploit software is required.
|
| Corrective Action | Apply the appropriate vendor supplied patches.
Upgrade to the latest non-affected version of the software.
|
| Additional References | CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0977
|
| Rule References | bugtraq: 9178
cve: 2003-0977
|