Provided by Aanval (Snort & Syslog Intrusion Detection and Correlation Engine) www.aanval.com
--
GEN:SID | 1:2317 |
Message | MISC CVS non-relative path error response |
Summary | This event is generated when an attempt is made to exploit a known vulnerability in the Concurrent Versions System (CVS). |
Impact | Serious. Manipulation of the host file system is possible. |
Detailed Information | Concurrent Versions System (CVS) is used to track the history of source code files when developing software. Some versions of CVS contain a vulnerability that may allow an attacker to create directories or files in the host filesystem external to the cvsroot. This is achieved via a malformed module request. |
Affected Systems | CVS versions prior to 1.11.10 |
Attack Scenarios | An attacker may send a specially crafted request to a cvs server and create files and directories of their choosing in the hosts root filesystem. The attacker may then access these files at will to further compromise the system. |
Ease of Attack | Simple. No exploit software is required. |
Corrective Action | Apply the appropriate vendor supplied patches. Upgrade to the latest non-affected version of the software. |
Additional References | CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0977 |
Rule References | bugtraq: 9178 cve: 2003-0977 nessus: 11947 |
--
DID:573871
--
http://www.aanval.com/