Unrated severityNVD Advisory· Published Jan 5, 2004· Updated Apr 16, 2026
CVE-2003-0977
CVE-2003-0977
Description
CVS server before 1.11.10 may allow attackers to cause the CVS server to create directories and files in the file system root directory via malformed module requests.
Affected products
13cpe:2.3:a:cvs:cvs:1.10.7:*:*:*:*:*:*:*+ 9 more
- cpe:2.3:a:cvs:cvs:1.10.7:*:*:*:*:*:*:*
- cpe:2.3:a:cvs:cvs:1.10.8:*:*:*:*:*:*:*
- cpe:2.3:a:cvs:cvs:1.11:*:*:*:*:*:*:*
- cpe:2.3:a:cvs:cvs:1.11.1:*:*:*:*:*:*:*
- cpe:2.3:a:cvs:cvs:1.11.1_p1:*:*:*:*:*:*:*
- cpe:2.3:a:cvs:cvs:1.11.2:*:*:*:*:*:*:*
- cpe:2.3:a:cvs:cvs:1.11.3:*:*:*:*:*:*:*
- cpe:2.3:a:cvs:cvs:1.11.4:*:*:*:*:*:*:*
- cpe:2.3:a:cvs:cvs:1.11.5:*:*:*:*:*:*:*
- cpe:2.3:a:cvs:cvs:1.11.6:*:*:*:*:*:*:*
cpe:2.3:o:slackware:slackware_linux:8.1:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:o:slackware:slackware_linux:8.1:*:*:*:*:*:*:*
- cpe:2.3:o:slackware:slackware_linux:9.0:*:*:*:*:*:*:*
- cpe:2.3:o:slackware:slackware_linux:9.1:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
15- ccvs.cvshome.org/servlets/NewsItemViewnvdPatch
- www.debian.org/security/2004/dsa-422nvdPatchVendor Advisory
- patches.sgi.com/support/free/security/advisories/20040103-01-U.ascnvd
- patches.sgi.com/support/free/security/advisories/20040202-01-U.ascnvd
- distro.conectiva.com.br/atualizacoes/nvd
- marc.infonvd
- marc.infonvd
- secunia.com/advisories/10601nvd
- www.mandriva.com/security/advisoriesnvd
- www.redhat.com/support/errata/RHSA-2004-003.htmlnvd
- www.redhat.com/support/errata/RHSA-2004-004.htmlnvd
- exchange.xforce.ibmcloud.com/vulnerabilities/13929nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11528nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A855nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A866nvd
News mentions
0No linked articles in our index yet.