CVE-2003-0015

Name of the Vulnerable Software and Affected Versions CVS versions 1.11.4 and earlier cvs-doc (affected versions not specified)

Description The issue allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malformed Directory request. This can be achieved by bypassing write checks to execute Update-prog and Checkin-prog commands. Multiple vulnerabilities in the cvs-doc package may lead to a breach of confidentiality, integrity, and availability of protected information, and can be exploited remotely.

Recommendations For CVS versions 1.11.4 and earlier, update to a version later than 1.11.4 to resolve the issue. For cvs-doc, at the moment, there is no information about a newer version that contains a fix for this vulnerability.