CVE-2003-0015

CVS <= 1.11.4 - Double Free via Malformed Directory Request

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2003-0015. PoCs published by Stefan Esser.

AI-analyzed exploit summary The provided entry describes a double free vulnerability in CVS (CVE-2003-0015) affecting Directory requests, which could lead to heap corruption and arbitrary code execution. However, the actual exploit code is not included; only a reference to a SecurityFocus BID and a link to a binary exploit archive are provided.

Description

Double-free vulnerability in CVS 1.11.4 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malformed Directory request, as demonstrated by bypassing write checks to execute Update-prog and Checkin-prog commands.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Stefan Esser · textremotelinux

https://www.exploit-db.com/exploits/22187

View Code ZIP pw:eip

The provided entry describes a double free vulnerability in CVS (CVE-2003-0015) affecting Directory requests, which could lead to heap corruption and arbitrary code execution. However, the actual exploit code is not included; only a reference to a SecurityFocus BID and a link to a binary exploit archive are provided.

Classification

Writeup 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Theoretical

Target: CVS (Concurrent Versions System)

No auth needed

Prerequisites: Network access to a vulnerable CVS server

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (16)

Core 16

Core References

Vendor Advisory vendor-advisory x_refsource_redhat

http://www.redhat.com/support/errata/RHSA-2003-012.html

Broken Link x_refsource_confirm

http://ccvs.cvshome.org/servlets/NewsItemView?newsID=51&JServSessionIdservlets=5of2iuhr14

Various Sources vendor-advisory x_refsource_mandrake

http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:009

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/6650

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/11108

Mailing List mailing-list x_refsource_bugtraq

http://marc.info/?l=bugtraq&m=104333092200589&w=2

Patch, Vendor Advisory vendor-advisory x_refsource_redhat

http://rhn.redhat.com/errata/RHSA-2003-013.html

Third Party Advisory, US Government Resource third-party-advisory x_refsource_cert-vn

http://www.kb.cert.org/vuls/id/650937

Patch, Vendor Advisory x_refsource_misc

http://security.e-matters.de/advisories/012003.html

US Government Resource third-party-advisory x_refsource_cert

http://www.cert.org/advisories/CA-2003-02.html

Third Party Advisory, US Government Resource third-party-advisory government-resource x_refsource_ciac

http://www.ciac.org/ciac/bulletins/n-032.shtml

Third Party Advisory mailing-list x_refsource_vulnwatch

http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0028.html

Mailing List mailing-list x_refsource_bugtraq

http://marc.info/?l=bugtraq&m=104342550612736&w=2

Mailing List vendor-advisory x_refsource_freebsd

http://marc.info/?l=bugtraq&m=104438807203491&w=2

Mailing List mailing-list x_refsource_bugtraq

http://marc.info/?l=bugtraq&m=104428571204468&w=2

Third Party Advisory vendor-advisory x_refsource_debian

http://www.debian.org/security/2003/dsa-233

Scores

EPSS 0.2387

EPSS Percentile 97.5%

Details

CWE

CWE-415

Status published

Products (13)

cvs/cvs 1.10.7

cvs/cvs 1.10.8

cvs/cvs 1.11

cvs/cvs 1.11.1

cvs/cvs 1.11.1p1

cvs/cvs 1.11.2

cvs/cvs 1.11.3

cvs/cvs 1.11.4

freebsd/freebsd 4.4

freebsd/freebsd 4.5

... and 3 more

Published Feb 07, 2003

Tracked Since Feb 18, 2026