CVS pserver Directory command double free() exploit v1.28 Vulnerability exploited: CAN-2003-0015 - BID-6650 Category: Exploits/Remote Exploits a double free() vulnerability in CVS password authentication mode. By sending a malformed 'Directory' request it is possible to create a condition where free() is called on memory that is still in use. This can result in an exploitable condition when free() is called on the memory chunk a second time. Supported Systems: RedHat Linux 8 (i386) RedHat Linux 7.2 (i386) RedHat Linux 7.1 (i386) Debian Linux 3 (i386) This module is included in the latest version of CORE IMPACT, the first automated comprehensive penetration testing product for accurately identifying information security risks. Click here to learn more about the product.