apache subversion 1.8.2 vulnerabilities and exploits

(subscribe to this query)

svnwcsub.py in Subversion 1.8.0 prior to 1.8.3, when using the --pidfile option and running in foreground mode, allows local users to gain privileges via a symlink attack on the pid file. NOTE: this issue was SPLIT due to different affected versions (ADT3). The irkerbridge.py iss...

Apache Subversion 1.8.0 Apache Subversion 1.8.1 Apache Subversion 1.8.2

The get_parent_resource function in repos.c in mod_dav_svn Apache HTTPD server module in Subversion 1.7.11 up to and including 1.7.13 and 1.8.1 up to and including 1.8.4, when built with assertions enabled and SVNAutoversioning is enabled, allows remote malicious users to cause a...

Apache Subversion 1.8.2 Apache Subversion 1.7.11 Apache Subversion 1.8.1 Apache Subversion 1.7.12 Apache Mod Dav Svn -Apache Subversion 1.7.13 Apache Subversion 1.8.4 Apache Subversion 1.8.3

The mod_dav_svn server in Subversion 1.8.0 up to and including 1.8.11 allows remote malicious users to cause a denial of service (memory consumption) via a large number of REPORT requests, which trigger the traversal of FSFS repository nodes.

Apache Subversion 1.8.0 Apache Subversion 1.8.8 Apache Subversion 1.8.9 Apache Subversion 1.8.3 Apache Subversion 1.8.4 Apache Subversion 1.8.5 Apache Subversion 1.8.1 Apache Subversion 1.8.2 Apache Subversion 1.8.10 Apache Subversion 1.8.11 Apache Subversion 1.8.6 Apache Subversion 1.8.7 Opensuse Opensuse 13.1 Opensuse Opensuse 13.2

libsvn_fs_fs/fs_fs.c in Apache Subversion 1.8.x prior to 1.8.2 might allow remote authenticated users with commit access to corrupt FSFS repositories and cause a denial of service or obtain sensitive information by editing packed revision properties.

Apache Subversion 1.8.0 Apache Subversion 1.8.1

The daemonize.py module in Subversion 1.8.0 prior to 1.8.2 allows local users to gain privileges via a symlink attack on the pid file created for (1) svnwcsub.py or (2) irkerbridge.py when the --pidfile option is used. NOTE: this issue was SPLIT from CVE-2013-4262 based on differ...

Apache Subversion 1.8.0 Apache Subversion 1.8.1

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook