The daemonize.py module in Subversion 1.8.0 prior to 1.8.2 allows local users to gain privileges via a symlink attack on the pid file created for (1) svnwcsub.py or (2) irkerbridge.py when the --pidfile option is used. NOTE: this issue was SPLIT from CVE-2013-4262 based on different affected versions (ADT3).
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apache subversion 1.8.0 |
||
apache subversion 1.8.1 |