CVSS: 6.8EPSS: 0%CPEs: 5EXPL: 0CVE-2016-2167
https://notcve.org/view.php?id=CVE-2016-2167
The canonicalize_username function in svnserve/cyrus_auth.c in Apache Subversion before 1.8.16 and 1.9.x before 1.9.4, when Cyrus SASL authentication is used, allows remote attackers to authenticate and bypass intended access restrictions via a realm string that is a prefix of an expected repository realm string. La función canonicalize_username en svnserve/cyrus_auth.c en Apache Subversion en versiones anteriores a 1.8.16 y 1.9.x en versiones anteriores a 1.9.4, cuando se utiliza autenticación Cyrus SASL, permite a atacantes remotos autenticarse y eludir restricciones destinadas al acceso a través de una cadena realm que se prefija a un repositorio de cadena realm esperado. • http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184545.html http://lists.opensuse.org/opensuse-updates/2016-05/msg00043.html http://lists.opensuse.org/opensuse-updates/2016-05/msg00044.html http://mail-archives.apache.org/mod_mbox/subversion-announce/201604.mbox/%3CCAP_GPNgJet+7_MAhomFVOXPgLtewcUw9w=k9zdPCkq5tvPxVMA%40mail.gmail.com%3E http://mail-archives.apache.org/mod_mbox/subversion-announce/201604.mbox/%3CCAP_GPNgfn1iKueW51EpmXzXi_URNfGNofZSgOyW1_jnSeNm5DQ%40mail.gmail.com%3E http://subversion.apa • CWE-284: Improper Access Control •
CVSS: 6.5EPSS: 8%CPEs: 5EXPL: 0CVE-2016-2168
https://notcve.org/view.php?id=CVE-2016-2168
The req_check_access function in the mod_authz_svn module in the httpd server in Apache Subversion before 1.8.16 and 1.9.x before 1.9.4 allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) via a crafted header in a (1) MOVE or (2) COPY request, involving an authorization check. La función req_check_access en el módulo mod_authz_svn en el servidor httpd en Apache Subversion en versiones anteriores a 1.8.16 y 1.9.x en versiones anteriores a 1.9.4 permite a usuarios remotos autenticados provocar una denegación de servicio (referencia a puntero NULL y caída) a través de una cabecera manipulada en una petición (1) MOVE o (2) COPY, involucrando una verificación de autorización. • http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184545.html http://lists.opensuse.org/opensuse-updates/2016-05/msg00043.html http://lists.opensuse.org/opensuse-updates/2016-05/msg00044.html http://mail-archives.apache.org/mod_mbox/subversion-announce/201604.mbox/%3CCAP_GPNgJet+7_MAhomFVOXPgLtewcUw9w=k9zdPCkq5tvPxVMA%40mail.gmail.com%3E http://mail-archives.apache.org/mod_mbox/subversion-announce/201604.mbox/%3CCAP_GPNgfn1iKueW51EpmXzXi_URNfGNofZSgOyW1_jnSeNm5DQ%40mail.gmail.com%3E http://subversion.apa •
CVSS: 4.0EPSS: 0%CPEs: 14EXPL: 0CVE-2015-3187 – subversion: svn_repos_trace_node_locations() reveals paths hidden by authz
https://notcve.org/view.php?id=CVE-2015-3187
The svn_repos_trace_node_locations function in Apache Subversion before 1.7.21 and 1.8.x before 1.8.14, when path-based authorization is used, allows remote authenticated users to obtain sensitive path information by reading the history of a node that has been moved from a hidden path. Vulnerabilidad en la función svn_repos_trace_node_locations en Apache Subversion en versiones anteriores a 1.7.21 y 1.8.x en versiones anteriores a 1.8.14, cuando se utiliza autorización basada en ruta, permite a usuarios remotos autenticados obtener información de ruta sensible leyendo el historial de un nodo que ha sido movido desde una ruta oculta. It was found that when an SVN server (both svnserve and httpd with the mod_dav_svn module) searched the history of a file or a directory, it would disclose its location in the repository if that file or directory was not readable (for example, if it had been moved). • http://lists.apple.com/archives/security-announce/2016/Mar/msg00003.html http://lists.opensuse.org/opensuse-updates/2015-08/msg00022.html http://rhn.redhat.com/errata/RHSA-2015-1633.html http://rhn.redhat.com/errata/RHSA-2015-1742.html http://subversion.apache.org/security/CVE-2015-3187-advisory.txt http://www.debian.org/security/2015/dsa-3331 http://www.securityfocus.com/bid/76273 http://www.securitytracker.com/id/1033215 http://www.ubuntu.com/usn/USN-2721-1 https:/ • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.3EPSS: 10%CPEs: 21EXPL: 0CVE-2014-0032 – subversion: mod_dav_svn crash when handling certain requests with SVNListParentPath on
https://notcve.org/view.php?id=CVE-2014-0032
The get_resource function in repos.c in the mod_dav_svn module in Apache Subversion before 1.7.15 and 1.8.x before 1.8.6, when SVNListParentPath is enabled, allows remote attackers to cause a denial of service (crash) via vectors related to the server root and request methods other than GET, as demonstrated by the "svn ls http://svn.example.com" command. la función get_resource en repos.c en el módulo mod_dav_svn en Apache Subversion anterior a 1.7.15 y 1.8.x anterior a 1.8.6, cuando SVNListParentPath está habilitado, permite a atacantes remotos causar una denegación de servicio (caída) a través de vectores relacionados con la raíz del servidor y solicitudes diferentes a GET, tal como se ha demostrado con el comando "svn ls http://svn.example.com". • http://lists.opensuse.org/opensuse-updates/2014-02/msg00086.html http://lists.opensuse.org/opensuse-updates/2014-03/msg00011.html http://mail-archives.apache.org/mod_mbox/subversion-dev/201401.mbox/%3C52D328AB.8090502%40reser.org%3E http://mail-archives.apache.org/mod_mbox/subversion-dev/201401.mbox/%3C871u0gqb0d.fsf%40ntlworld.com%3E http://mail-archives.apache.org/mod_mbox/subversion-dev/201401.mbox/%3CCANvU9scLHr2yOLABW8q6_wNzhEf7pWM=NiavGcobqvUuyhKyAA%40mail.gmail.com%3E http://rhn.redhat.com/errata/ • CWE-20: Improper Input Validation •
CVSS: 7.1EPSS: 1%CPEs: 24EXPL: 1CVE-2013-2088 – Subversion 1.6.6/1.6.12 - Code Execution
https://notcve.org/view.php?id=CVE-2013-2088
contrib/hook-scripts/svn-keyword-check.pl in Subversion before 1.6.23 allows remote authenticated users with commit permissions to execute arbitrary commands via shell metacharacters in a filename. contrib/hook-scripts/svn-keyword-check.pl en Subversion anterior a 1.6.23, permite a usuarios autenticados remotamente con permisos de "commit" la ejecución de comandos arbitrarios a través de metacaracteres shell en un nombre de archivo. Subversion versions 1.6.6 and 1.6.12 suffers from a code execution vulnerability. • https://www.exploit-db.com/exploits/40507 http://lists.opensuse.org/opensuse-updates/2013-07/msg00015.html http://mail-archives.apache.org/mod_mbox/subversion-announce/201305.mbox/%3CCADkdwvRK51pQsybfvsAzjxQJrmVpL0fEa1K4WGkUP9Tzz6KFDw%40mail.gmail.com%3E http://mail-archives.apache.org/mod_mbox/subversion-announce/201305.mbox/%3CCADkdwvTxsMFeHgc8bK2V-2PrSrKoBffTi8%2BxbHA5tocrrewWew%40mail.gmail.com%3E https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18772 https://subversion.apache.org/security/ • CWE-20: Improper Input Validation •