[Forgot Password]
Login  Register Subscribe

23631

 
 

114973

 
 

93458

 
 

909

 
 

76924

 
 

97

 
 
Paid content will be excluded from the download.

Filter
Matches : 42144 Download | Alert*

libapache2-mod-svn is installed

libsoup-gnome2.4-1 is installed

gir1.2-soup-2.4 is installed

The canonicalize_username function in svnserve/cyrus_auth.c in Apache Subversion before 1.8.16 and 1.9.x before 1.9.4, when Cyrus SASL authentication is used, allows remote attackers to authenticate and bypass intended access restrictions via a realm string that is a prefix of an expected repository realm string.

A maliciously constructed svn+ssh:// URL would cause Subversion clients before 1.8.19, 1.9.x before 1.9.7, and 1.10.0.x through 1.10.0-alpha3 to run an arbitrary shell command. Such a URL could be generated by a malicious server, by a malicious user committing to a honest server (to attack another user of that server's repositories), or by a proxy server. The vulnerability affects all clients, inc ...

Apache Software Foundation Subversion 1.9.0

Apache Software Foundation Subversion 1.9.1


Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   4214

© 2016 SecPod Technologies