Download
| Alert*
|
oval:org.secpod.oval:def:1600360
mod24_dav_svn is installed oval:org.secpod.oval:def:1600359 It was found that when an SVN server searched the history of a file or a directory, it would disclose its location in the repository if that file or directory was not readable . An integer overflow was discovered allowing remote attackers to execute arbitrary code via an svn:// protocol string, whi ... oval:org.secpod.oval:def:1600414 The canonicalize_username function in svnserve/cyrus_auth.c in Apache Subversion before 1.8.16 and 1.9.x before 1.9.4, when Cyrus SASL authentication is used, allows remote attackers to authenticate and bypass intended access restrictions via a realm string that is a prefix of an expected repository ... oval:org.secpod.oval:def:1600503 An authenticated remote attacker can cause denial-of-service conditions on the server using mod_dontdothat by sending a specially crafted REPORT request. The attack does not require access to a particular repository. |
