Computer Security
[EN] securityvulns.ru no-pyccku


Apache Subversion security vulnerabilities
Published:24.08.2015
Source:
SecurityVulns ID:14638
Type:remote
Threat Level:
6/10
Description:Authentication bypass, unauthorized files access.
Affected:APACHE : Subversion 1.8
CVE:CVE-2015-3187 (The svn_repos_trace_node_locations function in Apache Subversion before 1.7.21 and 1.8.x before 1.8.14, when path-based authorization is used, allows remote authenticated users to obtain sensitive path information by reading the history of a node that has been moved from a hidden path.)
 CVE-2015-3184 (mod_authz_svn in Apache Subversion 1.7.x before 1.7.21 and 1.8.x before 1.8.14, when using Apache httpd 2.4.x, does not properly restrict anonymous access, which allows remote anonymous users to read hidden files via the path name.)
Original documentdocumentUBUNTU, [USN-2721-1] Subversion vulnerabilities (24.08.2015)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod