Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2004-0749
HistoryDec 23, 2004 - 5:00 a.m.

CVE-2004-0749

2004-12-2305:00:00
[email protected]
web.nvd.nist.gov
21
mod_authz_svn
subversion 1.0.7
vulnerability
remote access
sensitive information
nvd
cve-2004-0749

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

6.4 Medium

AI Score

Confidence

Low

0.029 Low

EPSS

Percentile

90.9%

JSON

The mod_authz_svn module in Subversion 1.0.7 and earlier does not properly restrict access to all metadata on unreadable paths, which could allow remote attackers to gain sensitive information via (1) svn log -v, (2) svn propget, or (3) svn blame, and other commands that follow renames.

Affected configurations

NVD
Node
subversionsubversionMatch1.0
OR
subversionsubversionMatch1.0.1
OR
subversionsubversionMatch1.0.2
OR
subversionsubversionMatch1.0.3
OR
subversionsubversionMatch1.0.4
OR
subversionsubversionMatch1.0.5
OR
subversionsubversionMatch1.0.6
OR
subversionsubversionMatch1.0.7
OR
subversionsubversionMatch1.1.0_rc1
OR
subversionsubversionMatch1.1.0_rc2
OR
subversionsubversionMatch1.1.0_rc3
Node
gentoolinuxMatch0.5
OR
gentoolinuxMatch0.7
OR
gentoolinuxMatch1.1a
OR
gentoolinuxMatch1.2
OR
gentoolinuxMatch1.4
OR
gentoolinuxMatch1.4rc1
OR
gentoolinuxMatch1.4rc2
OR
gentoolinuxMatch1.4rc3

Related

freebsd 1
nessus 5
gentoo 1
openvas 6
debiancve 1
nvd 1
ubuntucve 1
cvelist 1
freebsd
freebsd
subversion -- WebDAV fails to protect metadata
2004-09-15 00:00:00
nessus
nessus
FreeBSD : subversion -- WebDAV fails to protect metadata (184f5d0b-0fe8-11d9-8a8a-000c41e2cdad)
2009-04-23 00:00:00
Fedora Core 2 : subversion-1.0.8-1 (2004-318)
2004-09-24 00:00:00
Subversion < 1.0.8 / 1.1.0-rc4 mod_authz_svn Unreadable Path Metadata Information Disclosure
2004-09-23 00:00:00
gentoo
gentoo
Subversion: Metadata information leak
2004-09-29 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 200409-35 (Subversion)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200409-35 (Subversion)
2008-09-24 00:00:00
Subversion Module unreadeable path information disclosure
2005-11-03 00:00:00
debiancve
debiancve
CVE-2004-0749
2004-12-23 05:00:00
nvd
nvd
CVE-2004-0749
2004-12-23 05:00:00
ubuntucve
ubuntucve
CVE-2004-0749
2004-12-23 00:00:00
cvelist
cvelist
CVE-2004-0749
2004-11-19 05:00:00

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

6.4 Medium

AI Score

Confidence

Low

0.029 Low

EPSS

Percentile

90.9%

JSON
Related for CVE-2004-0749
freebsd1nessus5gentoo1openvas6debiancve1nvd1ubuntucve1cvelist1