Lucene search
MitreCVELIST:CVE-2008-1292HistoryMar 24, 2008 - 5:00 p.m.
CVE-2008-1292
2008-03-2417:00:00
mitre
www.cve.org
ViewVC before 1.0.5 provides revision metadata without properly checking whether access was intended, which allows remote attackers to obtain sensitive information by reading (1) forbidden pathnames in the revision view, (2) log history that can only be reached by traversing a forbidden object, or (3) forbidden diff view path parameters.
References
bugs.debian.org/cgi-bin/bugreport.cgi?bug=471380
bugs.gentoo.org/show_bug.cgi?id=212288
secunia.com/advisories/29176
secunia.com/advisories/29460
security.gentoo.org/glsa/glsa-200803-29.xml
viewvc.tigris.org/source/browse/viewvc/trunk/CHANGES?rev=HEAD
www.securityfocus.com/bid/28055
www.vupen.com/english/advisories/2008/0734/references
Related
debiancve
debiancve
CVE-2008-1292
2008-03-24 17:44:00
prion
prion
Design/Logic Flaw
2008-03-24 17:44:00
redhatcve
redhatcve
CVE-2008-1292
2019-10-04 21:57:44
ubuntucve
ubuntucve
CVE-2008-1292
2008-03-24 00:00:00
nvd
nvd
CVE-2008-1292
2008-03-24 17:44:00
cve
cve
CVE-2008-1292
2008-03-24 17:44:00
gentoo
gentoo
ViewVC: Multiple vulnerabilities
2008-03-19 00:00:00
nessus
nessus
openSUSE Security Update : viewvc (viewvc-48)
2009-07-21 00:00:00
GLSA-200803-29 : ViewVC: Multiple vulnerabilities
2008-03-21 00:00:00
openSUSE 10 Security Update : viewvc (viewvc-5358)
2008-08-01 00:00:00
securityvulns
securityvulns
[ GLSA 200803-29 ] ViewVC: Multiple vulnerabilities
2008-03-20 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 200803-29 (viewvc)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200803-29 (viewvc)
2008-09-24 00:00:00
SuSE Update for net-snmp SUSE-SA:2008:039
2009-01-23 00:00:00
suse
suse
authentication bypass, denial-of-service in net-snmp
2008-08-01 13:33:56