Lucene search

K

RedhatCVELIST:CVE-2014-3528

HistoryAug 19, 2014 - 6:00 p.m.

CVE-2014-3528

2014-08-1918:00:00

redhat

www.cve.org

8.8 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

57.1%

Apache Subversion 1.0.0 through 1.7.x before 1.7.17 and 1.8.x before 1.8.10 uses an MD5 hash of the URL and authentication realm to store cached credentials, which makes it easier for remote servers to obtain the credentials via a crafted authentication realm.

References

lists.apple.com/archives/security-announce/2015/Mar/msg00003.html

lists.opensuse.org/opensuse-updates/2014-08/msg00038.html

rhn.redhat.com/errata/RHSA-2015-0165.html

rhn.redhat.com/errata/RHSA-2015-0166.html

secunia.com/advisories/59432

secunia.com/advisories/59584

secunia.com/advisories/60722

subversion.apache.org/security/CVE-2014-3528-advisory.txt

www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html

www.securityfocus.com/bid/68995

www.ubuntu.com/usn/USN-2316-1

security.gentoo.org/glsa/201610-05

support.apple.com/HT204427

8.8 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

57.1%

Related for CVELIST:CVE-2014-3528

fedora1 mageia2 openvas11 veracode2 nvd1 cve1 nessus18 ubuntucve1 debiancve1 prion1 oraclelinux2 freebsd1 redhat2 centos2 securityvulns2 ubuntu1 gentoo1