Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2004-0749HistoryDec 23, 2004 - 5:00 a.m.
CVE-2004-0749
2004-12-2305:00:00
Debian Security Bug Tracker
security-tracker.debian.org
8
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.029 Low
EPSS
Percentile
90.8%
The mod_authz_svn module in Subversion 1.0.7 and earlier does not properly restrict access to all metadata on unreadable paths, which could allow remote attackers to gain sensitive information via (1) svn log -v, (2) svn propget, or (3) svn blame, and other commands that follow renames.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | subversion | < 1.0.9-2 | subversion_1.0.9-2_all.deb |
| Debian | 11 | all | subversion | < 1.0.9-2 | subversion_1.0.9-2_all.deb |
| Debian | 999 | all | subversion | < 1.0.9-2 | subversion_1.0.9-2_all.deb |
| Debian | 13 | all | subversion | < 1.0.9-2 | subversion_1.0.9-2_all.deb |
Related
openvas
openvas
Gentoo Security Advisory GLSA 200409-35 (Subversion)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200409-35 (Subversion)
2008-09-24 00:00:00
Subversion Module unreadeable path information disclosure
2005-11-03 00:00:00
freebsd
freebsd
subversion -- WebDAV fails to protect metadata
2004-09-15 00:00:00
nessus
nessus
gentoo
gentoo
Subversion: Metadata information leak
2004-09-29 00:00:00
nvd
nvd
CVE-2004-0749
2004-12-23 05:00:00
cve
cve
CVE-2004-0749
2004-12-23 05:00:00
ubuntucve
ubuntucve
CVE-2004-0749
2004-12-23 00:00:00
cvelist
cvelist
CVE-2004-0749
2004-11-19 05:00:00
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.029 Low
EPSS
Percentile
90.8%
Related for DEBIANCVE:CVE-2004-0749