Lucene search

FreeBSD5D36EF32-A9CF-11D8-9C6D-0020ED76EF5A

HistoryMay 19, 2004 - 12:00 a.m.

subversion date parsing vulnerability

2004-05-1900:00:00

vuxml.freebsd.org

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.964 High

EPSS

Percentile

99.5%

JSON

Stefan Esser reports:

Subversion versions up to 1.0.2 are vulnerable to a date
parsing vulnerability which can be abused to allow remote
code execution on Subversion servers and therefore could
lead to a repository compromise.

NOTE: This vulnerability is similar to the date
parsing issue that affected neon. However, it is a different
and distinct bug.

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchsubversion< 1.0.2_1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
FreeBSD	any	noarch	subversion	< 1.0.2_1	UNKNOWN

References

security.e-matters.de/advisories/082004.html

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.964 High

EPSS

Percentile

99.5%

JSON

Related for 5D36EF32-A9CF-11D8-9C6D-0020ED76EF5A