Lucene search
Tenable8973.PRMHistoryOct 13, 2015 - 12:00 a.m.
Apache Subversion 1.7.x < 1.7.21 / 1.8.x < 1.8.14 Multiple Vulnerabilities
2015-10-1300:00:00
Tenable
www.tenable.com
28
The version of Apache Subversion installed on the remote host is 1.7.x prior to 1.7.21, or 1.8.x prior to 1.8.14 and is affected by the following vulnerabilities :
- A security bypass flaw affects the ‘mod_authz_svn’ module as it does not properly restrict anonymous access in some mixed anonymous/authenticated environments when using Subversion with Apache httpd 2.4. (CVE-2015-3184)
- An information disclosure flaw affects ‘authz’. Subversion servers, both httpd and svnserve, will reveal some paths that should be hidden by path-based authz controls. (CVE-2015-3187)
Binary data 8973.prm| Vendor | Product | Version | CPE |
|---|---|---|---|
| apache | subversion | cpe:/a:apache:subversion |
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3184
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3187
subversion.apache.org/security
subversion.apache.org/security/CVE-2015-3184-advisory.txt
subversion.apache.org/security/CVE-2015-3187-advisory.txt
svn.apache.org/repos/asf/subversion/tags/1.7.21/CHANGES
svn.apache.org/repos/asf/subversion/tags/1.8.14/CHANGES
Related
openvas
openvas
Mageia: Security Advisory (MGASA-2015-0326)
2015-10-15 00:00:00
Debian: Security Advisory (DSA-3331-1)
2015-08-09 00:00:00
Apache Subversion Multiple Vulnerabilities (Aug 2015)
2015-08-18 00:00:00
archlinux
archlinux
subversion: authentication bypass
2015-08-14 00:00:00
securityvulns
securityvulns
Apache Subversion security vulnerabilities
2015-08-24 00:00:00
[USN-2721-1] Subversion vulnerabilities
2015-08-24 00:00:00
nessus
nessus
openSUSE Security Update : subversion (openSUSE-2015-549)
2015-08-19 00:00:00
FreeBSD : subversion -- multiple vulnerabilities (57bb5e3d-3c4f-11e5-a4d4-001e8c75030d)
2015-08-07 00:00:00
Debian DSA-3331-1 : subversion - security update
2015-08-13 00:00:00
debian
debian
[SECURITY] [DSA 3331-1] subversion security update
2015-08-10 18:21:41
[SECURITY] [DSA 3331-1] subversion security update
2015-08-10 18:22:09
[SECURITY] [DLA 293-1] subversion security update
2015-08-16 10:24:32
mageia
mageia
Updated subversion packages fix security vulnerabilities
2015-08-27 23:49:46
freebsd
freebsd
subversion -- multiple vulnerabilities
2015-07-27 00:00:00
osv
osv
subversion - security update
2015-08-10 00:00:00
subversion - security update
2015-08-16 00:00:00
apple
apple
About the security content of Xcode 7.3
2016-03-21 00:00:00
About the security content of Xcode 7.3 - Apple Support
2017-01-23 03:54:36
amazon
amazon
Important: mod_dav_svn, subversion
2016-03-29 15:30:00
oraclelinux
oraclelinux
subversion security update
2015-09-08 00:00:00
subversion security update
2015-08-17 00:00:00
redhat
redhat
(RHSA-2015:1742) Moderate: subversion security update
2015-09-08 00:00:00
(RHSA-2015:1633) Moderate: subversion security update
2015-08-17 00:00:00
centos
centos
mod_dav_svn, subversion security update
2015-09-08 21:07:49
mod_dav_svn, subversion security update
2015-08-17 15:33:54
fedora
fedora
[SECURITY] Fedora 22 Update: subversion-1.8.15-1.fc22
2016-02-29 22:28:19
ubuntucve
ubuntucve
CVE-2015-3187
2015-08-05 00:00:00
CVE-2015-3184
2015-08-05 00:00:00
prion
prion
Path traversal
2015-08-12 14:59:00
Path traversal
2015-08-12 14:59:00
cve
cve
CVE-2015-3187
2015-08-12 14:59:00
CVE-2015-3184
2015-08-12 14:59:00
debiancve
debiancve
CVE-2015-3187
2015-08-12 14:59:00
CVE-2015-3184
2015-08-12 14:59:00
f5
f5
K53556508 : Apache mod_authz_svn vulnerability CVE-2015-3184
2022-11-28 00:00:00
ubuntu
ubuntu
Subversion vulnerabilities
2015-08-20 00:00:00
veracode
veracode
Information Disclosure
2019-05-02 05:17:54
Spoofable Server
2019-05-02 05:17:54
suse
suse
Security update for subversion (important)
2017-08-17 12:10:12
gentoo
gentoo
Subversion, Serf: Multiple Vulnerabilities
2016-10-11 00:00:00
Related for 8973.PRM