2570 matches found
GLSA-200406-07 : Subversion: Remote heap overflow
The remote host is affected by the vulnerability described in GLSA-200406-07 Subversion: Remote heap overflow The svn protocol parser trusts the indicated length of a URI string sent by a client. This allows a client to specify a very long string, thereby causing svnserve to allocate enough memor...
GLSA-200405-14 : Buffer overflow in Subversion
The remote host is affected by the vulnerability described in GLSA-200405-14 Buffer overflow in Subversion All releases of Subversion prior to 1.0.3 have a vulnerability in the date-parsing code. This vulnerability may allow denial of service or arbitrary code execution as the Subversion user. Bo...
GLSA-200407-20 : Subversion: Vulnerability in mod_authz_svn
The remote host is affected by the vulnerability described in GLSA-200407-20 Subversion: Vulnerability in modauthzsvn Users with write access to part of a Subversion repository may bypass read restrictions on any part of that repository. This can be done using an 'svn copy' command to copy the...
Subversion (SVN) Software Detection (deprecated)
Binary data 1226.prm...
Subversion (SVN) apr_time_t Data Conversion Remote Overflow (deprecated)
Binary data 1227.prm...
Subversion (SVN) < 1.0.6 Module File Restriction Bypass (deprecated)
Binary data 1964.prm...
Subversion (SVN) < 1.0.3 Remote Buffer Overflow (deprecated)
Binary data 2117.prm...
CVE-2004-0413
libsvnrasvn in Subversion 1.0.4 trusts the length field of 1 svn://, 2 svn+ssh://, and 3 other svn protocol URL strings, which allows remote attackers to cause a denial of service memory consumption and possibly execute arbitrary code via an integer overflow that leads to a heap-based buffer...
DEBIAN-CVE-2004-0413
libsvnrasvn in Subversion 1.0.4 trusts the length field of 1 svn://, 2 svn+ssh://, and 3 other svn protocol URL strings, which allows remote attackers to cause a denial of service memory consumption and possibly execute arbitrary code via an integer overflow that leads to a heap-based buffer...
CVE-2004-0413
libsvnrasvn in Subversion 1.0.4 trusts the length field of 1 svn://, 2 svn+ssh://, and 3 other svn protocol URL strings, which allows remote attackers to cause a denial of service memory consumption and possibly execute arbitrary code via an integer overflow that leads to a heap-based buffer...
IRM Security Advisory 9
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- IRM Security Advisory No. 009 RiSearch and RiSearch ProPro are vulnerable to open FTP/HTTP proxy, directory listings and file disclosure vulnerabilities Vulnerablity Type / Importance: Network Subversion, Open Proxy, Brute-For...
Subversion < 1.0.6 mod_authz_svn Restricted File Access Bypass
You are running a version of Subversion which is older than 1.0.6. A flaw exists in older version, in the apache module modauthzsvn. An attacker can access to any file in a given subversion repository, no matter what restrictions have been set by the administrator. C Tenable Network Security, Inc...
Subversion: Vulnerability in mod_authz_svn
Background Subversion is an advanced version control system, similar to CVS, which supports additional functionality such as the ability to move, copy and delete files and directories. A Subversion server may be run as an Apache module, a standalone server svnserve, or on-demand over ssh a la CVS...
SuSE-SA:2004:018: subversion
The remote host is missing the patch for the advisory SuSE-SA:2004:018 subversion. Subversion is a version control system like the well known CVS. The subversion code is vulnerable to a remotely exploitable buffer overflow on the heap. The bug appears before any authentication took place. An...
Fedora Core 2 : subversion-1.0.6-1 (2004-231)
This update includes the latest release of Subversion, including a security fix for an issue in the modauthzsvn Apache authentication module which could allow a read restriction for a portion of the repository to be bypassed by a user who has write access to a different portion of the repository...
Fedora Core 1 : subversion-0.32.1-2 (2004-127)
Stefan Esser discovered an issue in the date parsing routines in Subversion which allows a buffer overflow. An attacker could send malicious requests to a Subversion server either Apache-based using moddavsvn, or using the svnserve daemon and perform arbitrary execution of code. The Common...
Fedora Core 2 : subversion-1.0.2-2.1 (2004-128)
Stefan Esser discovered an issue in the date parsing routines in Subversion which allows a buffer overflow. An attacker could send malicious requests to a Subversion server either Apache-based using moddavsvn, or using the svnserve daemon and perform arbitrary execution of code. The Common...
CVE-2004-0397
Stack-based buffer overflow during the aprtimet data conversion in Subversion 1.0.2 and earlier allows remote attackers to execute arbitrary code via a 1 DAV2 REPORT query or 2 get-dated-rev svn-protocol command...
DEBIAN-CVE-2004-0397
Stack-based buffer overflow during the aprtimet data conversion in Subversion 1.0.2 and earlier allows remote attackers to execute arbitrary code via a 1 DAV2 REPORT query or 2 get-dated-rev svn-protocol command...
Immunity Canvas: SVNDATE
Name| svndate ---|--- CVE| CVE-2004-0397 Exploit Pack| CANVAS Description| Subversion = 1.0.2 utf-8 Apache2/WebDAV stack vs. heap exploit Notes| CVE Name: CVE-2004-0397 VENDOR: Collabnet OSVDB: http://osvdb.org/displayvuln.php?osvdbid=6301 Repeatability: Multiple tries References:...