10 matches found
Medium: subversion
Issue Overview: The isthislegal function in moddontdothat for Apache Subversion 1.4.0 through 1.7.13 and 1.8.0 through 1.8.4 allows remote attackers to bypass intended access restrictions and possibly cause a denial of service resource consumption via a relative URL in a REPORT request. The...
CVE-2013-4558
The getparentresource function in repos.c in moddavsvn Apache HTTPD server module in Subversion 1.7.11 through 1.7.13 and 1.8.1 through 1.8.4, when built with assertions enabled and SVNAutoversioning is enabled, allows remote attackers to cause a denial of service assertion failure and Apache...
CVE-2013-4558
The getparentresource function in repos.c in moddavsvn Apache HTTPD server module in Subversion 1.7.11 through 1.7.13 and 1.8.1 through 1.8.4, when built with assertions enabled and SVNAutoversioning is enabled, allows remote attackers to cause a denial of service assertion failure and Apache...
CVE-2013-4558
The getparentresource function in repos.c in moddavsvn Apache HTTPD server module in Subversion 1.7.11 through 1.7.13 and 1.8.1 through 1.8.4, when built with assertions enabled and SVNAutoversioning is enabled, allows remote attackers to cause a denial of service assertion failure and Apache...
Updated subversion package fixes security vulnerabilities
moddontdothat allows you to block update REPORT requests against certain paths in the repository. It expects the paths in the REPORT request to be absolute URLs. Serf based clients send relative URLs instead of absolute URLs in many cases. As a result these clients are not blocked as configured b...
FreeBSD : subversion -- multiple vulnerabilities (e3244a7b-5603-11e3-878d-20cf30e32f6d)
Subversion Project reports : moddontdothat does not restrict requests from serf based clients moddontdothat allows you to block update REPORT requests against certain paths in the repository. It expects the paths in the REPORT request to be absolute URLs. Serf based clients send relative URLs...
subversion -- multiple vulnerabilities
Subversion Project reports: moddontdothat does not restrict requests from serf based clients moddontdothat allows you to block update REPORT requests against certain paths in the repository. It expects the paths in the REPORT request to be absolute URLs. Serf based clients send relative URLs...
MPack with virtual hosting and PHP security-vulnerability warning-the black bar safety net
MPack is by a self-proclaimed "Dream Coders Team" of the organization development of the PHP program, which contain a number of the latest exploit code can be used to manipulate the distal end of attacks on Panda Labs at the end of last year when for the first time found that, at the time someone...
Invision Power Board Privilege Esaclation (2.0.1 + more)
--------- Title: Invision Power Board --------- Version: 2.0.1 maybe more --------- Severity: Low --------- Info: Invision Board Admin able to execute arbitrary code as uid of the apache process. ---------- Bugs: 1 Fails to jail location of Task Managers scripts and allows directory traversal. 2...
[Full-disclosure] Invision Power Board Privilege Escalation (2.0.1 + more)
--------- Title: Invision Power Board --------- Version: 2.0.1 maybe more --------- Severity: Low --------- Info: Invision Board Admin able to execute arbitrary code as uid of the apache process. ---------- Bugs: 1 Fails to jail location of Task Managers scripts and allows directory traversal. 2...