6 matches found
SUSE CVE-2008-1290
ViewVC before 1.0.5 includes "all-forbidden" files within search results that list CVS or Subversion SVN commits, which allows remote attackers to obtain sensitive information...
openSUSE Security Update : viewvc (viewvc-48)
This update of viewvc fixes multiple vulnerabilities. - CVE-2008-1290: list CVS or SVN commits on 'all-forbidden' files - CVE-2008-1291: directly access hidden CVSROOT folders - CVE-2008-1292: expose restricted content via the revision view, the log history, or the diff view %NASLMINLEVEL 70300 C...
Gentoo Security Advisory GLSA 200803-29 (viewvc)
The remote host is missing updates announced in advisory GLSA 200803-29. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
openSUSE 10 Security Update : viewvc (viewvc-5358)
This update of viewvc fixes multiple vulnerabilities. - CVE-2008-1290: list CVS or SVN commits on 'all-forbidden' files - CVE-2008-1291: directly access hidden CVSROOT folders - CVE-2008-1292: expose restricted content via the revision view, the log history, or the diff view %NASLMINLEVEL 70300 C...
CVE-2008-1290
CVE-2008-1290 affects ViewVC before 1.0.5, where the search results may include "all-forbidden" files that list CVS/SVN commits. The underlying issue exposes sensitive information through these files, enabling remote disclosure of data. Public advisories (Red Hat, openSUSE/SUSE, Gentoo/OpenVAS en...
[ GLSA 200803-29 ] ViewVC: Multiple vulnerabilities
Gentoo Linux Security Advisory GLSA 200803-29 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity:...