Lucene search
K

7 matches found

OpenVAS
OpenVAS
added 2009/03/13 12:0 a.m.25 views

Gentoo Security Advisory GLSA 200903-20 (websvn)

The remote host is missing updates announced in advisory GLSA 200903-20. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-only...

6.8CVSS6.5AI score0.06315EPSS
Exploits3References2
seebug.org
seebug.org
added 2009/02/19 12:0 a.m.33 views

WebSVN listing.php脚本绕过限制信息泄露漏洞

BUGTRAQ ID: 33343 CVECAN ID: CVE-2009-0240 WebSVN是用于在线查看源码库的工具。 WebSVN中的listing.php脚本在使用SVN authz文件时没有正确地限制对受限制代码库的访问,远程攻击者可以通过compare with previous和show changed files链接读取受限制项目的changelog或diff。 CollabNet WebSVN 2.0 CollabNet WebSVN 1.7 beta 厂商补丁: Debian ------ Debian已经为此发布了一个安全公告(DSA-1725-1)以及相应补丁...

3.5CVSS0.1AI score0.01599EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2009/02/17 12:0 a.m.27 views

Debian DSA-1725-1 : websvn - programming error

Bas van Schaik discovered that WebSVN, a tool to view Subversion repositories over the web, did not properly restrict access to private repositories, allowing a remote attacker to read significant parts of their content. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text an...

3.5CVSS5.4AI score0.01599EPSS
Exploits1References3
securityvulns
securityvulns
added 2009/02/16 12:0 a.m.105 views

[Full-disclosure] [SECURITY] [DSA 1725-1] New websvn packages fix information leak

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1725-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst February 15, 2009 http://www.debian.org/security/faq -...

3.5CVSS0.8AI score0.01599EPSS
Exploits1
OpenVAS
OpenVAS
added 2009/02/13 12:0 a.m.37 views

FreeBSD Ports: websvn

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

6.8CVSS6.3AI score0.06315EPSS
Exploits3References4
OpenVAS
OpenVAS
added 2009/01/23 12:0 a.m.31 views

WebSVN Script Multiple Vulnerabilities

This host is running WebSVN and is prone to Multiple Vulnerabilities. Vulnerability: Multiple flaws are due to, - input passed in the URL to index.php is not properly sanitised before being returned to the user. - input passed to the rev parameter in rss.php is not properly sanitised before being...

7.5CVSS6.3AI score0.06315EPSS
Exploits4References3
CVE
CVE
added 2009/01/21 2:0 a.m.78 views

CVE-2009-0240

CVE-2009-0240 affects WebSVN 2.0 (and possibly 1.7 beta). listing.php can expose restricted project changelogs/diffs when using an SVN authz file, via a manipulated repname parameter. Root cause is improper access control in listing.php. Impact: remote authenticated users can read restricted cont...

3.5CVSS6.1AI score0.01599EPSS
Exploits1References8Affected Software1
Rows per page
Query Builder