Lucene search
K

9 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 6:1 a.m.5 views

SUSE CVE-2009-5024

ViewVC before 1.1.11 allows remote attackers to bypass the cvsdb rowlimit configuration setting, and consequently conduct resource-consumption attacks, via the limit parameter, as demonstrated by a "query revision history" request...

5CVSS7AI score0.02644EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.20 views

openSUSE Security Update : viewvc (openSUSE-SU-2011:0529-1)

cvsdb.py in viewvc did not honor an admin defined row limit which could cause high load on the database server. viewvc was updated to version 1.1.11 which fixes the issue CVE-2009-5024. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin wer...

5CVSS5.3AI score0.02644EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.16 views

openSUSE Security Update : viewvc (openSUSE-SU-2011:0529-1)

cvsdb.py in viewvc did not honor an admin defined row limit which could cause high load on the database server. viewvc was updated to version 1.1.11 which fixes the issue CVE-2009-5024. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin wer...

5CVSS5.3AI score0.02644EPSS
Exploits0References3
securityvulns
securityvulns
added 2012/10/29 12:0 a.m.56 views

[SECURITY] [DSA 2563-1] viewvc security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2563-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst October 23, 2012 http://www.debian.org/security/faq -...

5CVSS1.7AI score0.03085EPSS
Exploits0
OpenVAS
OpenVAS
added 2012/10/29 12:0 a.m.26 views

Debian: Security Advisory (DSA-2563-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS6.4AI score0.03085EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2012/10/24 12:0 a.m.21 views

Debian DSA-2563-1 : viewvc - several vulnerabilities

Several vulnerabilities were found in ViewVC, a web interface for CVS and Subversion repositories. - CVE-2009-5024 Remote attackers can bypass the cvsdb rowlimit configuration setting, and consequently conduct resource-consumption attacks via the limit parameter. - CVE-2012-3356 The remote...

5CVSS4.6AI score0.03085EPSS
Exploits0References10
Debian
Debian
added 2012/10/23 4:59 p.m.23 views

[SECURITY] [DSA 2563-1] viewvc security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2563-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst October 23, 2012 http://www.debian.org/security/faq -...

5CVSS6.5AI score0.03085EPSS
Exploits0
OpenVAS
OpenVAS
added 2011/06/03 12:0 a.m.16 views

Fedora Update for viewvc FEDORA-2011-7222

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

5CVSS6.5AI score0.02644EPSS
Exploits0References2
CVE
CVE
added 2011/05/23 10:0 p.m.67 views

CVE-2009-5024

CVE-2009-5024 affects ViewVC (CVS/Subversion web interface). The root cause: cvsdb.py did not honor an admin-defined row limit, enabling remote attackers to trigger resource consumption via the limit parameter, e.g., in the “query revision history” operation. Impact is elevated load on the databa...

5CVSS6.5AI score0.02644EPSS
Exploits0References8Affected Software1
Rows per page
Query Builder