3 matches found
SUSE CVE-2010-0005
query.py in the query interface in ViewVC before 1.1.3 does not reject configurations that specify an unsupported authorizer for a root, which might allow remote attackers to bypass intended access restrictions via a query...
CVE-2010-0005
query.py in the query interface in ViewVC before 1.1.3 does not reject configurations that specify an unsupported authorizer for a root, which might allow remote attackers to bypass intended access restrictions via a query...
openSUSE Security Update : viewvc (viewvc-1859)
The viewvc update fixes the following security problems : - add root listing support of per-root authz config CVE-2010-0004. - query.py requires 'forbidden' authorizer or none in config CVE-2010-0005. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in...