Lucene search
K

4 matches found

Prion
Prion
added 2014/07/28 7:55 p.m.14 views

Code injection

The daemonize.py module in Subversion 1.8.0 before 1.8.2 allows local users to gain privileges via a symlink attack on the pid file created for 1 svnwcsub.py or 2 irkerbridge.py when the --pidfile option is used. NOTE: this issue was SPLIT from CVE-2013-4262 based on different affected versions...

2.4CVSS6.9AI score0.00613EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2014/07/28 7:0 p.m.61 views

CVE-2013-4262

CVE-2013-4262 concerns Subversion 1.8.0–1.8.3 where the --pidfile option, used with svnwcsub.py, permits local privilege escalation via a symlink attack on the pid file when running in foreground. The related CVE-2013-7393 covers the daemonize.py path that enables privilege gains for either svnwc...

2.4CVSS6.3AI score0.00613EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2013/12/20 12:0 a.m.31 views

Apache Subversion 1.4.x - 1.7.12 / 1.8.x < 1.8.3 Multiple Symlink File Overwrite Vulnerabilities

The version of Subversion Server installed on the remote host is prior to version 1.8.3. It is, therefore, affected by multiple symlink file overwrite vulnerabilities : - An error exists in the function 'handleoptions' in the file 'svnwcsub.py' that could allow a local attacker to use a symlink...

3.3CVSS8.4AI score0.00688EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2013/08/29 5:0 p.m.27 views

CVE-2013-4262

svnwcsub.py in Subversion 1.8.0 before 1.8.3, when using the --pidfile option and running in foreground mode, allows local users to gain privileges via a symlink attack on the pid file. NOTE: this issue was SPLIT due to different affected versions ADT3. The irkerbridge.py issue is covered by...

2.4CVSS7.2AI score0.00613EPSS
Exploits0References1
Rows per page
Query Builder