10 matches found
Linux Distros Unpatched Vulnerability : CVE-2013-4277
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Svnserve in Apache Subversion 1.4.0 through 1.7.12 and 1.8.0 through 1.8.1 allows local users to overwrite arbitrary files or kill arbitrary processes via a...
Mageia: Security Advisory (MGASA-2013-0275)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Gentoo Security Advisory GLSA 201309-11
Gentoo Linux Local Security Checks GLSA 201309-11 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...
Apache Subversion 1.4.x - 1.7.12 / 1.8.x < 1.8.3 Multiple Symlink File Overwrite Vulnerabilities
The version of Subversion Server installed on the remote host is prior to version 1.8.3. It is, therefore, affected by multiple symlink file overwrite vulnerabilities : - An error exists in the function 'handleoptions' in the file 'svnwcsub.py' that could allow a local attacker to use a symlink...
Mandriva Linux Security Advisory : subversion (MDVSA-2013:236)
Updated subversion package fixes security vulnerability : svnserve takes a --pid-file option which creates a file containing the process id it is running as. It does not take steps to ensure that the file it has been directed at is not a symlink. If the pid file is in a directory writeable by...
CVE-2013-4277
Svnserve in Apache Subversion 1.4.0 through 1.7.12 and 1.8.0 through 1.8.1 allows local users to overwrite arbitrary files or kill arbitrary processes via a symlink attack on the file specified by the --pid-file option...
CVE-2013-4277
Svnserve in Apache Subversion 1.4.0 through 1.7.12 and 1.8.0 through 1.8.1 allows local users to overwrite arbitrary files or kill arbitrary processes via a symlink attack on the file specified by the --pid-file option...
CVE-2013-4277
CVE-2013-4277 affects Svnserve in Apache Subversion; affected versions are 1.4.0–1.7.12 and 1.8.0–1.8.1. Local users can overwrite arbitrary files or kill arbitrary processes via a symlink attack on the file specified by the --pid-file option. Root cause: symlink race on pid-file handling. Impact...
Updated subversion package fixes security vulnerability.
svnserve takes a --pid-file option which creates a file containing the process id it is running as. It does not take steps to ensure that the file it has been directed at is not a symlink. If the pid file is in a directory writeable by unprivileged users, the destination could be replaced by a...
Fedora Update for subversion FEDORA-2013-15717
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...