3 matches found
subversion: (mod_dav_svn) spoofing svn:author property values for new revisions
It was found that the moddavsvn module did not properly validate the svn:author property of certain requests. An attacker able to create new revisions could use this flaw to spoof the svn:author property...
subversion: (mod_dav_svn) spoofing svn:author property values for new revisions
It was found that the moddavsvn module did not properly validate the svn:author property of certain requests. An attacker able to create new revisions could use this flaw to spoof the svn:author property...
Apache Subversion mod_dav_svn server new revision svn:author attribute value spoofing vulnerability
Subversion is an open source multi-user version control system that supports non-ASCII text and binary data. The Subversion moddavsvn server allows arbitrary setting of the svn:author attribute value when submitting new revisions. This allows an attacker to use a carefully constructed sequence of...