Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:12025
HistoryAug 11, 2009 - 12:00 a.m.

Subversion libsvn_delta库整数溢出漏洞

2009-08-1100:00:00
Root
www.seebug.org
11

0.052 Low

EPSS

Percentile

92.2%

JSON

BUGTRAQ ID: 35983
CVE(CAN) ID: CVE-2009-2411

Subversion是一款开放源码的多用户版本控制系统,支持非ASCII 文本和二进制数据。

Subversion的libsvn_delta库没有充分地验证svndiff流,处理带有超大窗口的流可能触发最终可导致堆溢出的整数溢出漏洞。拥有对代码库commit访问权限的攻击者可以利用这个漏洞在Subversion Server服务器上执行任意代码。

Subversion Subversion < 1.5.7
Subversion Subversion 1.6.0 - 1.6.3
厂商补丁:

Subversion

目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:

http://subversion.tigris.org/

Related

openvas 30
nessus 19
centos 1
slackware 1
freebsd 1
oraclelinux 1
redhat 1
altlinux 1
gentoo 1
veracode 1
fedora 2
debian 1
ubuntu 1
ubuntucve 1
prion 1
securityvulns 2
suse 1
debiancve 1
cve 1
openvas
openvas
CentOS Update for mod_dav_svn CESA-2009:1203 centos5 i386
2011-08-09 00:00:00
CentOS Security Advisory CESA-2009:1203 (subversion)
2009-08-17 00:00:00
RedHat Security Advisory RHSA-2009:1203
2009-08-17 00:00:00
nessus
nessus
RHEL 4 / 5 : subversion (RHSA-2009:1203)
2009-08-11 00:00:00
Oracle Linux 4 / 5 : subversion (ELSA-2009-1203)
2013-07-12 00:00:00
Debian DSA-1855-1 : subversion - heap overflow
2010-02-24 00:00:00
centos
centos
mod_dav_svn, subversion security update
2009-08-11 21:17:40
slackware
slackware
subversion
2009-08-07 00:58:39
freebsd
freebsd
subversion -- heap overflow vulnerability
2009-08-06 00:00:00
oraclelinux
oraclelinux
subversion security update
2009-08-10 00:00:00
redhat
redhat
(RHSA-2009:1203) Important: subversion security update
2009-08-10 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 5 package subversion version 1.6.4-alt1
2009-08-18 00:00:00
gentoo
gentoo
Subversion: Remote execution of arbitrary code
2009-08-18 00:00:00
veracode
veracode
Remote Code Execution(RCE)
2020-04-10 00:39:59
fedora
fedora
[SECURITY] Fedora 10 Update: subversion-1.6.4-2.fc10
2009-08-10 21:48:46
[SECURITY] Fedora 11 Update: subversion-1.6.4-2.fc11
2009-08-10 21:53:56
debian
debian
[SECURITY] [DSA 1855-1] New subversion packages fix arbitrary code execution
2009-08-08 19:07:27
ubuntu
ubuntu
Subversion vulnerability
2009-08-08 00:00:00
ubuntucve
ubuntucve
CVE-2009-2411
2009-08-07 00:00:00
prion
prion
Integer overflow
2009-08-07 19:30:00
securityvulns
securityvulns
Subversion / APR multiple buffer overflows
2009-08-08 00:00:00
Subversion heap overflow
2009-08-08 00:00:00
suse
suse
remote code execution in subversion
2009-08-14 11:06:32
debiancve
debiancve
CVE-2009-2411
2009-08-07 19:30:00
cve
cve
CVE-2009-2411
2009-08-07 19:30:00

0.052 Low

EPSS

Percentile

92.2%

JSON
Related for SSV:12025
openvas30nessus19centos1slackware1freebsd1oraclelinux1redhat1altlinux1gentoo1veracode1fedora2debian1ubuntu1ubuntucve1prion1securityvulns2suse1debiancve1cve1