Lucene search
Ubuntu.comUB:CVE-2013-4277HistorySep 16, 2013 - 12:00 a.m.
CVE-2013-4277
2013-09-1600:00:00
ubuntu.com
ubuntu.com
8
3.3 Low
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:N/I:P/A:P
0.0004 Low
EPSS
Percentile
5.2%
Svnserve in Apache Subversion 1.4.0 through 1.7.12 and 1.8.0 through 1.8.1
allows local users to overwrite arbitrary files or kill arbitrary processes
via a symlink attack on the file specified by the --pid-file option.
Bugs
Notes
| Author | Note |
|---|---|
| mdeslaur | pid file is not created by default on Ubuntu. This is only an issue if someone specifies a pid file in an insecure location. as such, we will not be fixing this. |
Related
nessus
nessus
Slackware 14.0 / current : subversion (SSA:2013-251-01)
2013-09-10 00:00:00
Mandriva Linux Security Advisory : subversion (MDVSA-2013:236)
2013-09-18 00:00:00
Fedora 19 : subversion-1.7.13-1.fc19 (2013-15717)
2013-09-08 00:00:00
fedora
fedora
[SECURITY] Fedora 19 Update: subversion-1.7.13-1.fc19
2013-09-08 00:33:23
openvas
openvas
Fedora Update for subversion FEDORA-2013-15717
2013-09-12 00:00:00
Slackware: Security Advisory (SSA:2013-251-01)
2022-04-21 00:00:00
Fedora Update for subversion FEDORA-2013-15717
2013-09-12 00:00:00
securityvulns
securityvulns
[slackware-security] subversion (SSA:2013-251-01)
2013-09-11 00:00:00
Subversion symbolic links vulnerabilitiy
2013-09-11 00:00:00
freebsd
freebsd
debiancve
debiancve
CVE-2013-4277
2013-09-16 19:14:00
prion
prion
Design/Logic Flaw
2013-09-16 19:14:00
cve
cve
CVE-2013-4277
2013-09-16 19:14:00
slackware
slackware
[slackware-security] subversion
2013-09-09 07:00:05
cvelist
cvelist
CVE-2013-4277
2013-09-16 19:00:00
mageia
mageia
Updated subversion package fixes security vulnerability.
2013-09-14 00:14:09
gentoo
gentoo
Subversion: Multiple vulnerabilities
2013-09-23 00:00:00
3.3 Low
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:N/I:P/A:P
0.0004 Low
EPSS
Percentile
5.2%
Related for UB:CVE-2013-4277