5.5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:P/A:P
subversion is vulnerable to authorization bypass. The vulnerability exists as through the way Subversion handled file names with newline characters when the FSFS repository format was used. An attacker with commit access to an SVN repository could corrupt a revision by committing a specially crafted file.
lists.opensuse.org/opensuse-updates/2013-07/msg00015.html
mail-archives.apache.org/mod_mbox/subversion-announce/201305.mbox/%3CCADkdwvRK51pQsybfvsAzjxQJrmVpL0fEa1K4WGkUP9Tzz6KFDw%40mail.gmail.com%3E
mail-archives.apache.org/mod_mbox/subversion-announce/201305.mbox/%3CCADkdwvTxsMFeHgc8bK2V-2PrSrKoBffTi8%2BxbHA5tocrrewWew%40mail.gmail.com%3E
rhn.redhat.com/errata/RHSA-2014-0255.html
www.debian.org/security/2013/dsa-2703
www.ubuntu.com/usn/USN-1893-1
access.redhat.com/errata/RHSA-2014:0255
access.redhat.com/security/updates/classification/#moderate
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18986
subversion.apache.org/security/CVE-2013-1968-advisory.txt
subversion.apache.org/security/CVE-2013-2112-advisory.txt
subversion.apache.org/security/CVE-2014-0032-advisory.txt