Описание
ViewVC before 1.1.3 composes the root listing view without using the authorizer for each root, which might allow remote attackers to discover private root names by reading this view.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | not-affected | 1.1.5-1 |
| hardy | ignored | end of life |
| intrepid | ignored | end of life, was needs-triage |
| jaunty | ignored | end of life |
| karmic | ignored | end of life |
| lucid | ignored | end of life |
| maverick | not-affected | 1.1.5-1 |
| natty | not-affected | 1.1.5-1 |
| oneiric | not-affected | 1.1.5-1 |
Показывать по
10
Ссылки на источники
5 Medium
CVSS2
Связанные уязвимости
nvd
около 16 лет назад
ViewVC before 1.1.3 composes the root listing view without using the authorizer for each root, which might allow remote attackers to discover private root names by reading this view.
debian
около 16 лет назад
ViewVC before 1.1.3 composes the root listing view without using the a ...
github
почти 4 года назад
ViewVC before 1.1.3 composes the root listing view without using the authorizer for each root, which might allow remote attackers to discover private root names by reading this view.
5 Medium
CVSS2