Описание
authz.c in the mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x before 1.5.8 and 1.6.x before 1.6.13, when SVNPathAuthz short_circuit is enabled, does not properly handle a named repository as a rule scope, which allows remote authenticated users to bypass intended access restrictions via svn commands.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | not-affected | 1.3.1-3ubuntu1.2 |
| devel | not-affected | 1.6.12dfsg-2ubuntu1 |
| hardy | not-affected | 1.4.6dfsg1-2ubuntu1.1 |
| jaunty | ignored | end of life |
| karmic | released | 1.6.5dfsg-1ubuntu1.1 |
| lucid | released | 1.6.6dfsg-2ubuntu1.1 |
| maverick | released | 1.6.12dfsg-1ubuntu1.1 |
| upstream | released | 1.5.8,1.6.13,1.6.12dfsg-2 |
Показывать по
6 Medium
CVSS2
Связанные уязвимости
authz.c in the mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x before 1.5.8 and 1.6.x before 1.6.13, when SVNPathAuthz short_circuit is enabled, does not properly handle a named repository as a rule scope, which allows remote authenticated users to bypass intended access restrictions via svn commands.
authz.c in the mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x before 1.5.8 and 1.6.x before 1.6.13, when SVNPathAuthz short_circuit is enabled, does not properly handle a named repository as a rule scope, which allows remote authenticated users to bypass intended access restrictions via svn commands.
authz.c in the mod_dav_svn module for the Apache HTTP Server, as distr ...
authz.c in the mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x before 1.5.8 and 1.6.x before 1.6.13, when SVNPathAuthz short_circuit is enabled, does not properly handle a named repository as a rule scope, which allows remote authenticated users to bypass intended access restrictions via svn commands.
6 Medium
CVSS2