Описание
The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x and 1.6.x before 1.6.17, when the SVNPathAuthz short_circuit option is disabled, does not properly enforce permissions for files that had been publicly readable in the past, which allows remote attackers to obtain sensitive information via a replay REPORT operation.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 1.6.12dfsg-4ubuntu5 |
| hardy | ignored | end of life |
| lucid | released | 1.6.6dfsg-2ubuntu1.3 |
| maverick | released | 1.6.12dfsg-1ubuntu1.3 |
| natty | released | 1.6.12dfsg-4ubuntu2.1 |
| upstream | released | 1.6.17 |
Показывать по
EPSS
4.3 Medium
CVSS2
Связанные уязвимости
The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x and 1.6.x before 1.6.17, when the SVNPathAuthz short_circuit option is disabled, does not properly enforce permissions for files that had been publicly readable in the past, which allows remote attackers to obtain sensitive information via a replay REPORT operation.
The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x and 1.6.x before 1.6.17, when the SVNPathAuthz short_circuit option is disabled, does not properly enforce permissions for files that had been publicly readable in the past, which allows remote attackers to obtain sensitive information via a replay REPORT operation.
The mod_dav_svn module for the Apache HTTP Server, as distributed in A ...
The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x and 1.6.x before 1.6.17, when the SVNPathAuthz short_circuit option is disabled, does not properly enforce permissions for files that had been publicly readable in the past, which allows remote attackers to obtain sensitive information via a replay REPORT operation.
EPSS
4.3 Medium
CVSS2