Описание
Apache Subversion 1.0.0 through 1.7.x before 1.7.17 and 1.8.x before 1.8.10 uses an MD5 hash of the URL and authentication realm to store cached credentials, which makes it easier for remote servers to obtain the credentials via a crafted authentication realm.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 1.8.10-1ubuntu1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [1.8.8-1ubuntu3.1]] |
| lucid | ignored | end of life |
| precise | released | 1.6.17dfsg-3ubuntu3.4 |
| trusty | released | 1.8.8-1ubuntu3.1 |
| trusty/esm | DNE | trusty was released [1.8.8-1ubuntu3.1] |
| upstream | released | 1.7.18,1.8.10 |
Показывать по
EPSS
4 Medium
CVSS2
Связанные уязвимости
Apache Subversion 1.0.0 through 1.7.x before 1.7.17 and 1.8.x before 1.8.10 uses an MD5 hash of the URL and authentication realm to store cached credentials, which makes it easier for remote servers to obtain the credentials via a crafted authentication realm.
Apache Subversion 1.0.0 through 1.7.x before 1.7.17 and 1.8.x before 1.8.10 uses an MD5 hash of the URL and authentication realm to store cached credentials, which makes it easier for remote servers to obtain the credentials via a crafted authentication realm.
Apache Subversion 1.0.0 through 1.7.x before 1.7.17 and 1.8.x before 1 ...
Apache Subversion 1.0.0 through 1.7.x before 1.7.17 and 1.8.x before 1.8.10 uses an MD5 hash of the URL and authentication realm to store cached credentials, which makes it easier for remote servers to obtain the credentials via a crafted authentication realm.
Уязвимость программного обеспечения Apache Subversion, позволяющая удаленному злоумышленнику нарушить конфиденциальность и целостность защищаемой информации
EPSS
4 Medium
CVSS2