Gentoo Linux Security Advisory 201309-11 - Multiple vulnerabilities have been found in Subversion, allowing attackers to cause a Denial of Service, escalate privileges, or obtain sensitive information. Versions less than 1.7.13 are affected.
bfe40a4d66f395924c269877ddf68f495d3d3de142a58bf24a97c981c9b7c9d4Mandriva Linux Security Advisory 2011-067 - The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.16, allows remote attackers to cause a denial of service via a request that contains a lock token. Additionally for Corporate Server 4 and Enterprise Server 5 subversion have been upgraded to the 1.6.16 version due to of numerous upstream fixes and new features, the serf packages has also been upgraded to the now required 0.3.0 version.
3cec616a438351034abd1c3dda5c73b15ac0e5c808ea9988cf3f894ae6f07cdaUbuntu Security Notice 1096-1 - Philip Martin discovered that the Subversion mod_dav_svn module for Apache did not properly handle certain requests containing a lock token. A remote attacker could use this flaw to cause the service to crash, leading to a denial of service.
caf09d37d15cd9024d30be254cdbcd8d0dec859eca34954ae6628f15010273e9Debian Linux Security Advisory 2182-1 - Dominik George discovered that logwatch does not guard against shell meta-characters in crafted log file names (such as those produced by Samba). As a result, an attacker might be able to execute shell commands on the system running logwatch.
548c3405f723bbc0a955c810f5dbbc1ee409bd46f33395e87ee981bc1dff36bcDebian Linux Security Advisory 2181-1 - Philip Martin discovered that HTTP-based Subversion servers crash when processing lock requests on repositories which support unauthenticated read access.
e279a1bcfe680594e3d3bf9362b9c8c66ae64ddd00c4ec601e1ee978f8fea16d
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed