what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 4 of 4 RSS Feed

CVE-2015-3184

Status Candidate

Overview

mod_authz_svn in Apache Subversion 1.7.x before 1.7.21 and 1.8.x before 1.8.14, when using Apache httpd 2.4.x, does not properly restrict anonymous access, which allows remote anonymous users to read hidden files via the path name.

Related Files

Gentoo Linux Security Advisory 201610-05
Posted Oct 12, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201610-5 - Multiple vulnerabilities have been found in Subversion and Serf, the worst of which could lead to execution of arbitrary code. Versions less than 1.9.4 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2014-0032, CVE-2014-3504, CVE-2014-3522, CVE-2014-3528, CVE-2015-0202, CVE-2015-0248, CVE-2015-0251, CVE-2015-3184, CVE-2015-3187, CVE-2015-5259, CVE-2016-2167, CVE-2016-2168
SHA-256 | 6fc3d8b062f4dd9dd7a5b8d8121065ad62aa138fd8e27bec35dc5e71fb9cd7e8
Apple Security Advisory 2016-03-21-4
Posted Mar 22, 2016
Authored by Apple | Site apple.com

Apple Security Advisory 2016-03-21-4 - Xcode 7.3 is now available and addresses multiple code execution vulnerabilities.

tags | advisory, vulnerability, code execution
systems | apple
advisories | CVE-2015-3184, CVE-2015-3187, CVE-2016-1765
SHA-256 | d45002641c3c19bee4fdec1c1a6e76827a26858fe07d85b7bd61d992c80bdafa
Red Hat Security Advisory 2015-1742-01
Posted Sep 8, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1742-01 - Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. The mod_dav_svn module is used with the Apache HTTP Server to allow access to Subversion repositories via HTTP. An assertion failure flaw was found in the way the SVN server processed certain requests with dynamically evaluated revision numbers. A remote attacker could use this flaw to cause the SVN server to crash.

tags | advisory, remote, web
systems | linux, redhat
advisories | CVE-2015-0248, CVE-2015-0251, CVE-2015-3184, CVE-2015-3187
SHA-256 | 5598afe1762e5d2f9730eef6f62ee1c4319359beffb6f3ee693c7c00a2399fd6
Ubuntu Security Notice USN-2721-1
Posted Aug 21, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2721-1 - It was discovered that the Subversion mod_dav_svn module incorrectly handled REPORT requests for a resource that does not exist. A remote attacker could use this issue to cause the server to crash, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. It was discovered that the Subversion mod_dav_svn module incorrectly handled requests requiring a lookup for a virtual transaction name that does not exist. A remote attacker could use this issue to cause the server to crash, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2014-3580, CVE-2014-8108, CVE-2015-0202, CVE-2015-0248, CVE-2015-0251, CVE-2015-3184, CVE-2015-3187
SHA-256 | bf924d06c07de07ad62f90ddaca26ec6d2f16b7478d76f99c2a041bc556bda43
Page 1 of 1
Back1Next

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    30 Files
  • 16
    Apr 16th
    10 Files
  • 17
    Apr 17th
    22 Files
  • 18
    Apr 18th
    45 Files
  • 19
    Apr 19th
    8 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    11 Files
  • 23
    Apr 23rd
    68 Files
  • 24
    Apr 24th
    23 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close