Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

Gentoo: GLSA-200407-20 Low Severity: Subversion Access Bypass

gentoo
Calendar Grey July 26, 2004
Dist Gentoo Esm H88
Gentoo GLSA 202210-45 highlights a minor severity information exposure flaw affecting mod_authz_svn, allowing unauthorized access through Subversion.
Users with write access to parts of a Subversion repository may bypass read restrictions in mod_authz_svn and read any part of the repository they wish

Summary

Gentoo Linux Security Advisory GLSA 200407-20 https://security.gentoo.org/ Severity: Low Title: Subversion: Vulnerability in mod_authz_svn Date: July 26, 2004 Bugs: #57747 ID: 200407-20

Synopsis ======= Users with write access to parts of a Subversion repository may bypass read restrictions in mod_authz_svn and read any part of the repository they wish.
Background ========= Subversion is an advanced version control system, similar to CVS, which supports additional functionality such as the ability to move, copy and delete files and directories. A Subversion server may be run as an Apache module, a standalone server (svnserve), or on-demand over ssh (a la CVS' ":ext:" protocol). The mod_authz_svn Apache module works with Subversion in Apache to limit access to parts of Subversion repositories based on policy set by the administrator.
Affected packages ================ ----------------...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory subversion gentoo access control low severity information disclosure mod_authz_svn

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Severity
low
Lowest
Low
Medium
High
Critical

Topics%20covered

Topics Covered

security advisory subversion gentoo access control low severity information disclosure mod_authz_svn

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround

Your message here