CVE-2009-0240
First published: Wed Jan 21 2009(Updated: )
listing.php in WebSVN 2.0 and possibly 1.7 beta, when using an SVN authz file, allows remote authenticated users to read changelogs or diffs for restricted projects via a modified repname parameter.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Tigris Websvn | =2.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.openwall.com/lists/oss-security/2009/01/18/2
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=512191
- http://secunia.com/advisories/32338
- http://www.gentoo.org/security/en/glsa/glsa-200903-20.xml
- http://secunia.com/advisories/34191
- http://www.debian.org/security/2009/dsa-1725
- http://secunia.com/advisories/33945
- https://exchange.xforce.ibmcloud.com/vulnerabilities/48171
- collector/nvd-historical
- collector/nvd-index
- agent/author
- agent/description
- agent/event
- agent/last-modified-date
- agent/references
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/type
- agent/weakness
- vendor/tigris
- canonical/tigris websvn
- version/tigris websvn/2.0