Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-1290

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2008-1290
Last Modified 20 Aug 2009 01:14:20
Published 24 Mar 2008 01:44:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-1290

Summary

ViewVC before 1.0.5 includes "all-forbidden" files within search results that list CVS or Subversion (SVN) commits, which allows remote attackers to obtain sensitive information.

Vulnerable Systems

Application

  • Viewvc 1.0.2

  • Viewvc 1.0.3


References

BID - 28055

VUPEN - ADV-2008-0734

CONFIRM - http://viewvc.tigris.org/source/browse/viewvc/trunk/CHANGES?rev=HEAD

GENTOO - GLSA-200803-29

SECUNIA - 29460

SECUNIA - 29176

CONFIRM - http://bugs.gentoo.org/show_bug.cgi?id=212288

CONFIRM - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=471380


Last Updated: 27 May 2016 10:47:06