Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-0240

Overview

Vulnerability Score 3.5 3.5
CVE Id CVE-2009-0240
Last Modified 12 Sep 2011 10:59:53
Published 20 Jan 2009 09:30:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication SINGLE_INSTANCE

CVE-2009-0240

Summary

listing.php in WebSVN 2.0 and possibly 1.7 beta, when using an SVN authz file, allows remote authenticated users to read changelogs or diffs for restricted projects via a modified repname parameter.

Vulnerable Systems

Application

  • Tigris Websvn 2.0


References

XF - websvn-listing-information-disclosure(48171)

MLIST - [oss-security] 20090118 CVE request: WebSVN

GENTOO - GLSA-200903-20

DEBIAN - DSA-1725

SECUNIA - 34191

SECUNIA - 33945

SECUNIA - 32338

CONFIRM - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=512191


Last Updated: 27 May 2016 10:50:10