Lucene search
Arch LinuxASA-201606-6HistoryJun 08, 2016 - 12:00 a.m.
subversion: multiple issues
2016-06-0800:00:00
Arch Linux
lists.archlinux.org
22
EPSS
0.084
Percentile
94.4%
- CVE-2016-2167 (authentication restriction bypass)
The canonicalize_username function in svnserve/cyrus_auth.c, when Cyrus
SASL authentication is used, allows remote attackers to authenticate
and bypass intended access restrictions via a realm string that is a
prefix of an expected repository realm string.
- CVE-2016-2168 (denial of service)
The req_check_access function in the mod_authz_svn module in the httpd
server allows remote authenticated users to cause a denial of service
(NULL pointer dereference and crash) via a crafted header in a (1) MOVE
or (2) COPY request, involving an authorization check.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| any | any | any | subversion | < 1.9.4-1 | UNKNOWN |
Related
mageia
mageia
Updated subversion packages fix security vulnerabilities
2016-05-05 12:05:33
amazon
amazon
Medium: subversion
2016-06-02 18:08:00
Medium: mod_dav_svn
2016-06-02 18:09:00
osv
osv
subversion - security update
2016-04-29 00:00:00
subversion - security update
2016-05-01 00:00:00
libsvn_auth_gnome_keyring-1-0-1.9.5-1.1 on GA media
2024-06-15 00:00:00
freebsd
freebsd
subversion -- multiple vulnerabilities
2016-04-21 00:00:00
openvas
openvas
Mageia: Security Advisory (MGASA-2016-0161)
2016-05-09 00:00:00
Debian Security Advisory DSA 3561-1 (subversion - security update)
2016-04-29 00:00:00
Debian: Security Advisory (DLA-448-1)
2023-03-08 00:00:00
kaspersky
kaspersky
KLA10808 Multiple vulnerabilities in Apache Subversion
2016-05-05 00:00:00
nessus
nessus
Amazon Linux AMI : subversion (ALAS-2016-709)
2016-06-06 00:00:00
Apache Subversion 1.8.x < 1.8.16 / 1.9.x < 1.9.4 Multiple Vulnerabilities
2016-02-05 00:00:00
Debian DSA-3561-1 : subversion - security update
2016-05-02 00:00:00
fedora
fedora
[SECURITY] Fedora 23 Update: subversion-1.9.4-1.fc23
2016-05-12 07:32:42
[SECURITY] Fedora 24 Update: subversion-1.9.4-1.fc24
2016-05-10 11:50:37
debian
debian
[SECURITY] [DLA 448-1] subversion security update
2016-05-01 02:26:52
[SECURITY] [DSA 3561-1] subversion security update
2016-04-29 13:04:16
[SECURITY] [DSA 3561-1] subversion security update
2016-04-29 13:04:16
slackware
slackware
[slackware-security] subversion
2016-04-30 20:34:18
ubuntu
ubuntu
Subversion vulnerabilities
2017-10-24 00:00:00
Subversion vulnerabilities
2017-08-11 00:00:00
debiancve
debiancve
CVE-2016-2167
2016-05-05 18:59:00
CVE-2016-2168
2016-05-05 18:59:01
cvelist
cvelist
CVE-2016-2167
2016-05-05 18:00:00
CVE-2016-2168
2016-05-05 18:00:00
nvd
nvd
CVE-2016-2168
2016-05-05 18:59:01
CVE-2016-2167
2016-05-05 18:59:00
prion
prion
Null pointer dereference
2016-05-05 18:59:00
Design/Logic Flaw
2016-05-05 18:59:00
cve
cve
CVE-2016-2167
2016-05-05 18:59:00
CVE-2016-2168
2016-05-05 18:59:01
ubuntucve
ubuntucve
CVE-2016-2168
2016-05-05 00:00:00
CVE-2016-2167
2016-05-05 00:00:00
photon
photon
cloudfoundry
cloudfoundry
USN-3388-1: Subversion vulnerabilities | Cloud Foundry
2017-08-17 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1979
2021-07-02 18:11:52
suse
suse
Security update for subversion (important)
2017-08-17 12:10:12
gentoo
gentoo
Subversion, Serf: Multiple Vulnerabilities
2016-10-11 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - October 2020
2020-10-20 00:00:00