Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveMitreCVE-2004-0749
HistoryDec 23, 2004 - 5:00 a.m.

CVE-2004-0749

2004-12-2305:00:00
mitre
web.nvd.nist.gov
33
mod_authz_svn
subversion 1.0.7
vulnerability
remote access
sensitive information
nvd
cve-2004-0749

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.4

Confidence

Low

EPSS

0.029

Percentile

90.8%

JSON

The mod_authz_svn module in Subversion 1.0.7 and earlier does not properly restrict access to all metadata on unreadable paths, which could allow remote attackers to gain sensitive information via (1) svn log -v, (2) svn propget, or (3) svn blame, and other commands that follow renames.

Affected configurations

Nvd
Node
subversionsubversionMatch1.0
OR
subversionsubversionMatch1.0.1
OR
subversionsubversionMatch1.0.2
OR
subversionsubversionMatch1.0.3
OR
subversionsubversionMatch1.0.4
OR
subversionsubversionMatch1.0.5
OR
subversionsubversionMatch1.0.6
OR
subversionsubversionMatch1.0.7
OR
subversionsubversionMatch1.1.0_rc1
OR
subversionsubversionMatch1.1.0_rc2
OR
subversionsubversionMatch1.1.0_rc3
Node
gentoolinuxMatch0.5
OR
gentoolinuxMatch0.7
OR
gentoolinuxMatch1.1a
OR
gentoolinuxMatch1.2
OR
gentoolinuxMatch1.4
OR
gentoolinuxMatch1.4rc1
OR
gentoolinuxMatch1.4rc2
OR
gentoolinuxMatch1.4rc3
VendorProductVersionCPE
subversionsubversion1.0cpe:2.3:a:subversion:subversion:1.0:*:*:*:*:*:*:*
subversionsubversion1.0.1cpe:2.3:a:subversion:subversion:1.0.1:*:*:*:*:*:*:*
subversionsubversion1.0.2cpe:2.3:a:subversion:subversion:1.0.2:*:*:*:*:*:*:*
subversionsubversion1.0.3cpe:2.3:a:subversion:subversion:1.0.3:*:*:*:*:*:*:*
subversionsubversion1.0.4cpe:2.3:a:subversion:subversion:1.0.4:*:*:*:*:*:*:*
subversionsubversion1.0.5cpe:2.3:a:subversion:subversion:1.0.5:*:*:*:*:*:*:*
subversionsubversion1.0.6cpe:2.3:a:subversion:subversion:1.0.6:*:*:*:*:*:*:*
subversionsubversion1.0.7cpe:2.3:a:subversion:subversion:1.0.7:*:*:*:*:*:*:*
subversionsubversion1.1.0_rc1cpe:2.3:a:subversion:subversion:1.1.0_rc1:*:*:*:*:*:*:*
subversionsubversion1.1.0_rc2cpe:2.3:a:subversion:subversion:1.1.0_rc2:*:*:*:*:*:*:*
Rows per page:
1-10 of 191

Related

debiancve 1
openvas 6
nvd 1
nessus 5
gentoo 1
freebsd 1
cvelist 1
ubuntucve 1
debiancve
debiancve
CVE-2004-0749
2004-12-23 05:00:00
openvas
openvas
Gentoo Security Advisory GLSA 200409-35 (Subversion)
2008-09-24 00:00:00
Subversion Module unreadeable path information disclosure
2005-11-03 00:00:00
Gentoo Security Advisory GLSA 200409-35 (Subversion)
2008-09-24 00:00:00
nvd
nvd
CVE-2004-0749
2004-12-23 05:00:00
nessus
nessus
Subversion < 1.0.8 / 1.1.0-rc4 mod_authz_svn Unreadable Path Metadata Information Disclosure
2004-09-23 00:00:00
FreeBSD : subversion -- WebDAV fails to protect metadata (184f5d0b-0fe8-11d9-8a8a-000c41e2cdad)
2009-04-23 00:00:00
Fedora Core 2 : subversion-1.0.8-1 (2004-318)
2004-09-24 00:00:00
gentoo
gentoo
Subversion: Metadata information leak
2004-09-29 00:00:00
freebsd
freebsd
subversion -- WebDAV fails to protect metadata
2004-09-15 00:00:00
cvelist
cvelist
CVE-2004-0749
2004-11-19 05:00:00
ubuntucve
ubuntucve
CVE-2004-0749
2004-12-23 00:00:00

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.4

Confidence

Low

EPSS

0.029

Percentile

90.8%

JSON
Related for CVE-2004-0749
debiancve1openvas6nvd1nessus5gentoo1freebsd1cvelist1ubuntucve1