Lucene search
GoogleOSV:DSA-3137-1HistoryJan 24, 2015 - 12:00 a.m.
websvn - security update
2015-01-2400:00:00
Google
osv.dev
4
0.002 Low
EPSS
Percentile
54.7%
James Clawson discovered that websvn, a web viewer for Subversion
repositories, would follow symlinks in a repository when presenting a
file for download. An attacker with repository write access could
thereby access any file on disk readable by the user the webserver
runs as.
For the stable distribution (wheezy), this problem has been fixed in
version 2.3.3-1.1+deb7u1.
For the unstable distribution (sid), this problem has been fixed in
version 2.3.3-1.2.
We recommend that you upgrade your websvn packages.
References
Related
nessus
nessus
Fedora 20 : websvn-2.3.3-8.fc20 (2015-1439)
2015-02-09 00:00:00
FreeBSD : websvn -- information disclosure (f69e1f09-e39b-11e5-9f77-5453ed2e2b49)
2016-03-07 00:00:00
Debian DLA-136-1 : websvn security update
2015-03-26 00:00:00
freebsd
freebsd
websvn -- information disclosure
2015-01-18 00:00:00
openvas
openvas
Fedora Update for websvn FEDORA-2015-1465
2015-02-09 00:00:00
Fedora Update for websvn FEDORA-2015-1439
2015-02-09 00:00:00
Debian: Security Advisory (DSA-3137-1)
2015-01-23 00:00:00
cve
cve
CVE-2013-6892
2015-01-21 18:59:00
fedora
fedora
[SECURITY] Fedora 20 Update: websvn-2.3.3-8.fc20
2015-02-08 08:59:42
[SECURITY] Fedora 21 Update: websvn-2.3.3-8.fc21
2015-02-08 08:57:41
cvelist
cvelist
CVE-2013-6892
2015-01-21 18:00:00
debian
debian
[SECURITY] [DSA 3137-1] websvn security update
2015-01-24 19:17:12
[SECURITY] [DSA 3137-1] websvn security update
2015-01-24 19:17:12
[SECURITY] [DLA 136-1] websvn security update
2015-01-24 19:18:22
prion
prion
Code injection
2015-01-21 18:59:00
ubuntucve
ubuntucve
CVE-2013-6892
2015-01-21 00:00:00
nvd
nvd
CVE-2013-6892
2015-01-21 18:59:00
osv
osv
websvn - security update
2015-01-24 00:00:00