[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Monotone-devel] Subversion on Bugtraq
From: |
Colorless |
Subject: |
[Monotone-devel] Subversion on Bugtraq |
Date: |
Mon, 7 Mar 2005 17:11:52 -0800 (PST) |
FWIW:
3. Problem description:
Subversion versions up to 1.0.2 are vulnerable to a date parsing
vulnerability which can be abused to allow remote code execution on
Subversion servers and therefore could lead to a repository compromise.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CAN-2004-0397 to this issue.
Subversion versions up to and including 1.0.4 have a potential Denial of
Service and Heap Overflow issue related to the parsing of strings in the
'svn://' family of access protocols. The Common Vulnerabilities and
Exposures project (cve.mitre.org) has assigned the name CAN-2004-0413 to
this issue.
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Monotone-devel] Subversion on Bugtraq,
Colorless <=