Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2007-2448 | First vendor Publication | 2007-06-14 |
Vendor | Cve | Last vendor Modification | 2012-11-06 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:H/Au:S/C:P/I:N/A:N) | |||
---|---|---|---|
Cvss Base Score | 2.1 | Attack Range | Network |
Cvss Impact Score | 2.9 | Attack Complexity | High |
Cvss Expoit Score | 3.9 | Authentication | Requires single instance |
Calculate full CVSS 2.0 Vectors scores |
Detail
Subversion 1.4.3 and earlier does not properly implement the "partial access" privilege for users who have access to changed paths but not copied paths, which allows remote authenticated users to obtain sensitive information (revision properties) via svn (1) propget, (2) proplist, or (3) propedit. |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2448 |
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2011-02-04 | Name : Ubuntu Update for subversion vulnerabilities USN-1053-1 File : nvt/gb_ubuntu_USN_1053_1.nasl |
2009-02-27 | Name : Fedora Update for subversion FEDORA-2007-2635 File : nvt/gb_fedora_2007_2635_subversion_fc7.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
36070 | Subversion (SVN) partial access Privilege Remote Information Disclosure Subversion (SVN) contains a flaw that may allow a remote attacker to gain access to sensitive information. The issue is due to the "partial access" privilege not being implemented correctly. This allows remote authenticated users to obtain sensitive information such as revision properties via the "svn propget", "svn proplist" and "svn propedit" commands. |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2011-02-02 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1053-1.nasl - Type : ACT_GATHER_INFO |
2007-11-06 | Name : The remote Fedora host is missing a security update. File : fedora_2007-2635.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
Date | Informations |
---|---|
2021-05-05 01:03:33 |
|
2021-05-04 12:05:43 |
|
2021-04-22 01:06:17 |
|
2020-05-23 01:38:10 |
|
2020-05-23 00:19:42 |
|
2016-06-28 16:26:27 |
|
2016-04-26 16:05:16 |
|
2014-02-17 10:40:05 |
|
2013-05-11 10:24:51 |
|