Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2004-0749 | First vendor Publication | 2004-12-23 |
Vendor | Cve | Last vendor Modification | 2017-07-11 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:P/I:N/A:N) | |||
---|---|---|---|
Cvss Base Score | 5 | Attack Range | Network |
Cvss Impact Score | 2.9 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
The mod_authz_svn module in Subversion 1.0.7 and earlier does not properly restrict access to all metadata on unreadable paths, which could allow remote attackers to gain sensitive information via (1) svn log -v, (2) svn propget, or (3) svn blame, and other commands that follow renames. |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0749 |
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2008-09-24 | Name : Gentoo Security Advisory GLSA 200409-35 (Subversion) File : nvt/glsa_200409_35.nasl |
2008-09-04 | Name : FreeBSD Ports: subversion, subversion-perl, subversion-python File : nvt/freebsd_subversion.nasl |
2005-11-03 | Name : Subversion Module unreadeable path information disclosure File : nvt/subversion_1_0_8.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
10217 | Subversion (SVN) mod_authz_svn Unreadable Path Metadata Information Disclosure Subversion contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a Subversion commit affects paths that an administrator has marked "unreadable" using mod_authz_svn occurs, which will disclose metadata information about the unreadable paths resulting in a loss of confidentiality. |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2009-04-23 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_184f5d0b0fe811d98a8a000c41e2cdad.nasl - Type : ACT_GATHER_INFO |
2004-10-01 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200409-35.nasl - Type : ACT_GATHER_INFO |
2004-09-24 | Name : The remote Fedora Core host is missing a security update. File : fedora_2004-318.nasl - Type : ACT_GATHER_INFO |
2004-09-23 | Name : The remote host has an application that is affected by an information disclos... File : subversion_1_0_8.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
Date | Informations |
---|---|
2021-05-04 12:02:23 |
|
2021-04-22 01:02:32 |
|
2020-05-23 00:15:51 |
|
2017-07-11 12:01:29 |
|
2014-02-17 10:27:54 |
|
2013-05-11 11:42:37 |
|