Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

Subversion Module unreadeable path information disclosure

Information

Severity

Severity

Medium

Family

Family

Remote file access

CVSSv2 Base

CVSSv2 Base

5.0

CVSSv2 Vector

CVSSv2 Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Solution Type

Solution Type

Vendor Patch

Created

Created

18 years ago

Modified

Modified

5 years ago

Summary

You are running a version of Subversion which is older than 1.0.8 or 1.1.0-rc4. A flaw exist in older version, in the apache module mod_authz_svn, which fails to properly restrict access to metadata within unreadable paths. An attacker can read metadata in unreadable paths, which can contain sensitive information such as logs and paths.

Solution

Solution

Upgrade to subversion 1.0.8, 1.1.0-rc4 or newer

Common Vulnerabilities and Exposures (CVE)