Download
| Alert*
|
oval:org.secpod.oval:def:42147
The host is installed with Xcode before 9.0 on Apple Mac OS X 10.12.6 or later and is prone to arbitrary code execution vulnerability. A flaw is present in the application, which fails to handle input validation. Successful exploitation may lead to arbitrary code execution oval:org.secpod.oval:def:2101120 A maliciously constructed svn+ssh:// URL would cause Subversion clients before 1.8.19, 1.9.x before 1.9.7, and 1.10.0.x through 1.10.0-alpha3 to run an arbitrary shell command. Such a URL could be generated by a malicious server, by a malicious user committing to a honest server (to attack another u ... oval:org.secpod.oval:def:42148 The host is missing a security update according to Apple advisory, APPLE-SA-2016-09-13-2. The update is required to fix multiple memory corruption vulnerabilities. The flaws are present in the application, which fails to handle unknown vectors. Successful exploitation allows attackers to execute arb ... oval:org.secpod.oval:def:41756 subversion: Advanced version control system Several security issues were fixed in Subversion. oval:org.secpod.oval:def:57843 The host is installed with Apache Subversion 1.0.x before 1.8.19 or 1.9.x before 1.9.7 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to handle a maliciously constructed SVN URL. Successful exploitation could allow remote attackers to cau ... oval:org.secpod.oval:def:204624 Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. Security Fix: * A shell command injection flaw related to the handling of "svn+ssh" U ... oval:org.secpod.oval:def:1800180 A Subversion client sometimes connects to URLs provided by the repository.This happens in two primary cases: during "checkout", "export", "update", and"switch", when the tree being downloaded contains svn:externals properties;and when using "svnsync sync" with one URL argument. A maliciously constru ... oval:org.secpod.oval:def:1800244 A Subversion client sometimes connects to URLs provided by the repository.This happens in two primary cases: during "checkout", "export", "update", and"switch", when the tree being downloaded contains svn:externals properties;and when using "svnsync sync" with one URL argument. A maliciously constru ... oval:org.secpod.oval:def:1800003 A Subversion client sometimes connects to URLs provided by the repository.This happens in two primary cases: during "checkout", "export", "update", and"switch", when the tree being downloaded contains svn:externals properties;and when using "svnsync sync" with one URL argument. A maliciously constru ... oval:org.secpod.oval:def:1800051 A Subversion client sometimes connects to URLs provided by the repository.This happens in two primary cases: during "checkout", "export", "update", and"switch", when the tree being downloaded contains svn:externals properties; and when using "svnsync sync" with one URL argument. A maliciously constr ... oval:org.secpod.oval:def:1600761 Command injection through clients via malicious svn+ssh URLsA shell command injection flaw related to the handling of "svn+ssh" URLs has been discovered in Subversion. An attacker could use this flaw to execute shell commands with the privileges of the user running the Subversion client, f ... oval:org.secpod.oval:def:51870 subversion: Advanced version control system Several security issues were fixed in Subversion. oval:org.secpod.oval:def:53116 Several problems were discovered in Subversion, a centralised version control system. CVE-2017-9800 Joern Schneeweisz discovered that Subversion did not correctly handle maliciously constructed svn+ssh:// URLs. This allowed an attacker to run an arbitrary shell command, for instance via svn:external ... oval:org.secpod.oval:def:113052 Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. Subversion only stores the differences between versions, instead of every complete file. Subvers ... oval:org.secpod.oval:def:703756 subversion: Advanced version control system Several security issues were fixed in Subversion. oval:org.secpod.oval:def:1501998 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:113087 Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. Subversion only stores the differences between versions, instead of every complete file. Subvers ... oval:org.secpod.oval:def:502124 Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. Security Fix: * A shell command injection flaw related to the handling of "svn+ssh" U ... oval:org.secpod.oval:def:603050 Several problems were discovered in Subversion, a centralised version control system. CVE-2017-9800 Joern Schneeweisz discovered that Subversion did not correctly handle maliciously constructed svn+ssh:// URLs. This allowed an attacker to run an arbitrary shell command, for instance via svn:external ... |
