[Forgot Password]
Login  Register Subscribe

24436

 
 

131815

 
 

115228

 
 

909

 
 

90132

 
 

140

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML view JSON

CVE-2017-9800Date: (C)2017-08-16   (M)2018-09-27


A maliciously constructed svn+ssh:// URL would cause Subversion clients before 1.8.19, 1.9.x before 1.9.7, and 1.10.0.x through 1.10.0-alpha3 to run an arbitrary shell command. Such a URL could be generated by a malicious server, by a malicious user committing to a honest server (to attack another user of that server's repositories), or by a proxy server. The vulnerability affects all clients, including those that use file://, http://, and plain (untunneled) svn://.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V3 Severity:CVSS V2 Severity:
CVSS Score : 9.8CVSS Score : 7.5
Exploit Score: 3.9Exploit Score: 10.0
Impact Score: 5.9Impact Score: 6.4
 
CVSS V3 Metrics:CVSS V2 Metrics:
Attack Vector: NETWORKAccess Vector: NETWORK
Attack Complexity: LOWAccess Complexity: LOW
Privileges Required: NONEAuthentication: NONE
User Interaction: NONEConfidentiality: PARTIAL
Scope: UNCHANGEDIntegrity: PARTIAL
Confidentiality: HIGHAvailability: PARTIAL
Integrity: HIGH 
Availability: HIGH 
  
Reference:
BID-100259
SECTRACK-1039127
http://www.securityfocus.com/archive/1/archive/1/540999/100/0/threaded
DSA-3932
GLSA-201709-09
RHSA-2017:2480
https://lists.apache.org/thread.html/cb607dc2f13bab9769147759ddccb14a4f9d8e5cdcad5e99c0d03b63@%3Cannounce.apache.org%3E
http://packetstormsecurity.com/files/143722/Apache-Subversion-Arbitrary-Code-Execution.html
https://confluence.atlassian.com/sourcetreekb/sourcetree-security-advisory-2017-08-11-933099891.html
https://subversion.apache.org/security/CVE-2017-9800-advisory.txt
https://support.apple.com/HT208103

CPE    12
cpe:/a:apache:subversion:1.10.0:alpha1
cpe:/a:apache:subversion:1.10.0:alpha2
cpe:/a:apache:subversion:1.10.0:alpha3
cpe:/a:apache:subversion:1.8.18
...
CWE    1
CWE-20
OVAL    15
oval:org.secpod.oval:def:42148
oval:org.secpod.oval:def:42147
oval:org.secpod.oval:def:41756
oval:org.secpod.oval:def:1800180
...

© SecPod Technologies