[3.4] subversion: Arbitrary code execution on clients through malicious svn+ssh URLs (CVE-2017-9800)ID: oval:org.secpod.oval:def:1800051 | Date: (C)2018-03-28 (M)2023-11-10 |
Class: PATCH | Family: unix |
A Subversion client sometimes connects to URLs provided by the repository.This happens in two primary cases: during "checkout", "export", "update", and"switch", when the tree being downloaded contains svn:externals properties; and when using "svnsync sync" with one URL argument. A maliciously constructed svn+ssh:// URL would cause Subversion clients to run an arbitrary shell command. Such a URL could be generated by a malicious server, by a malicious user committing to a honest server , or by a proxy server. The vulnerability affects all clients, including those that use file://, and plain svn://. Fixed In Version: subversion 1.8.18, subversion 1.9.7
Platform: |
Alpine Linux 3.4 |