5

CVE-2004-0749

EPSS 0.62%
Published 23.12.2004 05:00:00
Last modified 03.04.2025 01:03:51
Source cve@mitre.org
Teams watchlist Login
Open Login

The mod_authz_svn module in Subversion 1.0.7 and earlier does not properly restrict access to all metadata on unreadable paths, which could allow remote attackers to gain sensitive information via (1) svn log -v, (2) svn propget, or (3) svn blame, and other commands that follow renames.

Affected products Warnungen 0 Metrics 2 CWE 0 References 8

Data is provided by the National Vulnerability Database (NVD)

Subversion ≫ Subversion Version1.0

Subversion ≫ Subversion Version1.0.1

Subversion ≫ Subversion Version1.0.2

Subversion ≫ Subversion Version1.0.3

Subversion ≫ Subversion Version1.0.4

Subversion ≫ Subversion Version1.0.5

Subversion ≫ Subversion Version1.0.6

Subversion ≫ Subversion Version1.0.7

Subversion ≫ Subversion Version1.1.0_rc1

Subversion ≫ Subversion Version1.1.0_rc2

Subversion ≫ Subversion Version1.1.0_rc3

Gentoo ≫ Linux Version0.5

Gentoo ≫ Linux Version0.7

Gentoo ≫ Linux Version1.1a

Gentoo ≫ Linux Version1.2

Gentoo ≫ Linux Version1.4

Gentoo ≫ Linux Version1.4 Updaterc1

Gentoo ≫ Linux Version1.4 Updaterc2

Gentoo ≫ Linux Version1.4 Updaterc3

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.62%	0.675

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:P/I:N/A:N

http://fedoranews.org/updates/FEDORA-2004-318.shtml

http://subversion.tigris.org/security/CAN-2004-0749-advisory.txt

Patch

Vendor Advisory

http://www.gentoo.org/security/en/glsa/glsa-200409-35.xml

Patch

Vendor Advisory

http://www.securityfocus.com/bid/11243

Patch

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/17472

https://nvd.nist.gov/vuln/detail/CVE-2004-0749

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2004-0749

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2004-0749

EUVD