Signature Detail

This site is deprecated. Please CLICK HERE for latest updates

Short Name	HTTP:APACHE:SUBVER-URL-CE
Severity	Major
Recommended	Yes
Recommended Action	Drop
Category	HTTP
Keywords	Apache Subversion URL Command Execution
Release Date	2017/08/31
Update Number	2985
Supported Platforms	idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+

HTTP: Apache Subversion URL Command Execution

A command execution vulnerability exists in Apache Subversion. A remote attacker could exploit this vulnerability by enticing a user to checkout a malicious repository. Successful exploitation will allow the attacker to execute arbitrary commands under the security context of the current user.

Extended Description

A maliciously constructed svn+ssh:// URL would cause Subversion clients before 1.8.19, 1.9.x before 1.9.7, and 1.10.0.x through 1.10.0-alpha3 to run an arbitrary shell command. Such a URL could be generated by a malicious server, by a malicious user committing to a honest server (to attack another user of that server's repositories), or by a proxy server. The vulnerability affects all clients, including those that use file://, http://, and plain (untunneled) svn://.

Affected Products

Apache subversion 1.10.0
Apache subversion 1.8.18
Apache subversion 1.9.0
Apache subversion 1.9.1
Apache subversion 1.9.2
Apache subversion 1.9.3
Apache subversion 1.9.4
Apache subversion 1.9.5
Apache subversion 1.9.6

Signature Detail

This site is deprecated. Please CLICK HERE for latest updates

Short Name

Severity

Recommended

Recommended Action

Category

Keywords

Release Date

Update Number

Supported Platforms

HTTP: Apache Subversion URL Command Execution

Extended Description

Affected Products

References