CVE-2008-5919
Directory traversal vulnerability in rss.php in WebSVN 2.0 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to overwrite arbitrary files via directory traversal sequences in the rev parameter.
| Software | From | Fixed in |
|---|---|---|
| tigris / websvn | 1.20 | 1.20.x |
| tigris / websvn | 1.34 | 1.34.x |
| tigris / websvn | 1.02 | 1.02.x |
| tigris / websvn | 1.03 | 1.03.x |
| tigris / websvn | 1.37 | 1.37.x |
| tigris / websvn | 1.51 | 1.51.x |
| tigris / websvn | 1.39 | 1.39.x |
| tigris / websvn | 1.10 | 1.10.x |
| tigris / websvn | 1.32 | 1.32.x |
| tigris / websvn | 1.60 | 1.60.x |
| tigris / websvn | 1.00 | 1.00.x |
| tigris / websvn | - | 2.0.x |
| tigris / websvn | 1.38 | 1.38.x |
| tigris / websvn | 1.01 | 1.01.x |
| tigris / websvn | 1.40 | 1.40.x |
| tigris / websvn | 1.62 | 1.62.x |
| tigris / websvn | 1.31a | 1.31a.x |
| tigris / websvn | 1.04 | 1.04.x |
| tigris / websvn | 1.61 | 1.61.x |
| tigris / websvn | 1.33 | 1.33.x |
- http://secunia.com/advisories/32338
- http://secunia.com/advisories/34191
- http://securityreason.com/securityalert/4928
- http://websvn.tigris.org/issues/show_bug.cgi?id=179
- http://websvn.tigris.org/servlets/NewsItemView?newsItemID=2218
- http://www.gentoo.org/security/en/glsa/glsa-200903-20.xml
- http://www.gulftech.org/?node=research&article_id=00132-10202008
- http://www.securityfocus.com/bid/31891
- https://exchange.xforce.ibmcloud.com/vulnerabilities/46050
- https://www.exploit-db.com/exploits/6822
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime