CVE-2006-1564

Untrusted search path vulnerability in libapache2-svn 1.3.0-4 for Subversion in Debian GNU/Linux includes RPATH values under the /tmp/svn directory for the (1) mod_authz_svn.so and (2) mod_dav_svn.so modules, which might allow local users to gain privileges by installing malicious libraries in that directory.
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.1:*:alpha:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.1:*:amd64:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.1:*:arm:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.1:*:hppa:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.1:*:ia-32:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.1:*:ia-64:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.1:*:m68k:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.1:*:mips:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.1:*:mipsel:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.1:*:ppc:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.1:*:s-390:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.1:*:sparc:*:*:*:*:*

History

21 Nov 2024, 00:09

Type Values Removed Values Added
References () http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=359234 - Exploit, Patch () http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=359234 - Exploit, Patch
References () http://www.securityfocus.com/bid/17288 - Patch () http://www.securityfocus.com/bid/17288 - Patch
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/25680 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/25680 -

Information

Published : 2006-03-31 11:06

Updated : 2024-11-21 00:09


NVD link : CVE-2006-1564

Mitre link : CVE-2006-1564

CVE.ORG link : CVE-2006-1564


JSON object : View

Products Affected

debian

  • debian_linux