Wind River Support Network

HomeDefectsLIN6-4872

Fixed

LIN6-4872 : Security Advisory - apache subversion - CVE-2013-4277

Created: Oct 16, 2013 Updated: Dec 3, 2018

Resolved Date: May 8, 2014

Previous ID: LIN3-13575

Found In Version: 6.0

Fix Version: 6.0.0.7

Severity: Low

Applicable for: Wind River Linux 6

Component/s: Userspace

Description

Svnserve in Apache Subversion 1.4.0 through 1.7.12 and 1.8.0 through 1.8.1 allows local users to overwrite arbitrary files or kill arbitrary processes via a symlink attack on the file specified by the --pid-file option.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4277

Workaround

Unknown

Steps to Reproduce

Unknown

Other Downloads

Wind River Linux 6.0.0.29
Wind River Linux 6.0.0.30
Wind River Linux 6.0.0.31
Wind River Linux 6.0.0.32
Wind River Linux 6.0.0.33
Wind River Linux 6.0.0.34
Wind River Linux 6.0.0.35
Wind River Linux 6.0.0.36
Wind River Linux 6.0.0.37
Wind River Linux 6.0.0.38