• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Subversion Remote Revision Property Information Disclosure Vulnerability

Subversion is prone to a remote information-disclosure vulnerability because the application fails to properly enforce security restrictions during certain remote SVN operations.

Successfully exploiting this issue potentially allows remote attackers to access sensitive information contained in revision properties, such as log messages. This may aid in further attacks.

Versions prior to Subversion 1.4.4 are vulnerable to this issue.