• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Subversion for Windows Remote Directory Traversal Vulnerability

Subversion is prone to a remote directory-traversal vulnerability because the application fails to properly sanitize user-supplied input.

Successfully exploiting this issue allows attackers to write arbitrary data to arbitrary locations on unsuspecting users' computers.

This issue affects Subversion running on Microsoft Windows and on any other platform where directory-separator characters are '\' or characters other than '/'.

Versions prior to Subversion 1.4.5 are vulnerable.