CVE-2016-2167

6.8MEDIUM

Key Information:

Vendor
Apache
Status
Subversion
Vendor
CVE Published:
5 May 2016

Summary

The canonicalize_username function in svnserve/cyrus_auth.c in Apache Subversion before 1.8.16 and 1.9.x before 1.9.4, when Cyrus SASL authentication is used, allows remote attackers to authenticate and bypass intended access restrictions via a realm string that is a prefix of an expected repository realm string.

References

http://lists.fedoraproject.org/pipermail/package-announce...
vendor-advisoryx_refsource_FEDORA
http://www.securityfocus.com/bid/89417
vdb-entryx_refsource_BID
http://mail-archives.apache.org/mod_mbox/subversion-annou...
mailing-listx_refsource_MLIST

CVSS V3.1

Score:
6.8
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.