FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

subversion date parsing vulnerability

Affected packages
subversion < 1.0.2_1


VuXML ID 5d36ef32-a9cf-11d8-9c6d-0020ed76ef5a
Discovery 2004-05-19
Entry 2004-05-19

Stefan Esser reports:

Subversion versions up to 1.0.2 are vulnerable to a date parsing vulnerability which can be abused to allow remote code execution on Subversion servers and therefore could lead to a repository compromise.

NOTE: This vulnerability is similar to the date parsing issue that affected neon. However, it is a different and distinct bug.


CVE Name CVE-2004-0397