CVE-2006-1564
published 2006-03-31CVE-2006-1564: Untrusted search path vulnerability in libapache2-svn 1.3.0-4 for Subversion in Debian GNU/Linux includes RPATH values under the /tmp/svn directory for the (1)…
medium4.6CVSS 3.1
AVLACLAuNCPIPAP
Untrusted search path vulnerability in libapache2-svn 1.3.0-4 for Subversion in Debian GNU/Linux includes RPATH values under the /tmp/svn directory for the (1) mod_authz_svn.so and (2) mod_dav_svn.so modules, which might allow local users to gain privileges by installing malicious libraries in that directory.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apache | subversion | >= 0 < 1.3.0-5 | 1.3.0-5 |
| apache | subversion | >= 0 < 1.3.0-5 | 1.3.0-5 |
| apache | subversion | >= 0 < 1.3.0-5 | 1.3.0-5 |
| apache | subversion | >= 0 < 1.3.0-5 | 1.3.0-5 |
| debian | debian_linux | — | — |
| debian | subversion | < subversion 1.3.0-5 (bookworm) | subversion 1.3.0-5 (bookworm) |
CVSS provenance
nvd4.6MEDIUMAV:L/AC:L/Au:N/C:P/I:P/A:P
osv4.6MEDIUM