news 28 Posted March 9, 2009 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200903-20 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: WebSVN: Multiple vulnerabilities Date: March 09, 2009 Bugs: #243852 ID: 200903-20 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities in WebSVN allow for file overwrite and information disclosure. Background ========== WebSVN is a web-based browsing tool for Subversion repositories written in PHP. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 www-apps/websvn < 2.1.0 >= 2.1.0 Description =========== * James Bercegay of GulfTech Security reported a Cross-site scripting (XSS) vulnerability in the getParameterisedSelfUrl() function in index.php (CVE-2008-5918) and a directory traversal vulnerability in rss.php when magic_quotes_gpc is disabled (CVE-2008-5919). * Bas van Schaik reported that listing.php does not properly enforce access restrictions when using an SVN authz file to authenticate users (CVE-2009-0240). Impact ====== A remote attacker can exploit these vulnerabilities to overwrite arbitrary files, to read changelogs or diffs for restricted projects and to hijack a user's session. Workaround ========== There is no known workaround at this time. Resolution ========== All WebSVN users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=www-apps/websvn-2.1.0" References ========== [ 1 ] CVE-2008-5918 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5918 [ 2 ] CVE-2008-5919 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5919 [ 3 ] CVE-2009-0240 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0240 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-200903-20.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security ( -at -) gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org. License ======= Copyright 2009 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 Share this post Link to post