CVE-2009-0240

N/A Unknown

Published: January 21, 2009 Modified: April 23, 2026

Description

listing.php in WebSVN 2.0 and possibly 1.7 beta, when using an SVN authz file, allows remote authenticated users to read changelogs or diffs for restricted projects via a modified repname parameter.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=512191

Source: cve@mitre.org

http://secunia.com/advisories/32338

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/33945

Source: cve@mitre.org

http://secunia.com/advisories/34191

Source: cve@mitre.org

http://www.debian.org/security/2009/dsa-1725

Source: cve@mitre.org

http://www.gentoo.org/security/en/glsa/glsa-200903-20.xml

Source: cve@mitre.org

http://www.openwall.com/lists/oss-security/2009/01/18/2

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/48171

Source: cve@mitre.org

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=512191