Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 

Subscribe

De la Théorie à la pratique





















Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

IT Jobs and Computer Security

SEO SEM

Security Vulnerability

Vigil@nce - Apache Subversion: information disclosure via MD5 Cache

August 2014 by Vigil@nce

This bulletin was written by Vigil@nce : http://vigilance.fr/offer

SYNTHESIS OF THE VULNERABILITY

A local attacker can trigger a MD5 collision in the cache of Apache Subversion, in order to obtain sensitive information.

Impacted products: Subversion, openSUSE, Ubuntu

Severity: 1/4

Creation date: 26/08/2014

DESCRIPTION OF THE VULNERABILITY

The Apache Subversion caches user’s credentials. These credentials are stored in a tree indexed by the result of a MD5 hash.

However, an attacker may trigger a MD5 collision, in order to obtain data belonging to another user.

A local attacker can therefore trigger a MD5 collision in the cache of Apache Subversion, in order to obtain sensitive information.

ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN

http://vigilance.fr/vulnerability/A...




See previous articles

    

See next articles

Les événements

29 novembre Paris - Sailpoint organise une Journée Gestion des Identités et des Données

    

Voir tous les évènements





















Security Vulnerability

All our news in english

Your podcast Here

New, you can have your Podcast here. Contact us for more information ask:
Marc Brami
Phone: +33 1 40 92 05 55
Mail: ipsimp@free.fr

All new podcasts

 
News Files Cyber Security Security Vulnerability Malware Update Diary Guide & Podcast Jobs TRAINING Contact About Mentions légales S'identifier ADMIN

Global Security Mag Copyright 2011