CVE-2015-3184 Information
Share on:
Feb 14, 2021
cve
Description
mod_authz_svn in Apache Subversion 1.7.x before 1.7.21 and 1.8.x before 1.8.14 when using Apache httpd 2.4.x does not properly restrict anonymous access which allows remote anonymous users to read hidden files via the path name.
Reference
http://lists.apple.com/archives/security-announce/2016/Mar/msg00003.html http://lists.opensuse.org/opensuse-updates/2015-08/msg00022.html http://rhn.redhat.com/errata/RHSA-2015-1742.html http://subversion.apache.org/security/CVE-2015-3184-advisory.txt http://www.debian.org/security/2015/dsa-3331 http://www.securityfocus.com/bid/76274 http://www.securitytracker.com/id/1033215 http://www.ubuntu.com/usn/USN-2721-1 https://security.gentoo.org/glsa/201610-05 https://support.apple.com/HT206172