Command execution in Apache Subversion

Published: 2017-08-10 00:00:00 | Updated: 2017-08-15 16:02:21
Severity High
Patch available YES
Number of vulnerabilities 1
CVE ID CVE-2017-9800
CVSSv3 8.7 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CWE ID CWE-78
Exploitation vector Network
Public exploit Not available
Vulnerable software Subversion
Vulnerable software versions Subversion 1.8.18
Subversion 1.8.17
Subversion 1.8.16
Show more
Vendor URL Apache Foundation

Security Advisory

1) OS command injection

Description

The vulnerability allows a remote attacker to execute arbitrary shell commands on the target system.

The weakness exists due to command injection flaw. A remote attacker (e.g., repository, proxy server) can return a specially crafted 'svn+ssh://' URL during 'checkout', 'export', 'update', and 'switch' commands and execute arbitrary shell commands with privileges of the current user.

Successful exploitation of the vulnerability may result in system compromise.

Remediation

Update to version 1.8.19 or 1.9.7.

External links

http://subversion.apache.org/security/CVE-2017-9800-advisory.txt

Back to List