CVE-2016-2167
Public on 2016-05-05
Modified on 2016-06-03
Description
The canonicalize_username function in svnserve/cyrus_auth.c in Apache Subversion before 1.8.16 and 1.9.x before 1.9.4, when Cyrus SASL authentication is used, allows remote attackers to authenticate and bypass intended access restrictions via a realm string that is a prefix of an expected repository realm string.
CVSS v3 Base Score
See breakdown
Affected Packages
| Platform | Package | Release Date | Advisory | Status |
|---|---|---|---|---|
| Amazon Linux 1 | mod_dav_svn | 2016-06-02 | ALAS-2016-710 | Fixed |
| Amazon Linux 1 | subversion | 2016-06-02 | ALAS-2016-709 | Fixed |
CVSS Scores
| Score Type | Score | Vector | |
|---|---|---|---|
| Amazon Linux | CVSSv2 | 3.6 | AV:N/AC:H/Au:S/C:P/I:P/A:N |
| NVD | CVSSv3 | 6.8 | CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N |
| NVD | CVSSv2 | 4.9 | AV:N/AC:M/Au:S/C:P/I:P/A:N |