|The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.|
Apache Subversion: information disclosure via MD5 Cache
Synthesis of the vulnerability
A local attacker can trigger a MD5 collision in the cache of Apache Subversion, in order to obtain sensitive information.
Impacted products: Subversion, openSUSE, Solaris, RHEL, Ubuntu.
Severity of this bulletin: 1/4.
Consequences of an intrusion: data reading.
Hacker's origin: user shell.
Creation date: 26/08/2014.
Références of this threat: bulletinoct2015, CVE-2014-3528, MDVSA-2014:161, MDVSA-2015:085, openSUSE-SU-2014:1059-1, RHSA-2015:0165-01, RHSA-2015:0166-01, USN-2316-1, VIGILANCE-VUL-15231.
Description of the vulnerability
The Apache Subversion caches user's credentials. These credentials are stored in a tree indexed by the result of a MD5 hash.
However, an attacker may trigger a MD5 collision, in order to obtain data belonging to another user.
A local attacker can therefore trigger a MD5 collision in the cache of Apache Subversion, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)
Computer vulnerabilities tracking service
Vigil@nce provides a computer vulnerability workaround. Each administrator can customize the list of products for which he wants to receive vulnerability alerts. The Vigil@nce computer vulnerability tracking service alerts your teams of vulnerabilities or threats impacting your information system. The Vigil@nce security watch publishes vulnerability bulletins about threats impacting the information system.