Safeguarding the past, present and future of RISC OS for everyone
Account
News | Downloads | Bugs | Bounties | Forums | Library

Previous|Next

  • Tickets
  • » Ticket #91

Ticket #91 (Fixed)Sat Nov 11 19:14:07 UTC 2006

Security hole through CVSHistory

Reported by: Andrew Hodgkinson (6) Severity: Critical
Part: Web site: RCVSweb and CVSweb (CVS browsing) Release:
Milestone: Status Fixed

Details by Andrew Hodgkinson (6):

Directly fetching CVSHistory pages shows that while the CVSROOT directory cannot be enumerated, individual files within it can; log information, history and contents can be viewed.

Changelog:

Modified by Andrew Hodgkinson (6) Fri, December 01 2006 - 12:06:51 GMT

  • Status changed from Open to Fixed

Fixed in Changeset #151.

  • Comment on, or change status of, this ticket

Previous|Next

Search tickets

Social

Follow us on and

ROOL Store

Buy RISC OS Open merchandise here, including SD cards for Raspberry Pi and more.

Donate! Why?

Help ROOL make things happen – please consider donating!

RISC OS IPR

RISC OS is an Open Source operating system owned by RISC OS Developments Ltd and licensed primarily under the Apache 2.0 license.

Options

  • Tickets
  • New ticket
  • Milestones
  • Subversion: Changesets
  • Subversion: Browse
  • CVS: Revisions
  • CVS: Browse
  • Search

RSS feeds Rss

  • Tickets
  • Everything!
  • More feeds...
Contact Us  |  About Us

The RISC OS Open Collaboa theme is distantly based on the Collaboa default layout
Site design © RISC OS Open Limited 2024 except where indicated

Hosted by Arachsys

Powered by Collaboa
This site runs on Rails