Svnserve in Apache Subversion 1.4.0 through 1.7.12 and 1.8.0 through 1.8.1 allows local users to overwrite arbitrary files or kill arbitrary processes via a symlink attack on the file specified by the --pid-file option.
{ "availability": "No subscription required", "ubuntu_priority": "low", "binaries": [ { "binary_version": "1.7.13-2ubuntu2", "binary_name": "libapache2-mod-svn" }, { "binary_version": "1.7.13-2ubuntu2", "binary_name": "libapache2-svn" }, { "binary_version": "1.7.13-2ubuntu2", "binary_name": "libsvn-dev" }, { "binary_version": "1.7.13-2ubuntu2", "binary_name": "libsvn-doc" }, { "binary_version": "1.7.13-2ubuntu2", "binary_name": "libsvn-java" }, { "binary_version": "1.7.13-2ubuntu2", "binary_name": "libsvn-perl" }, { "binary_version": "1.7.13-2ubuntu2", "binary_name": "libsvn-ruby" }, { "binary_version": "1.7.13-2ubuntu2", "binary_name": "libsvn-ruby1.8" }, { "binary_version": "1.7.13-2ubuntu2", "binary_name": "libsvn1" }, { "binary_version": "1.7.13-2ubuntu2", "binary_name": "python-subversion" }, { "binary_version": "1.7.13-2ubuntu2", "binary_name": "python-subversion-dbg" }, { "binary_version": "1.7.13-2ubuntu2", "binary_name": "ruby-svn" }, { "binary_version": "1.7.13-2ubuntu2", "binary_name": "subversion" }, { "binary_version": "1.7.13-2ubuntu2", "binary_name": "subversion-tools" } ] }