CVE-2006-1564
EPSS 0.07%
Description
Untrusted search path vulnerability in libapache2-svn 1.3.0-4 for Subversion in Debian GNU/Linux includes RPATH values under the /tmp/svn directory for the (1) mod_authz_svn.so and (2) mod_dav_svn.so modules, which might allow local users to gain privileges by installing malicious libraries in that directory.
How to fix CVE-2006-1564
To remediate CVE-2006-1564, upgrade the affected package to a fixed version below.
- Debian/subversion—upgrade to 1.3.0-5 or later
Is CVE-2006-1564 being exploited?
Low — EPSS is 0.1%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 1.3.0-5