CVE-2017-9800

CVE	CVE-2017-9800
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2017-08-11 21:29:00 UTC
Updated	2023-11-07 02:50:00 UTC
Description	A maliciously constructed svn+ssh:// URL would cause Subversion clients before 1.8.19, 1.9.x before 1.9.7, and 1.10.0.x through 1.10.0-alpha3 to run an arbitrary shell command. Such a URL could be generated by a malicious server, by a malicious user committing to a honest server (to attack another user of that server's repositories), or by a proxy server. The vulnerability affects all clients, including those that use file://, http://, and plain (untunneled) svn://.

Problem Types: CWE-20

Type	Vendor	Product	Version	Update	Edition	Language
Application	Apache	Subversion	1.10.0	All	All	All
Application	Apache	Subversion	1.10.0	alpha1	All	All
Application	Apache	Subversion	1.10.0	alpha2	All	All
Application	Apache	Subversion	1.10.0	alpha3	All	All
Application	Apache	Subversion	1.9.0	All	All	All
Application	Apache	Subversion	1.9.1	All	All	All
Application	Apache	Subversion	1.9.2	All	All	All
Application	Apache	Subversion	1.9.3	All	All	All
Application	Apache	Subversion	1.9.4	All	All	All
Application	Apache	Subversion	1.9.5	All	All	All
Application	Apache	Subversion	1.9.6	All	All	All
Application	Apache	Subversion	1.10.0	All	All	All
Application	Apache	Subversion	1.10.0	alpha1	All	All
Application	Apache	Subversion	1.10.0	alpha2	All	All
Application	Apache	Subversion	1.10.0	alpha3	All	All
Application	Apache	Subversion	1.9.0	All	All	All
Application	Apache	Subversion	1.9.1	All	All	All
Application	Apache	Subversion	1.9.2	All	All	All
Application	Apache	Subversion	1.9.3	All	All	All
Application	Apache	Subversion	1.9.4	All	All	All
Application	Apache	Subversion	1.9.5	All	All	All
Application	Apache	Subversion	1.9.6	All	All	All
Application	Apache	Subversion	All	All	All	All

Reference	Source	Link	Tags
Pony Mail!		lists.apache.org
Apache Subversion CVE-2017-9800 Remote Command Execution Vulnerability	BID	www.securityfocus.com	Third Party Advisory, VDB Entry
SourceTree Security Advisory 2017-08-11 - Atlassian Documentation	CONFIRM	confluence.atlassian.com
Pony Mail!	MLIST	lists.apache.org	Mailing List, Release Notes, Vendor Advisory
Apache Subversion Arbitrary Code Execution ≈ Packet Storm	MISC	packetstormsecurity.com
SecurityFocus	BUGTRAQ	www.securityfocus.com
Oracle Critical Patch Update Advisory - October 2020	MISC	www.oracle.com
Apache Subversion 'svn+ssh://' URL Processing Flaw Lets Remote Users Execute Arbitrary Commands on the Target System - SecurityTracker	SECTRACK	www.securitytracker.com	Third Party Advisory, VDB Entry
Pony Mail!	MLIST	lists.apache.org
About the security content of Xcode 9 - Apple Support	CONFIRM	support.apple.com
Red Hat Customer Portal	REDHAT	access.redhat.com
Subversion: Arbitrary code execution (GLSA 201709-09) — Gentoo security	GENTOO	security.gentoo.org
Debian -- Security Information -- DSA-3932-1 subversion	DEBIAN	www.debian.org
subversion.apache.org/security/CVE-2017-9800-advisory.txt	CONFIRM	subversion.apache.org	Vendor Advisory
Pony Mail!		lists.apache.org
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

500673 Alpine Linux Security Update for subversion
504447 Alpine Linux Security Update for subversion
690554 Free Berkeley Software Distribution (FreeBSD) Security Update for subversion (6e80bd9b-7e9b-11e7-abfe-90e2baa3bafc)
710440 Gentoo Linux Subversion Arbitrary code execution Vulnerability (GLSA 201709-09)