Tortoise SVN latest vulnerable to Windows DLL hijacking

From: Nikhil Mittal <nikhil_uitrgpv_at_yahoo.co.in>
Date: Mon, 30 Aug 2010 22:13:18 +0530 (IST)

Hi There,

TortoiseSVN 1.6.10, Build 19898 ( latest available on tigris.org) is vulnerable to Windows DLL Hijacking vulnerability.
http://www.microsoft.com/technet/security/advisory/2269637.mspx

I am able to gain a command shell with current user privileges using metasploit. This is to notify you please. Request your consent to make it public.

Regards,

Nikhil Mittal

------------------------------------------------------
http://tortoisesvn.tigris.org/ds/viewMessage.do?dsForumId=4061&dsMessageId=2653163

To unsubscribe from this discussion, e-mail: [users-unsubscribe_at_tortoisesvn.tigris.org].
Received on 2010-08-30 18:44:48 CEST

This message: [ Message body ]
Next message: Andy Levy: "Re: Tortoise SVN latest vulnerable to Windows DLL hijacking"
Previous message: andy: "tortoiseproc checkout path modified"
Next in thread: Andy Levy: "Re: Tortoise SVN latest vulnerable to Windows DLL hijacking"
Reply: Andy Levy: "Re: Tortoise SVN latest vulnerable to Windows DLL hijacking"
Maybe reply: Nikhil Mittal: "Fw: Tortoise SVN latest vulnerable to Windows DLL hijacking"
Reply: Stefan Küng: "Re: Tortoise SVN latest vulnerable to Windows DLL hijacking"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]