Lucene search
Tenable9395.PRMHistoryFeb 05, 2016 - 12:00 a.m.
Apache Subversion 1.8.x < 1.8.16 / 1.9.x < 1.9.4 Multiple Vulnerabilities
2016-02-0500:00:00
Tenable
www.tenable.com
12
The version of Apache Subversion installed on the remote host is version 1.8.x prior to 1.8.16 or 1.9.x prior to 1.9.4. It is, therefore, affected by the following vulnerabilities :
- A flaw exists within ‘svnserve/sasl’ that is triggered when handling a realm string which is a prefix of the expected realm string, which can cause an authenticated remote attacker to incorrectly authenticate into the wrong realm. This may allow the attacker to gain access to areas they would otherwise be restricted from. (CVE-2016-2167)
- A flaw exists within ‘mod_authz_svn’ that is triggered as authorization checks are not properly performed on ‘COPY’ and ‘MOVE’ actions. This may allow a remote attacker to use a specially crafted header to crash the server. (CVE-2016-2168)
- A ‘NULL pointer’ dereference flaw exists within the ‘mod_authz_svn’ module that is triggered when handling invalid headers for COPY and MOVE requests. This may allow a remote attacker to cause a Subversion server to crash. (CVE-2016-2168)
Binary data 9395.prm| Vendor | Product | Version | CPE |
|---|---|---|---|
| apache | subversion | cpe:/a:apache:subversion |
Related
nessus
nessus
Photon OS 1.0: Subversion PHSA-2016-0013
2019-02-07 00:00:00
Slackware 14.0 / 14.1 / current : subversion (SSA:2016-121-01)
2016-05-02 00:00:00
openSUSE Security Update : subversion (openSUSE-2016-571)
2016-05-09 00:00:00
fedora
fedora
[SECURITY] Fedora 24 Update: subversion-1.9.4-1.fc24
2016-05-10 11:50:37
[SECURITY] Fedora 23 Update: subversion-1.9.4-1.fc23
2016-05-12 07:32:42
osv
osv
subversion - security update
2016-05-01 00:00:00
subversion - security update
2016-04-29 00:00:00
openvas
openvas
Debian Security Advisory DSA 3561-1 (subversion - security update)
2016-04-29 00:00:00
Fedora Update for subversion FEDORA-2016-20
2016-05-11 00:00:00
Debian: Security Advisory (DLA-448-1)
2023-03-08 00:00:00
kaspersky
kaspersky
KLA10808 Multiple vulnerabilities in Apache Subversion
2016-05-05 00:00:00
debian
debian
[SECURITY] [DLA 448-1] subversion security update
2016-05-01 02:27:12
[SECURITY] [DSA 3561-1] subversion security update
2016-04-29 13:04:37
[SECURITY] [DSA 3561-1] subversion security update
2016-04-29 13:04:16
archlinux
archlinux
subversion: multiple issues
2016-06-08 00:00:00
amazon
amazon
Medium: subversion
2016-06-02 18:08:00
Medium: mod_dav_svn
2016-06-02 18:09:00
freebsd
freebsd
subversion -- multiple vulnerabilities
2016-04-21 00:00:00
mageia
mageia
Updated subversion packages fix security vulnerabilities
2016-05-05 12:05:33
slackware
slackware
[slackware-security] subversion
2016-04-30 20:34:18
ubuntu
ubuntu
Subversion vulnerabilities
2017-10-24 00:00:00
Subversion vulnerabilities
2017-08-11 00:00:00
prion
prion
Null pointer dereference
2016-05-05 18:59:00
Design/Logic Flaw
2016-05-05 18:59:00
debiancve
debiancve
CVE-2016-2167
2016-05-05 18:59:00
CVE-2016-2168
2016-05-05 18:59:00
cvelist
cvelist
CVE-2016-2167
2016-05-05 18:00:00
CVE-2016-2168
2016-05-05 18:00:00
ubuntucve
ubuntucve
CVE-2016-2168
2016-05-05 00:00:00
CVE-2016-2167
2016-05-05 00:00:00
cve
cve
CVE-2016-2168
2016-05-05 18:59:00
CVE-2016-2167
2016-05-05 18:59:00
photon
photon
cloudfoundry
cloudfoundry
USN-3388-1: Subversion vulnerabilities | Cloud Foundry
2017-08-17 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1979
2021-07-02 18:11:52
gentoo
gentoo
Subversion, Serf: Multiple Vulnerabilities
2016-10-11 00:00:00
suse
suse
Security update for subversion (important)
2017-08-17 12:10:12
oracle
oracle
Oracle Critical Patch Update Advisory - October 2020
2020-10-20 00:00:00
Related for 9395.PRM