Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.AL2_ALAS-2020-1549.NASL
HistoryOct 27, 2020 - 12:00 a.m.

Amazon Linux 2 : mod_dav_svn (ALAS-2020-1549)

2020-10-2700:00:00
This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
14
JSON

The version of tested product installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2020-1549 advisory.

  • In Apache Subversion versions up to and including 1.9.10, 1.10.4, 1.12.0, Subversion’s svnserve server process may exit when a well-formed read-only request produces a particular answer. This can lead to disruption for users of the server. (CVE-2018-11782)

Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.

##
# (C) Tenable Network Security, Inc.
#                                  
# The descriptive text and package checks in this plugin were
# extracted from Amazon Linux 2 Security Advisory ALAS-2020-1549.
##

include('compat.inc');

if (description)
{
  script_id(141947);
  script_version("1.3");
  script_set_attribute(attribute:"plugin_modification_date", value:"2020/10/29");

  script_cve_id("CVE-2018-11782");
  script_xref(name:"ALAS", value:"2020-1549");

  script_name(english:"Amazon Linux 2 : mod_dav_svn (ALAS-2020-1549)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(attribute:"synopsis", value:
"The remote Amazon Linux 2 host is missing a security update.");
  script_set_attribute(attribute:"description", value:
"The version of tested product installed on the remote host is prior to tested version. It is, therefore, affected by a
vulnerability as referenced in the ALAS2-2020-1549 advisory.

  - In Apache Subversion versions up to and including 1.9.10, 1.10.4, 1.12.0, Subversion's svnserve server
    process may exit when a well-formed read-only request produces a particular answer. This can lead to
    disruption for users of the server. (CVE-2018-11782)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://alas.aws.amazon.com/AL2/ALAS-2020-1549.html");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2018-11782");
  script_set_attribute(attribute:"solution", value:
"Run 'yum update subversion' to update your system.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2018-11782");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");

  script_set_attribute(attribute:"vuln_publication_date", value:"2019/09/26");
  script_set_attribute(attribute:"patch_publication_date", value:"2020/10/22");
  script_set_attribute(attribute:"plugin_publication_date", value:"2020/10/27");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:mod_dav_svn");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:subversion");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:subversion-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:subversion-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:subversion-gnome");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:subversion-javahl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:subversion-libs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:subversion-perl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:subversion-python");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:subversion-ruby");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:subversion-tools");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:amazon:linux:2");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Amazon Linux Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/AmazonLinux/release", "Host/AmazonLinux/rpm-list");

  exit(0);
}

include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);

release = get_kb_item("Host/AmazonLinux/release");
if (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, "Amazon Linux");
os_ver = pregmatch(pattern: "^AL(A|\d)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Amazon Linux");
os_ver = os_ver[1];
if (os_ver != "2")
{
  if (os_ver == 'A') os_ver = 'AMI';
  audit(AUDIT_OS_NOT, "Amazon Linux 2", "Amazon Linux " + os_ver);
}

if (!get_kb_item("Host/AmazonLinux/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

pkgs = [
    {'reference':'mod_dav_svn-1.7.14-16.amzn2.0.1', 'cpu':'aarch64', 'release':'AL2'},
    {'reference':'mod_dav_svn-1.7.14-16.amzn2.0.1', 'cpu':'i686', 'release':'AL2'},
    {'reference':'mod_dav_svn-1.7.14-16.amzn2.0.1', 'cpu':'x86_64', 'release':'AL2'},
    {'reference':'subversion-1.7.14-16.amzn2.0.1', 'cpu':'aarch64', 'release':'AL2'},
    {'reference':'subversion-1.7.14-16.amzn2.0.1', 'cpu':'i686', 'release':'AL2'},
    {'reference':'subversion-1.7.14-16.amzn2.0.1', 'cpu':'x86_64', 'release':'AL2'},
    {'reference':'subversion-debuginfo-1.7.14-16.amzn2.0.1', 'cpu':'aarch64', 'release':'AL2'},
    {'reference':'subversion-debuginfo-1.7.14-16.amzn2.0.1', 'cpu':'i686', 'release':'AL2'},
    {'reference':'subversion-debuginfo-1.7.14-16.amzn2.0.1', 'cpu':'x86_64', 'release':'AL2'},
    {'reference':'subversion-devel-1.7.14-16.amzn2.0.1', 'cpu':'aarch64', 'release':'AL2'},
    {'reference':'subversion-devel-1.7.14-16.amzn2.0.1', 'cpu':'i686', 'release':'AL2'},
    {'reference':'subversion-devel-1.7.14-16.amzn2.0.1', 'cpu':'x86_64', 'release':'AL2'},
    {'reference':'subversion-gnome-1.7.14-16.amzn2.0.1', 'cpu':'aarch64', 'release':'AL2'},
    {'reference':'subversion-gnome-1.7.14-16.amzn2.0.1', 'cpu':'i686', 'release':'AL2'},
    {'reference':'subversion-gnome-1.7.14-16.amzn2.0.1', 'cpu':'x86_64', 'release':'AL2'},
    {'reference':'subversion-javahl-1.7.14-16.amzn2.0.1', 'cpu':'aarch64', 'release':'AL2'},
    {'reference':'subversion-javahl-1.7.14-16.amzn2.0.1', 'cpu':'i686', 'release':'AL2'},
    {'reference':'subversion-javahl-1.7.14-16.amzn2.0.1', 'cpu':'x86_64', 'release':'AL2'},
    {'reference':'subversion-libs-1.7.14-16.amzn2.0.1', 'cpu':'aarch64', 'release':'AL2'},
    {'reference':'subversion-libs-1.7.14-16.amzn2.0.1', 'cpu':'i686', 'release':'AL2'},
    {'reference':'subversion-libs-1.7.14-16.amzn2.0.1', 'cpu':'x86_64', 'release':'AL2'},
    {'reference':'subversion-perl-1.7.14-16.amzn2.0.1', 'cpu':'aarch64', 'release':'AL2'},
    {'reference':'subversion-perl-1.7.14-16.amzn2.0.1', 'cpu':'i686', 'release':'AL2'},
    {'reference':'subversion-perl-1.7.14-16.amzn2.0.1', 'cpu':'x86_64', 'release':'AL2'},
    {'reference':'subversion-python-1.7.14-16.amzn2.0.1', 'cpu':'aarch64', 'release':'AL2'},
    {'reference':'subversion-python-1.7.14-16.amzn2.0.1', 'cpu':'i686', 'release':'AL2'},
    {'reference':'subversion-python-1.7.14-16.amzn2.0.1', 'cpu':'x86_64', 'release':'AL2'},
    {'reference':'subversion-ruby-1.7.14-16.amzn2.0.1', 'cpu':'aarch64', 'release':'AL2'},
    {'reference':'subversion-ruby-1.7.14-16.amzn2.0.1', 'cpu':'i686', 'release':'AL2'},
    {'reference':'subversion-ruby-1.7.14-16.amzn2.0.1', 'cpu':'x86_64', 'release':'AL2'},
    {'reference':'subversion-tools-1.7.14-16.amzn2.0.1', 'cpu':'aarch64', 'release':'AL2'},
    {'reference':'subversion-tools-1.7.14-16.amzn2.0.1', 'cpu':'i686', 'release':'AL2'},
    {'reference':'subversion-tools-1.7.14-16.amzn2.0.1', 'cpu':'x86_64', 'release':'AL2'}
];

flag = 0;
foreach package_array ( pkgs ) {
  reference = NULL;
  release = NULL;
  cpu = NULL;
  el_string = NULL;
  rpm_spec_vers_cmp = NULL;
  allowmaj = NULL;
  if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
  if (!empty_or_null(package_array['release'])) release = package_array['release'];
  if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];
  if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];
  if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
  if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];
  if (reference && release) {
    if (rpm_check(release:release, cpu:cpu, reference:reference, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;
  }
}

if (flag)
{
  security_report_v4(
      port       : 0,
      severity   : SECURITY_WARNING,
      extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "mod_dav_svn / subversion / subversion-debuginfo / etc");
}
VendorProductVersionCPE
amazonlinuxmod_dav_svnp-cpe:/a:amazon:linux:mod_dav_svn
amazonlinuxsubversionp-cpe:/a:amazon:linux:subversion
amazonlinuxsubversion-debuginfop-cpe:/a:amazon:linux:subversion-debuginfo
amazonlinuxsubversion-develp-cpe:/a:amazon:linux:subversion-devel
amazonlinuxsubversion-gnomep-cpe:/a:amazon:linux:subversion-gnome
amazonlinuxsubversion-javahlp-cpe:/a:amazon:linux:subversion-javahl
amazonlinuxsubversion-libsp-cpe:/a:amazon:linux:subversion-libs
amazonlinuxsubversion-perlp-cpe:/a:amazon:linux:subversion-perl
amazonlinuxsubversion-pythonp-cpe:/a:amazon:linux:subversion-python
amazonlinuxsubversion-rubyp-cpe:/a:amazon:linux:subversion-ruby
Rows per page:
1-10 of 121

Related

nessus 25
centos 1
osv 6
oraclelinux 2
redhat 2
veracode 1
alpinelinux 1
debiancve 1
rocky 1
cve 1
ubuntucve 1
redhatcve 1
prion 1
amazon 2
almalinux 1
archlinux 1
ubuntu 3
openvas 5
mageia 1
debian 3
fedora 1
suse 1
cloudfoundry 1
photon 6
ics 1
ibm 1
nessus
nessus
NewStart CGSL CORE 5.05 / MAIN 5.05 : subversion Vulnerability (NS-SA-2021-0167)
2021-10-27 00:00:00
CentOS 7 : subversion (CESA-2020:3972)
2020-10-20 00:00:00
EulerOS 2.0 SP2 : subversion (EulerOS-SA-2021-1365)
2021-02-22 00:00:00
centos
centos
mod_dav_svn, subversion security update
2020-10-20 19:01:08
osv
osv
CVE-2018-11782
2019-09-26 16:15:00
Moderate: subversion:1.10 security update
2020-11-03 12:29:29
Moderate: subversion:1.10 security update
2020-11-03 12:29:29
oraclelinux
oraclelinux
subversion security update
2020-10-06 00:00:00
subversion:1.10 security update
2020-11-10 00:00:00
redhat
redhat
(RHSA-2020:3972) Moderate: subversion security update
2020-09-29 07:47:41
(RHSA-2020:4712) Moderate: subversion:1.10 security update
2020-11-03 12:29:29
veracode
veracode
Denial Of Service (DoS)
2020-09-21 06:39:03
alpinelinux
alpinelinux
CVE-2018-11782
2019-09-26 16:15:00
debiancve
debiancve
CVE-2018-11782
2019-09-26 16:15:00
rocky
rocky
subversion:1.10 security update
2020-11-03 12:29:29
cve
cve
CVE-2018-11782
2019-09-26 16:15:00
ubuntucve
ubuntucve
CVE-2018-11782
2019-07-31 00:00:00
redhatcve
redhatcve
CVE-2018-11782
2019-08-01 06:52:17
prion
prion
Design/Logic Flaw
2019-09-26 16:15:00
amazon
amazon
Medium: subversion
2020-10-22 18:43:00
Important: subversion
2019-11-04 18:16:00
almalinux
almalinux
Moderate: subversion:1.10 security update
2020-11-03 12:29:29
archlinux
archlinux
[ASA-201908-10] subversion: denial of service
2019-08-16 00:00:00
ubuntu
ubuntu
Subversion vulnerabilities
2019-07-31 00:00:00
Subversion vulnerabilities
2019-07-31 00:00:00
Subversion vulnerabilities
2022-05-26 00:00:00
openvas
openvas
Debian LTS: Security Advisory for subversion (DLA-1903-1)
2019-08-30 00:00:00
Fedora Update for subversion FEDORA-2019-f6bc68e455
2019-08-06 00:00:00
Debian Security Advisory DSA 4490-1 (subversion - security update)
2019-08-01 00:00:00
mageia
mageia
Updated subversion packages fix security vulnerabilities
2019-09-07 00:09:08
debian
debian
[SECURITY] [DLA 1903-1] subversion security update
2019-08-29 21:14:54
[SECURITY] [DSA 4490-1] subversion security update
2019-07-31 22:07:24
[SECURITY] [DSA 4490-1] subversion security update
2019-07-31 22:07:24
fedora
fedora
[SECURITY] Fedora 30 Update: subversion-1.12.2-1.fc30
2019-08-06 01:19:43
suse
suse
Security update for subversion (important)
2019-08-15 00:00:00
cloudfoundry
cloudfoundry
USN-5445-1: Subversion vulnerabilities | Cloud Foundry
2022-07-28 00:00:00
photon
photon
Important Photon OS Security Update - PHSA-2019-0254
2019-10-18 00:00:00
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2019-1.0-0254
2019-10-18 00:00:00
Critical Photon OS Security Update - PHSA-2019-0035
2019-10-18 00:00:00
ics
ics
Yokogawa CENTUM and ProSafe-RS
2022-05-03 12:00:00
ibm
ibm
Security Bulletin: IBM QRadar Network Security is affected by multiple vulnerabilities.
2022-07-19 21:43:48
JSON
Related for AL2_ALAS-2020-1549.NASL
nessus25centos1osv6oraclelinux2redhat2veracode1alpinelinux1debiancve1rocky1cve1ubuntucve1redhatcve1prion1amazon2almalinux1archlinux1ubuntu3openvas5mageia1debian3fedora1suse1cloudfoundry1photon6ics1ibm1