Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2014-2018 Tenable Network Security, Inc.ALA_ALAS-2014-318.NASL
HistoryMar 28, 2014 - 12:00 a.m.

Amazon Linux AMI : subversion (ALAS-2014-318)

2014-03-2800:00:00
This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.
www.tenable.com
15

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.135 Low

EPSS

Percentile

95.6%

JSON

A flaw was found in the way the mod_dav_svn module handled OPTIONS requests. A remote attacker with read access to an SVN repository served via HTTP could use this flaw to cause the httpd process that handled such a request to crash.

The get_resource function in repos.c in the mod_dav_svn module in Apache Subversion before 1.7.15 and 1.8.x before 1.8.6, when SVNListParentPath is enabled, allows remote attackers to cause a denial of service (crash) via vectors related to the server root and request methods other than GET, as demonstrated by the ‘svn ls http://svn.example.com’ command.

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Amazon Linux AMI Security Advisory ALAS-2014-318.
#

include("compat.inc");

if (description)
{
  script_id(73237);
  script_version("1.5");
  script_cvs_date("Date: 2018/04/18 15:09:35");

  script_cve_id("CVE-2014-0032");
  script_xref(name:"ALAS", value:"2014-318");

  script_name(english:"Amazon Linux AMI : subversion (ALAS-2014-318)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Amazon Linux AMI host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"A flaw was found in the way the mod_dav_svn module handled OPTIONS
requests. A remote attacker with read access to an SVN repository
served via HTTP could use this flaw to cause the httpd process that
handled such a request to crash.

The get_resource function in repos.c in the mod_dav_svn module in
Apache Subversion before 1.7.15 and 1.8.x before 1.8.6, when
SVNListParentPath is enabled, allows remote attackers to cause a
denial of service (crash) via vectors related to the server root and
request methods other than GET, as demonstrated by the 'svn ls
http://svn.example.com' command."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://alas.aws.amazon.com/ALAS-2014-318.html"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Run 'yum update subversion' to update your system."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:mod_dav_svn");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:subversion");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:subversion-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:subversion-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:subversion-javahl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:subversion-libs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:subversion-perl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:subversion-python");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:subversion-ruby");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:subversion-tools");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:amazon:linux");

  script_set_attribute(attribute:"patch_publication_date", value:"2014/03/25");
  script_set_attribute(attribute:"plugin_publication_date", value:"2014/03/28");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.");
  script_family(english:"Amazon Linux Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/AmazonLinux/release", "Host/AmazonLinux/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);

release = get_kb_item("Host/AmazonLinux/release");
if (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, "Amazon Linux");
os_ver = pregmatch(pattern: "^AL(A|\d)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Amazon Linux");
os_ver = os_ver[1];
if (os_ver != "A")
{
  if (os_ver == 'A') os_ver = 'AMI';
  audit(AUDIT_OS_NOT, "Amazon Linux AMI", "Amazon Linux " + os_ver);
}

if (!get_kb_item("Host/AmazonLinux/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);


flag = 0;
if (rpm_check(release:"ALA", reference:"mod_dav_svn-1.8.8-1.42.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"subversion-1.8.8-1.42.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"subversion-debuginfo-1.8.8-1.42.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"subversion-devel-1.8.8-1.42.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"subversion-javahl-1.8.8-1.42.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"subversion-libs-1.8.8-1.42.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"subversion-perl-1.8.8-1.42.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"subversion-python-1.8.8-1.42.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"subversion-ruby-1.8.8-1.42.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"subversion-tools-1.8.8-1.42.amzn1")) flag++;

if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
  else security_warning(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "mod_dav_svn / subversion / subversion-debuginfo / subversion-devel / etc");
}
VendorProductVersionCPE
amazonlinuxmod_dav_svnp-cpe:/a:amazon:linux:mod_dav_svn
amazonlinuxsubversionp-cpe:/a:amazon:linux:subversion
amazonlinuxsubversion-debuginfop-cpe:/a:amazon:linux:subversion-debuginfo
amazonlinuxsubversion-develp-cpe:/a:amazon:linux:subversion-devel
amazonlinuxsubversion-javahlp-cpe:/a:amazon:linux:subversion-javahl
amazonlinuxsubversion-libsp-cpe:/a:amazon:linux:subversion-libs
amazonlinuxsubversion-perlp-cpe:/a:amazon:linux:subversion-perl
amazonlinuxsubversion-pythonp-cpe:/a:amazon:linux:subversion-python
amazonlinuxsubversion-rubyp-cpe:/a:amazon:linux:subversion-ruby
amazonlinuxsubversion-toolsp-cpe:/a:amazon:linux:subversion-tools
Rows per page:
1-10 of 111

Related

nessus 17
openvas 17
fedora 2
mageia 2
prion 1
freebsd 1
veracode 1
cvelist 1
kaspersky 1
amazon 1
ubuntucve 1
cve 1
debiancve 1
nvd 1
slackware 1
securityvulns 4
oraclelinux 1
centos 1
ubuntu 1
redhat 1
osv 1
debian 1
gentoo 1
nessus
nessus
Fedora 20 : subversion-1.8.8-1.fc20 (2014-3365)
2014-03-17 00:00:00
openSUSE Security Update : subversion (openSUSE-SU-2014:0307-1)
2014-06-13 00:00:00
openSUSE Security Update : subversion (openSUSE-SU-2014:0334-1)
2014-06-13 00:00:00
openvas
openvas
Amazon Linux: Security Advisory (ALAS-2014-318)
2015-09-08 00:00:00
Fedora Update for subversion FEDORA-2014-3365
2014-03-17 00:00:00
Fedora Update for subversion FEDORA-2014-3567
2014-03-17 00:00:00
fedora
fedora
[SECURITY] Fedora 19 Update: subversion-1.7.16-1.fc19
2014-03-15 15:19:30
[SECURITY] Fedora 20 Update: subversion-1.8.8-1.fc20
2014-03-15 15:17:32
mageia
mageia
Updated subversion packages fix CVE-2014-0032
2014-02-28 02:00:06
Updated subversion packages fix CVE-2014-0032
2014-02-28 01:58:42
prion
prion
Command injection
2014-02-14 15:55:00
freebsd
freebsd
subversion -- mod_dav_svn vulnerability
2014-01-10 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 01:21:19
cvelist
cvelist
CVE-2014-0032
2014-02-14 15:00:00
kaspersky
kaspersky
KLA10071 DoS vulnerability in Apache Subversion
2014-08-07 00:00:00
amazon
amazon
Medium: subversion
2014-03-25 12:14:00
ubuntucve
ubuntucve
CVE-2014-0032
2014-02-14 00:00:00
cve
cve
CVE-2014-0032
2014-02-14 15:55:05
debiancve
debiancve
CVE-2014-0032
2014-02-14 15:55:05
nvd
nvd
CVE-2014-0032
2014-02-14 15:55:05
slackware
slackware
[slackware-security] subversion
2014-02-27 21:06:12
securityvulns
securityvulns
[slackware-security] subversion (SSA:2014-058-01)
2014-03-02 00:00:00
Apache Subversion multiple security vulnerabilities
2014-08-26 00:00:00
[USN-2316-1] Subversion vulnerabilities
2014-08-26 00:00:00
oraclelinux
oraclelinux
subversion security update
2014-03-05 00:00:00
centos
centos
mod_dav_svn, subversion security update
2014-03-06 11:19:14
ubuntu
ubuntu
Subversion vulnerabilities
2014-08-14 00:00:00
redhat
redhat
(RHSA-2014:0255) Moderate: subversion security update
2014-03-05 00:00:00
osv
osv
subversion - security update
2015-04-24 00:00:00
debian
debian
[SECURITY] [DLA 207-1] subversion security update
2015-04-24 09:40:22
gentoo
gentoo
Subversion, Serf: Multiple Vulnerabilities
2016-10-11 00:00:00

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.135 Low

EPSS

Percentile

95.6%

JSON
Related for ALA_ALAS-2014-318.NASL
nessus17openvas17fedora2mageia2prion1freebsd1veracode1cvelist1kaspersky1amazon1ubuntucve1cve1debiancve1nvd1slackware1securityvulns4oraclelinux1centos1ubuntu1redhat1osv1debian1gentoo1