Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2015-2018 Tenable Network Security, Inc.ALA_ALAS-2015-555.NASL
HistoryJun 25, 2015 - 12:00 a.m.

Amazon Linux AMI : mod_dav_svn / subversion (ALAS-2015-555)

2015-06-2500:00:00
This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.
www.tenable.com
8
JSON

A NULL pointer dereference flaw was found in the way the mod_dav_svn module handled certain requests for URIs that trigger a lookup of a virtual transaction name. A remote, unauthenticated attacker could send a request for a virtual transaction name that does not exist, causing mod_dav_svn to crash. (CVE-2014-8108)

A NULL pointer dereference flaw was found in the way the mod_dav_svn module handled REPORT requests. A remote, unauthenticated attacker could use a specially crafted REPORT request to crash mod_dav_svn.
(CVE-2014-3580)

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Amazon Linux AMI Security Advisory ALAS-2015-555.
#

include("compat.inc");

if (description)
{
  script_id(84372);
  script_version("2.2");
  script_cvs_date("Date: 2018/04/18 15:09:35");

  script_cve_id("CVE-2014-3580", "CVE-2014-8108");
  script_xref(name:"ALAS", value:"2015-555");

  script_name(english:"Amazon Linux AMI : mod_dav_svn / subversion (ALAS-2015-555)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Amazon Linux AMI host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"A NULL pointer dereference flaw was found in the way the mod_dav_svn
module handled certain requests for URIs that trigger a lookup of a
virtual transaction name. A remote, unauthenticated attacker could
send a request for a virtual transaction name that does not exist,
causing mod_dav_svn to crash. (CVE-2014-8108)

A NULL pointer dereference flaw was found in the way the mod_dav_svn
module handled REPORT requests. A remote, unauthenticated attacker
could use a specially crafted REPORT request to crash mod_dav_svn.
(CVE-2014-3580)"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://alas.aws.amazon.com/ALAS-2015-555.html"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Run 'yum update subversion' to update your system."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:mod24_dav_svn");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:mod_dav_svn");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:mod_dav_svn-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:subversion");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:subversion-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:subversion-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:subversion-javahl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:subversion-libs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:subversion-perl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:subversion-python26");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:subversion-python27");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:subversion-ruby");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:subversion-tools");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:amazon:linux");

  script_set_attribute(attribute:"patch_publication_date", value:"2015/06/24");
  script_set_attribute(attribute:"plugin_publication_date", value:"2015/06/25");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.");
  script_family(english:"Amazon Linux Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/AmazonLinux/release", "Host/AmazonLinux/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);

release = get_kb_item("Host/AmazonLinux/release");
if (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, "Amazon Linux");
os_ver = pregmatch(pattern: "^AL(A|\d)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Amazon Linux");
os_ver = os_ver[1];
if (os_ver != "A")
{
  if (os_ver == 'A') os_ver = 'AMI';
  audit(AUDIT_OS_NOT, "Amazon Linux AMI", "Amazon Linux " + os_ver);
}

if (!get_kb_item("Host/AmazonLinux/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);


flag = 0;
if (rpm_check(release:"ALA", reference:"mod24_dav_svn-1.8.11-1.50.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"mod_dav_svn-1.8.11-1.49.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"mod_dav_svn-debuginfo-1.8.11-1.49.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"subversion-1.8.11-1.50.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"subversion-debuginfo-1.8.11-1.50.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"subversion-devel-1.8.11-1.50.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"subversion-javahl-1.8.11-1.50.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"subversion-libs-1.8.11-1.50.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"subversion-perl-1.8.11-1.50.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"subversion-python26-1.8.11-1.50.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"subversion-python27-1.8.11-1.50.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"subversion-ruby-1.8.11-1.50.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"subversion-tools-1.8.11-1.50.amzn1")) flag++;

if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
  else security_warning(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "mod24_dav_svn / mod_dav_svn / mod_dav_svn-debuginfo / subversion / etc");
}
VendorProductVersionCPE
amazonlinuxmod24_dav_svnp-cpe:/a:amazon:linux:mod24_dav_svn
amazonlinuxmod_dav_svnp-cpe:/a:amazon:linux:mod_dav_svn
amazonlinuxmod_dav_svn-debuginfop-cpe:/a:amazon:linux:mod_dav_svn-debuginfo
amazonlinuxsubversionp-cpe:/a:amazon:linux:subversion
amazonlinuxsubversion-debuginfop-cpe:/a:amazon:linux:subversion-debuginfo
amazonlinuxsubversion-develp-cpe:/a:amazon:linux:subversion-devel
amazonlinuxsubversion-javahlp-cpe:/a:amazon:linux:subversion-javahl
amazonlinuxsubversion-libsp-cpe:/a:amazon:linux:subversion-libs
amazonlinuxsubversion-perlp-cpe:/a:amazon:linux:subversion-perl
amazonlinuxsubversion-python26p-cpe:/a:amazon:linux:subversion-python26
Rows per page:
1-10 of 141

Related

nessus 20
securityvulns 4
openvas 16
freebsd 1
fedora 2
amazon 1
archlinux 1
mageia 1
centos 2
oraclelinux 2
redhat 2
cve 2
debiancve 2
prion 2
ubuntucve 2
cvelist 2
debian 2
osv 1
ubuntu 1
veracode 1
suse 1
nessus
nessus
Mandriva Linux Security Advisory : subversion (MDVSA-2015:005)
2015-01-06 00:00:00
openSUSE Security Update : subversion (openSUSE-SU-2014:1725-1)
2014-12-30 00:00:00
Fedora 21 : subversion-1.8.11-1.fc21 (2014-17118)
2015-01-06 00:00:00
securityvulns
securityvulns
[ MDVSA-2015:005 ] subversion
2015-01-13 00:00:00
Apache Subversion DoS
2015-01-13 00:00:00
[SECURITY] [DSA 3107-1] subversion security update
2014-12-23 00:00:00
openvas
openvas
Fedora Update for subversion FEDORA-2014-17222
2015-01-05 00:00:00
Fedora Update for subversion FEDORA-2014-17118
2015-01-05 00:00:00
Amazon Linux: Security Advisory (ALAS-2015-555)
2015-09-08 00:00:00
freebsd
freebsd
subversion -- DoS vulnerabilities
2014-12-13 00:00:00
fedora
fedora
[SECURITY] Fedora 21 Update: subversion-1.8.11-1.fc21
2015-01-05 07:39:50
[SECURITY] Fedora 20 Update: subversion-1.8.11-1.fc20
2015-01-05 07:38:55
amazon
amazon
Medium: mod_dav_svn, subversion
2015-06-24 10:08:00
archlinux
archlinux
subversion: denial of service
2014-12-16 00:00:00
mageia
mageia
Updated subversion packages fix security vulnerabilities
2014-12-23 23:35:35
centos
centos
mod_dav_svn, subversion security update
2015-02-11 00:09:48
mod_dav_svn, subversion security update
2015-02-10 22:32:42
oraclelinux
oraclelinux
subversion security update
2015-02-10 00:00:00
subversion security update
2015-02-10 00:00:00
redhat
redhat
(RHSA-2015:0166) Moderate: subversion security update
2015-02-10 00:00:00
(RHSA-2015:0165) Moderate: subversion security update
2015-02-10 00:00:00
cve
cve
CVE-2014-8108
2014-12-18 15:59:00
CVE-2014-3580
2014-12-18 15:59:00
debiancve
debiancve
CVE-2014-8108
2014-12-18 15:59:00
CVE-2014-3580
2014-12-18 15:59:00
prion
prion
Null pointer dereference
2014-12-18 15:59:00
Null pointer dereference
2014-12-18 15:59:00
ubuntucve
ubuntucve
CVE-2014-8108
2014-12-18 00:00:00
CVE-2014-3580
2014-12-18 00:00:00
cvelist
cvelist
CVE-2014-8108
2014-12-18 15:00:00
CVE-2014-3580
2014-12-18 15:00:00
debian
debian
[SECURITY] [DLA 119-1] subversion security update
2014-12-21 22:05:30
[SECURITY] [DSA 3107-1] subversion security update
2014-12-20 18:28:25
osv
osv
subversion - security update
2014-12-21 00:00:00
ubuntu
ubuntu
Subversion vulnerabilities
2015-08-20 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-05-02 05:13:28
suse
suse
Security update for subversion (important)
2017-08-17 12:10:12
JSON
Related for ALA_ALAS-2015-555.NASL
nessus20securityvulns4openvas16freebsd1fedora2amazon1archlinux1mageia1centos2oraclelinux2redhat2cve2debiancve2prion2ubuntucve2cvelist2debian2osv1ubuntu1veracode1suse1