Vulners
Lucene search
GLSA-200908-05 : Subversion: Remote execution of arbitrary code
| Reporter | Title | Published | Views | Family All 96 |
|---|---|---|---|---|
 | TortoiseSVN < 1.5.6 / 1.6.0-1.6.3 Multiple Integer Overflows | 25 Aug 200900:00 | – | nessus |
| SVN < 1.5.6 / 1.6.0-1.6.3 Multiple Integer Overflows (deprecated) | 25 Aug 200900:00 | – | nessus |
| Mac OS X 10.6 < 10.6.2 Multiple Vulnerabilities | 10 Nov 200900:00 | – | nessus |
| Mac OS X 10.6 < 10.6.2 Multiple Vulnerabilities | 10 Nov 200900:00 | – | nessus |
| CentOS 5 : subversion (CESA-2009:1203) | 6 Jan 201000:00 | – | nessus |
| Debian DSA-1855-1 : subversion - heap overflow | 24 Feb 201000:00 | – | nessus |
| Fedora 10 : subversion-1.6.4-2.fc10 (2009-8432) | 11 Aug 200900:00 | – | nessus |
| Fedora 11 : subversion-1.6.4-2.fc11 (2009-8449) | 11 Aug 200900:00 | – | nessus |
| FreeBSD : subversion -- heap overflow vulnerability (bce1f76d-82d0-11de-88ea-001a4d49522b) | 7 Aug 200900:00 | – | nessus |
| Mac OS X 10.6.x < 10.6.2 Multiple Vulnerabilities | 9 Nov 200900:00 | – | nessus |
10
| Source | Link |
|---|---|
| security | www.security.gentoo.org/glsa/200908-05 |
| cve | www.cve.mitre.org/cgi-bin/cvename.cgi |
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Gentoo Linux Security Advisory GLSA 200908-05.
#
# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.
# and licensed under the Creative Commons - Attribution / Share Alike
# license. See http://creativecommons.org/licenses/by-sa/3.0/
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(40630);
script_version("1.13");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/06");
script_cve_id("CVE-2009-2411");
script_bugtraq_id(35983);
script_xref(name:"GLSA", value:"200908-05");
script_name(english:"GLSA-200908-05 : Subversion: Remote execution of arbitrary code");
script_summary(english:"Checks for updated package(s) in /var/db/pkg");
script_set_attribute(
attribute:"synopsis",
value:
"The remote Gentoo host is missing one or more security-related
patches."
);
script_set_attribute(
attribute:"description",
value:
"The remote host is affected by the vulnerability described in GLSA-200908-05
(Subversion: Remote execution of arbitrary code)
Matt Lewis of Google reported multiple integer overflows in the
libsvn_delta library, possibly leading to heap-based buffer overflows.
Impact :
A remote attacker with commit access could exploit this vulnerability
by sending a specially crafted commit to a Subversion server, or a
remote attacker could entice a user to check out or update a repository
from a malicious Subversion server, possibly resulting in the execution
of arbitrary code with the privileges of the user running the server or
client.
Workaround :
There is no known workaround at this time."
);
script_set_attribute(
attribute:"see_also",
value:"https://security.gentoo.org/glsa/200908-05"
);
script_set_attribute(
attribute:"solution",
value:
"All Subversion users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose '>=dev-util/subversion-1.6.4'"
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:S/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_cwe_id(189);
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:subversion");
script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux");
script_set_attribute(attribute:"patch_publication_date", value:"2009/08/18");
script_set_attribute(attribute:"plugin_publication_date", value:"2009/08/20");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.");
script_family(english:"Gentoo Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("qpkg.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo");
if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
flag = 0;
if (qpkg_check(package:"dev-util/subversion", unaffected:make_list("ge 1.6.4"), vulnerable:make_list("lt 1.6.4"))) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());
else security_hole(0);
exit(0);
}
else
{
tested = qpkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "Subversion");
}
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
06 Jan 2021 00:00Current
8.6High risk
Vulners AI Score8.6
CVSS 28.5
EPSS0.06173