Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.OPENSUSE-2013-621.NASL
HistoryJun 13, 2014 - 12:00 a.m.

openSUSE Security Update : subversion (openSUSE-SU-2013:1286-1)

2014-06-1300:00:00
This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
13
JSON

Subversion was updated to 1.7.11 [bnc#830031] to fix bugs and security issues.

  • translation updates for Simplified Chinese

  • mod_dav_svn: fix incorrect path canonicalization (CVE-2013-4131)

  • javahl bindings: fix bug in error constructing code

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from openSUSE Security Update openSUSE-2013-621.
#
# The text description of this plugin is (C) SUSE LLC.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(75100);
  script_version("1.4");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/19");

  script_cve_id("CVE-2013-4131");

  script_name(english:"openSUSE Security Update : subversion (openSUSE-SU-2013:1286-1)");
  script_summary(english:"Check for the openSUSE-2013-621 patch");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote openSUSE host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Subversion was updated to 1.7.11 [bnc#830031] to fix bugs and security
issues.

  - translation updates for Simplified Chinese

  - mod_dav_svn: fix incorrect path canonicalization
    (CVE-2013-4131)

  - javahl bindings: fix bug in error constructing code"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=830031"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://lists.opensuse.org/opensuse-updates/2013-08/msg00000.html"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Update the affected subversion packages."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsvn_auth_gnome_keyring-1-0");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsvn_auth_gnome_keyring-1-0-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsvn_auth_kwallet-1-0");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsvn_auth_kwallet-1-0-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:subversion");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:subversion-bash-completion");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:subversion-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:subversion-debugsource");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:subversion-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:subversion-perl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:subversion-perl-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:subversion-python");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:subversion-python-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:subversion-server");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:subversion-server-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:subversion-tools");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:subversion-tools-debuginfo");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:12.2");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:12.3");

  script_set_attribute(attribute:"patch_publication_date", value:"2013/07/25");
  script_set_attribute(attribute:"plugin_publication_date", value:"2014/06/13");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"SuSE Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
if (release !~ "^(SUSE12\.2|SUSE12\.3)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "12.2 / 12.3", release);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

ourarch = get_kb_item("Host/cpu");
if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);

flag = 0;

if ( rpm_check(release:"SUSE12.2", reference:"libsvn_auth_gnome_keyring-1-0-1.7.11-4.20.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"libsvn_auth_gnome_keyring-1-0-debuginfo-1.7.11-4.20.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"libsvn_auth_kwallet-1-0-1.7.11-4.20.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"libsvn_auth_kwallet-1-0-debuginfo-1.7.11-4.20.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"subversion-1.7.11-4.20.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"subversion-bash-completion-1.7.11-4.20.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"subversion-debuginfo-1.7.11-4.20.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"subversion-debugsource-1.7.11-4.20.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"subversion-devel-1.7.11-4.20.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"subversion-perl-1.7.11-4.20.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"subversion-perl-debuginfo-1.7.11-4.20.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"subversion-python-1.7.11-4.20.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"subversion-python-debuginfo-1.7.11-4.20.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"subversion-server-1.7.11-4.20.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"subversion-server-debuginfo-1.7.11-4.20.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"subversion-tools-1.7.11-4.20.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"subversion-tools-debuginfo-1.7.11-4.20.1") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"libsvn_auth_gnome_keyring-1-0-1.7.11-2.12.1") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"libsvn_auth_gnome_keyring-1-0-debuginfo-1.7.11-2.12.1") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"libsvn_auth_kwallet-1-0-1.7.11-2.12.1") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"libsvn_auth_kwallet-1-0-debuginfo-1.7.11-2.12.1") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"subversion-1.7.11-2.12.1") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"subversion-bash-completion-1.7.11-2.12.1") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"subversion-debuginfo-1.7.11-2.12.1") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"subversion-debugsource-1.7.11-2.12.1") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"subversion-devel-1.7.11-2.12.1") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"subversion-perl-1.7.11-2.12.1") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"subversion-perl-debuginfo-1.7.11-2.12.1") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"subversion-python-1.7.11-2.12.1") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"subversion-python-debuginfo-1.7.11-2.12.1") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"subversion-server-1.7.11-2.12.1") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"subversion-server-debuginfo-1.7.11-2.12.1") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"subversion-tools-1.7.11-2.12.1") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"subversion-tools-debuginfo-1.7.11-2.12.1") ) flag++;

if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
  else security_warning(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "subversion");
}
VendorProductVersionCPE
novellopensuselibsvn_auth_gnome_keyring-1-0p-cpe:/a:novell:opensuse:libsvn_auth_gnome_keyring-1-0
novellopensuselibsvn_auth_gnome_keyring-1-0-debuginfop-cpe:/a:novell:opensuse:libsvn_auth_gnome_keyring-1-0-debuginfo
novellopensuselibsvn_auth_kwallet-1-0p-cpe:/a:novell:opensuse:libsvn_auth_kwallet-1-0
novellopensuselibsvn_auth_kwallet-1-0-debuginfop-cpe:/a:novell:opensuse:libsvn_auth_kwallet-1-0-debuginfo
novellopensusesubversionp-cpe:/a:novell:opensuse:subversion
novellopensusesubversion-bash-completionp-cpe:/a:novell:opensuse:subversion-bash-completion
novellopensusesubversion-debuginfop-cpe:/a:novell:opensuse:subversion-debuginfo
novellopensusesubversion-debugsourcep-cpe:/a:novell:opensuse:subversion-debugsource
novellopensusesubversion-develp-cpe:/a:novell:opensuse:subversion-devel
novellopensusesubversion-perlp-cpe:/a:novell:opensuse:subversion-perl
Rows per page:
1-10 of 191

Related

openvas 7
securityvulns 2
fedora 2
nessus 7
prion 1
freebsd 1
mageia 1
ubuntucve 1
amazon 1
debiancve 1
cve 1
gentoo 1
openvas
openvas
Fedora Update for subversion FEDORA-2013-13696
2013-08-20 00:00:00
Amazon Linux: Security Advisory (ALAS-2013-221)
2015-09-08 00:00:00
Mageia: Security Advisory (MGASA-2013-0244)
2022-01-28 00:00:00
securityvulns
securityvulns
[ MDVSA-2013:209 ] subversion
2013-08-12 00:00:00
Apache mod_dav_svn DoS
2013-08-12 00:00:00
fedora
fedora
[SECURITY] Fedora 19 Update: subversion-1.7.11-1.fc19
2013-08-02 03:31:02
[SECURITY] Fedora 18 Update: subversion-1.7.11-1.fc18.1
2013-08-15 02:33:32
nessus
nessus
FreeBSD : subversion -- remotely triggerable 'Assertion failed' DoS vulnerability or read overflow. (2ae24334-f2e6-11e2-8346-001e8c75030d)
2013-07-25 00:00:00
Amazon Linux AMI : subversion (ALAS-2013-221)
2013-10-01 00:00:00
Mandriva Linux Security Advisory : subversion (MDVSA-2013:209)
2013-08-07 00:00:00
prion
prion
Out-of-bounds
2013-07-31 13:20:00
freebsd
freebsd
subversion -- remotely triggerable "Assertion failed" DoS vulnerability or read overflow.
2013-07-19 00:00:00
mageia
mageia
Updated subversion packages fixes security vulnerability
2013-08-11 16:24:46
ubuntucve
ubuntucve
CVE-2013-4131
2013-07-31 00:00:00
amazon
amazon
Medium: subversion
2013-09-04 13:32:00
debiancve
debiancve
CVE-2013-4131
2013-07-31 13:20:00
cve
cve
CVE-2013-4131
2013-07-31 13:20:00
gentoo
gentoo
Subversion: Multiple vulnerabilities
2013-09-23 00:00:00
JSON
Related for OPENSUSE-2013-621.NASL
openvas7securityvulns2fedora2nessus7prion1freebsd1mageia1ubuntucve1amazon1debiancve1cve1gentoo1