Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusUbuntu Security Notice (C) 2015-2020 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.UBUNTU_USN-2721-1.NASL
HistoryAug 21, 2015 - 12:00 a.m.

Ubuntu 14.04 LTS : Subversion vulnerabilities (USN-2721-1)

2015-08-2100:00:00
Ubuntu Security Notice (C) 2015-2020 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
11
JSON

It was discovered that the Subversion mod_dav_svn module incorrectly handled REPORT requests for a resource that does not exist. A remote attacker could use this issue to cause the server to crash, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2014-3580)

It was discovered that the Subversion mod_dav_svn module incorrectly handled requests requiring a lookup for a virtual transaction name that does not exist. A remote attacker could use this issue to cause the server to crash, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS. (CVE-2014-8108)

Evgeny Kotkov discovered that the Subversion mod_dav_svn module incorrectly handled large numbers of REPORT requests. A remote attacker could use this issue to cause the server to crash, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 15.04. (CVE-2015-0202)

Evgeny Kotkov discovered that the Subversion mod_dav_svn and svnserve modules incorrectly certain crafted parameter combinations. A remote attacker could use this issue to cause the server to crash, resulting in a denial of service. (CVE-2015-0248)

Ivan Zhakov discovered that the Subversion mod_dav_svn module incorrectly handled crafted v1 HTTP protocol request sequences. A remote attacker could use this issue to spoof the svn:author property.
(CVE-2015-0251)

C. Michael Pilato discovered that the Subversion mod_dav_svn module incorrectly restricted anonymous access. A remote attacker could use this issue to read hidden files via the path name. This issue only affected Ubuntu 14.04 LTS and Ubuntu 15.04. (CVE-2015-3184)

C. Michael Pilato discovered that Subversion incorrectly handled path-based authorization. A remote attacker could use this issue to obtain sensitive path information. (CVE-2015-3187).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Ubuntu Security Notice USN-2721-1. The text 
# itself is copyright (C) Canonical, Inc. See 
# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered 
# trademark of Canonical, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(85579);
  script_version("2.9");
  script_set_attribute(attribute:"plugin_modification_date", value:"2023/10/20");

  script_cve_id(
    "CVE-2014-3580",
    "CVE-2014-8108",
    "CVE-2015-0202",
    "CVE-2015-0248",
    "CVE-2015-0251",
    "CVE-2015-3184",
    "CVE-2015-3187"
  );
  script_xref(name:"USN", value:"2721-1");

  script_name(english:"Ubuntu 14.04 LTS : Subversion vulnerabilities (USN-2721-1)");

  script_set_attribute(attribute:"synopsis", value:
"The remote Ubuntu host is missing one or more security updates.");
  script_set_attribute(attribute:"description", value:
"It was discovered that the Subversion mod_dav_svn module incorrectly
handled REPORT requests for a resource that does not exist. A remote
attacker could use this issue to cause the server to crash, resulting
in a denial of service. This issue only affected Ubuntu 12.04 LTS and
Ubuntu 14.04 LTS. (CVE-2014-3580)

It was discovered that the Subversion mod_dav_svn module incorrectly
handled requests requiring a lookup for a virtual transaction name
that does not exist. A remote attacker could use this issue to cause
the server to crash, resulting in a denial of service. This issue only
affected Ubuntu 14.04 LTS. (CVE-2014-8108)

Evgeny Kotkov discovered that the Subversion mod_dav_svn module
incorrectly handled large numbers of REPORT requests. A remote
attacker could use this issue to cause the server to crash, resulting
in a denial of service. This issue only affected Ubuntu 14.04 LTS and
Ubuntu 15.04. (CVE-2015-0202)

Evgeny Kotkov discovered that the Subversion mod_dav_svn and svnserve
modules incorrectly certain crafted parameter combinations. A remote
attacker could use this issue to cause the server to crash, resulting
in a denial of service. (CVE-2015-0248)

Ivan Zhakov discovered that the Subversion mod_dav_svn module
incorrectly handled crafted v1 HTTP protocol request sequences. A
remote attacker could use this issue to spoof the svn:author property.
(CVE-2015-0251)

C. Michael Pilato discovered that the Subversion mod_dav_svn module
incorrectly restricted anonymous access. A remote attacker could use
this issue to read hidden files via the path name. This issue only
affected Ubuntu 14.04 LTS and Ubuntu 15.04. (CVE-2015-3184)

C. Michael Pilato discovered that Subversion incorrectly handled
path-based authorization. A remote attacker could use this issue to
obtain sensitive path information. (CVE-2015-3187).

Note that Tenable Network Security has extracted the preceding
description block directly from the Ubuntu security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.");
  script_set_attribute(attribute:"see_also", value:"https://ubuntu.com/security/notices/USN-2721-1");
  script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2015-3184");
  script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2015-3187");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2014/12/18");
  script_set_attribute(attribute:"patch_publication_date", value:"2015/08/20");
  script_set_attribute(attribute:"plugin_publication_date", value:"2015/08/21");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libapache2-svn");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libsvn-dev");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libsvn-java");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libsvn-perl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libsvn-ruby1.8");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libsvn1");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:python-subversion");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:ruby-svn");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:subversion");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:subversion-tools");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:14.04:-:lts");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libapache2-mod-svn");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Ubuntu Local Security Checks");

  script_copyright(english:"Ubuntu Security Notice (C) 2015-2020 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");

  exit(0);
}

include('debian_package.inc');

if ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item('Host/Ubuntu/release');
if ( isnull(os_release) ) audit(AUDIT_OS_NOT, 'Ubuntu');
os_release = chomp(os_release);
if (! ('14.04' >< os_release)) audit(AUDIT_OS_NOT, 'Ubuntu 14.04', 'Ubuntu ' + os_release);
if ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);

var pkgs = [
    {'osver': '14.04', 'pkgname': 'libapache2-mod-svn', 'pkgver': '1.8.8-1ubuntu3.2'},
    {'osver': '14.04', 'pkgname': 'libapache2-svn', 'pkgver': '1.8.8-1ubuntu3.2'},
    {'osver': '14.04', 'pkgname': 'libsvn-dev', 'pkgver': '1.8.8-1ubuntu3.2'},
    {'osver': '14.04', 'pkgname': 'libsvn-java', 'pkgver': '1.8.8-1ubuntu3.2'},
    {'osver': '14.04', 'pkgname': 'libsvn-perl', 'pkgver': '1.8.8-1ubuntu3.2'},
    {'osver': '14.04', 'pkgname': 'libsvn-ruby1.8', 'pkgver': '1.8.8-1ubuntu3.2'},
    {'osver': '14.04', 'pkgname': 'libsvn1', 'pkgver': '1.8.8-1ubuntu3.2'},
    {'osver': '14.04', 'pkgname': 'python-subversion', 'pkgver': '1.8.8-1ubuntu3.2'},
    {'osver': '14.04', 'pkgname': 'ruby-svn', 'pkgver': '1.8.8-1ubuntu3.2'},
    {'osver': '14.04', 'pkgname': 'subversion', 'pkgver': '1.8.8-1ubuntu3.2'},
    {'osver': '14.04', 'pkgname': 'subversion-tools', 'pkgver': '1.8.8-1ubuntu3.2'}
];

var flag = 0;
foreach package_array ( pkgs ) {
  var osver = NULL;
  var pkgname = NULL;
  var pkgver = NULL;
  if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];
  if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];
  if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];
  if (osver && pkgname && pkgver) {
    if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;
  }
}

if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_WARNING,
    extra      : ubuntu_report_get()
  );
  exit(0);
}
else
{
  var tested = ubuntu_pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libapache2-mod-svn / libapache2-svn / libsvn-dev / libsvn-java / etc');
}
VendorProductVersionCPE
canonicalubuntu_linuxlibapache2-svnp-cpe:/a:canonical:ubuntu_linux:libapache2-svn
canonicalubuntu_linuxlibsvn-devp-cpe:/a:canonical:ubuntu_linux:libsvn-dev
canonicalubuntu_linuxlibsvn-javap-cpe:/a:canonical:ubuntu_linux:libsvn-java
canonicalubuntu_linuxlibsvn-perlp-cpe:/a:canonical:ubuntu_linux:libsvn-perl
canonicalubuntu_linuxlibsvn-ruby1.8p-cpe:/a:canonical:ubuntu_linux:libsvn-ruby1.8
canonicalubuntu_linuxlibsvn1p-cpe:/a:canonical:ubuntu_linux:libsvn1
canonicalubuntu_linuxpython-subversionp-cpe:/a:canonical:ubuntu_linux:python-subversion
canonicalubuntu_linuxruby-svnp-cpe:/a:canonical:ubuntu_linux:ruby-svn
canonicalubuntu_linuxsubversionp-cpe:/a:canonical:ubuntu_linux:subversion
canonicalubuntu_linuxsubversion-toolsp-cpe:/a:canonical:ubuntu_linux:subversion-tools
Rows per page:
1-10 of 121

Related

securityvulns 9
ubuntu 1
openvas 38
oraclelinux 4
nessus 48
redhat 4
centos 4
f5 3
veracode 4
mageia 3
amazon 3
freebsd 3
fedora 4
suse 1
archlinux 2
osv 5
debian 8
apple 2
gentoo 1
cve 7
debiancve 7
ubuntucve 7
prion 7
ics 1
securityvulns
securityvulns
[USN-2721-1] Subversion vulnerabilities
2015-08-24 00:00:00
Apache Subversion multiple security vulnerabilities
2015-04-07 00:00:00
[ MDVSA-2015:192 ] subversion
2015-04-07 00:00:00
ubuntu
ubuntu
Subversion vulnerabilities
2015-08-20 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-2721-1)
2015-08-21 00:00:00
Oracle: Security Advisory (ELSA-2015-1742)
2015-10-06 00:00:00
CentOS Update for mod_dav_svn CESA-2015:1742 centos7
2015-09-09 00:00:00
oraclelinux
oraclelinux
subversion security update
2015-09-08 00:00:00
subversion security update
2015-08-17 00:00:00
subversion security update
2015-02-10 00:00:00
nessus
nessus
RHEL 7 : subversion (RHSA-2015:1742)
2015-09-17 00:00:00
Oracle Linux 7 : subversion (ELSA-2015-1742)
2015-09-09 00:00:00
CentOS 7 : subversion (CESA-2015:1742)
2015-10-22 00:00:00
redhat
redhat
(RHSA-2015:1742) Moderate: subversion security update
2015-09-08 00:00:00
(RHSA-2015:1633) Moderate: subversion security update
2015-08-17 00:00:00
(RHSA-2015:0166) Moderate: subversion security update
2015-02-10 00:00:00
centos
centos
mod_dav_svn, subversion security update
2015-09-08 21:07:49
mod_dav_svn, subversion security update
2015-08-17 15:33:54
mod_dav_svn, subversion security update
2015-02-11 00:09:48
f5
f5
K17453 : Subversion vulnerabilities CVE-2015-0248, CVE-2015-0251, and CVE-2015-3187
2015-10-16 00:00:00
SOL17453 - Subversion vulnerabilities CVE-2015-0248, CVE-2015-0251, and CVE-2015-3187
2015-10-16 00:00:00
K53556508 : Apache mod_authz_svn vulnerability CVE-2015-3184
2022-11-28 00:00:00
veracode
veracode
Information Disclosure
2019-05-02 05:17:54
Spoofable Server
2019-05-02 05:17:54
Denial Of Service (DoS)
2019-01-15 09:07:20
mageia
mageia
Updated subversion packages fix security vulnerabilities
2015-05-03 03:19:16
Updated subversion packages fix security vulnerabilities
2014-12-23 23:35:35
Updated subversion packages fix security vulnerabilities
2015-08-27 23:49:46
amazon
amazon
Medium: subversion, mod_dav_svn
2015-08-24 22:27:00
Medium: mod_dav_svn, subversion
2015-06-24 10:08:00
Important: mod_dav_svn, subversion
2016-03-29 15:30:00
freebsd
freebsd
subversion -- DoS vulnerabilities
2015-03-31 00:00:00
subversion -- DoS vulnerabilities
2014-12-13 00:00:00
subversion -- multiple vulnerabilities
2015-07-27 00:00:00
fedora
fedora
[SECURITY] Fedora 21 Update: subversion-1.8.13-7.fc21
2015-07-29 01:54:00
[SECURITY] Fedora 21 Update: subversion-1.8.11-1.fc21
2015-01-05 07:39:50
[SECURITY] Fedora 20 Update: subversion-1.8.11-1.fc20
2015-01-05 07:38:55
suse
suse
Security update for subversion (important)
2017-08-17 12:10:12
archlinux
archlinux
subversion: denial of service
2014-12-16 00:00:00
subversion: authentication bypass
2015-08-14 00:00:00
osv
osv
subversion - security update
2015-04-21 00:00:00
subversion - security update
2015-08-10 00:00:00
subversion - security update
2015-08-16 00:00:00
debian
debian
[SECURITY] [DSA 3231-1] subversion security update
2015-04-21 17:34:36
[SECURITY] [DSA 3331-1] subversion security update
2015-08-10 18:21:41
[SECURITY] [DSA 3331-1] subversion security update
2015-08-10 18:21:41
apple
apple
About the security content of Xcode 7.3 - Apple Support
2017-01-23 03:54:36
About the security content of Xcode 7.3
2016-03-21 00:00:00
gentoo
gentoo
Subversion, Serf: Multiple Vulnerabilities
2016-10-11 00:00:00
cve
cve
CVE-2014-8108
2014-12-18 15:59:00
CVE-2015-0251
2015-04-08 18:59:00
CVE-2015-3187
2015-08-12 14:59:00
debiancve
debiancve
CVE-2014-8108
2014-12-18 15:59:00
CVE-2015-0251
2015-04-08 18:59:00
CVE-2015-3187
2015-08-12 14:59:00
ubuntucve
ubuntucve
CVE-2014-8108
2014-12-18 00:00:00
CVE-2015-0251
2015-04-08 00:00:00
CVE-2015-3187
2015-08-05 00:00:00
prion
prion
Null pointer dereference
2014-12-18 15:59:00
Design/Logic Flaw
2015-04-08 18:59:00
Path traversal
2015-08-12 14:59:00
ics
ics
Yokogawa CENTUM and ProSafe-RS
2022-05-03 12:00:00
JSON
Related for UBUNTU_USN-2721-1.NASL
securityvulns9ubuntu1openvas38oraclelinux4nessus48redhat4centos4f53veracode4mageia3amazon3freebsd3fedora4suse1archlinux2osv5debian8apple2gentoo1cve7debiancve7ubuntucve7prion7ics1