ID OPENVAS:1361412562310130058 Type openvas Reporter Eero Volotinen Modified 2018-09-28T00:00:00
Description
Mageia Linux Local Security Checks mgasa-2015-0326
###############################################################################
# OpenVAS Vulnerability Test
# $Id: mgasa-2015-0326.nasl 11692 2018-09-28 16:55:19Z cfischer $
#
# Mageia Linux security check
#
# Authors:
# Eero Volotinen <eero.volotinen@solinor.com>
#
# Copyright:
# Copyright (c) 2015 Eero Volotinen, http://www.solinor.com
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.130058");
script_version("$Revision: 11692 $");
script_tag(name:"creation_date", value:"2015-10-15 10:42:09 +0300 (Thu, 15 Oct 2015)");
script_tag(name:"last_modification", value:"$Date: 2018-09-28 18:55:19 +0200 (Fri, 28 Sep 2018) $");
script_name("Mageia Linux Local Check: mgasa-2015-0326");
script_tag(name:"insight", value:"Subversion's mod_authz_svn does not properly restrict anonymous access in some mixed anonymous/authenticated environments when using Apache httpd 2.4. The result is that anonymous access may be possible to files for which only authenticated access should be possible (CVE-2015-3184). Subversion servers, both httpd and svnserve, will reveal some paths that should be hidden by path-based authz. When a node is copied from an unreadable location to a readable location the unreadable path may be revealed. This vulnerablity only reveals the path, it does not reveal the contents of the path (CVE-2015-3187). This update also re-enables the java subpackage for the Mageia 5 subversion package (mga#16075).");
script_tag(name:"solution", value:"Update the affected packages to the latest available version.");
script_tag(name:"solution_type", value:"VendorFix");
script_xref(name:"URL", value:"https://advisories.mageia.org/MGASA-2015-0326.html");
script_cve_id("CVE-2015-3184", "CVE-2015-3187");
script_tag(name:"cvss_base", value:"5.0");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:N/A:N");
script_tag(name:"qod_type", value:"package");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/mageia_linux", "ssh/login/release", re:"ssh/login/release=MAGEIA5");
script_category(ACT_GATHER_INFO);
script_tag(name:"summary", value:"Mageia Linux Local Security Checks mgasa-2015-0326");
script_copyright("Eero Volotinen");
script_family("Mageia Linux Local Security Checks");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-rpm.inc");
release = rpm_get_ssh_release();
if(!release) exit(0);
res = "";
if(release == "MAGEIA5")
{
if ((res = isrpmvuln(pkg:"subversion", rpm:"subversion~1.8.14~1.mga5", rls:"MAGEIA5")) != NULL) {
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99);
exit(0);
}
{"id": "OPENVAS:1361412562310130058", "bulletinFamily": "scanner", "title": "Mageia Linux Local Check: mgasa-2015-0326", "description": "Mageia Linux Local Security Checks mgasa-2015-0326", "published": "2015-10-15T00:00:00", "modified": "2018-09-28T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310130058", "reporter": "Eero Volotinen", "references": ["https://advisories.mageia.org/MGASA-2015-0326.html"], "cvelist": ["CVE-2015-3187", "CVE-2015-3184"], "type": "openvas", "lastseen": "2018-10-01T10:27:16", "history": [{"bulletin": {"bulletinFamily": "scanner", "cvelist": ["CVE-2015-3187", "CVE-2015-3184"], "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "description": "Mageia Linux Local Security Checks mgasa-2015-0326", "edition": 2, "enchantments": {}, "hash": "e329d649b3ad2885e91a4f811f74324b7d323b6679b99be44f2cc6f966b7b510", "hashmap": [{"hash": "10cac684b003ad802f99f154631a0c91", "key": "references"}, {"hash": "774d0176dfa389c0c71e9e200f95a6ba", "key": "modified"}, {"hash": "1dd3c80cf057a6acb26d6443431264d4", "key": "sourceData"}, {"hash": "d2a53caa56a9de7ab57b1469d9af60d8", "key": "naslFamily"}, {"hash": "7bad91af487510c7e059d4a680c9e801", "key": "href"}, {"hash": "3bc7c9c745a888d9e276dd44c21067da", "key": "cvelist"}, {"hash": "a792e2393dff1e200b885c5245988f6f", "key": "cvss"}, {"hash": "47c1f692ea47a21f716dad07043ade01", "key": "type"}, {"hash": "a51761d829dc789fc5c705bb80f7116c", "key": "title"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "6f3f526f55eef07b1f540f3860d3f582", "key": "pluginID"}, {"hash": "f061a26454baa190c7d269997a24d53c", "key": "description"}, {"hash": "092308648d96cd05406a07d3e278adb0", "key": "published"}, {"hash": "bb3dbc0ecae053747a8a163af717a25f", "key": "reporter"}], "history": [], "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310130058", "id": "OPENVAS:1361412562310130058", "lastseen": "2017-07-24T12:52:15", "modified": "2017-07-06T00:00:00", "naslFamily": "Mageia Linux Local Security Checks", "objectVersion": "1.3", "pluginID": "1361412562310130058", "published": "2015-10-15T00:00:00", "references": ["https://advisories.mageia.org/MGASA-2015-0326.html"], "reporter": "Eero Volotinen", "sourceData": "# OpenVAS Vulnerability Test \n# Description: Mageia Linux security check \n# $Id: mgasa-2015-0326.nasl 6563 2017-07-06 12:23:47Z cfischer $\n \n# Authors: \n# Eero Volotinen <eero.volotinen@solinor.com> \n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://www.solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\nif(description)\n {\nscript_oid(\"1.3.6.1.4.1.25623.1.0.130058\");\nscript_version(\"$Revision: 6563 $\");\nscript_tag(name:\"creation_date\", value:\"2015-10-15 10:42:09 +0300 (Thu, 15 Oct 2015)\");\nscript_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 14:23:47 +0200 (Thu, 06 Jul 2017) $\");\nscript_name(\"Mageia Linux Local Check: mgasa-2015-0326\");\nscript_tag(name: \"insight\", value: \"Subversion's mod_authz_svn does not properly restrict anonymous access in some mixed anonymous/authenticated environments when using Apache httpd 2.4. The result is that anonymous access may be possible to files for which only authenticated access should be possible (CVE-2015-3184). Subversion servers, both httpd and svnserve, will reveal some paths that should be hidden by path-based authz. When a node is copied from an unreadable location to a readable location the unreadable path may be revealed. This vulnerablity only reveals the path, it does not reveal the contents of the path (CVE-2015-3187). This update also re-enables the java subpackage for the Mageia 5 subversion package (mga#16075).\"); \nscript_tag(name : \"solution\", value : \"update software\");\nscript_tag(name : \"solution_type\", value : \"VendorFix\");\nscript_xref(name : \"URL\" , value : \"https://advisories.mageia.org/MGASA-2015-0326.html\");\nscript_cve_id(\"CVE-2015-3184\",\"CVE-2015-3187\");\nscript_tag(name:\"cvss_base\", value:\"5.0\");\nscript_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\nscript_tag(name:\"qod_type\", value:\"package\");\nscript_dependencies(\"gather-package-list.nasl\");\nscript_mandatory_keys(\"ssh/login/mageia_linux\", \"ssh/login/release\");\nscript_category(ACT_GATHER_INFO);\nscript_tag(name : \"summary\", value : \"Mageia Linux Local Security Checks mgasa-2015-0326\");\nscript_summary(\"Mageia Linux Local Security Checks mgasa-2015-0326\");\nscript_copyright(\"Eero Volotinen\");\nscript_family(\"Mageia Linux Local Security Checks\");\nexit(0);\n}\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\nrelease = get_kb_item(\"ssh/login/release\");\nres = \"\";\nif(release == NULL)\n{\n exit(0);\n}\nif(release == \"MAGEIA5\")\n{\nif ((res = isrpmvuln(pkg:\"subversion\", rpm:\"subversion~1.8.14~1.mga5\", rls:\"MAGEIA5\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif (__pkg_match) exit(99); #Not vulnerable\n exit(0);\n}\n", "title": "Mageia Linux Local Check: mgasa-2015-0326", "type": "openvas", "viewCount": 0}, "differentElements": ["modified", "sourceData"], "edition": 2, "lastseen": "2017-07-24T12:52:15"}, {"bulletin": {"bulletinFamily": "scanner", "cvelist": ["CVE-2015-3187", "CVE-2015-3184"], "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "description": "Mageia Linux Local Security Checks mgasa-2015-0326", "edition": 3, "enchantments": {"score": {"value": 7.2, "vector": "NONE"}}, "hash": "560bdaa94954d867c6217890d60448ecd23007ed4ad00db40a230439fcefe9f8", "hashmap": [{"hash": "10cac684b003ad802f99f154631a0c91", "key": "references"}, {"hash": "b4ee9cbedbbc4673cada7a0d6b62f055", "key": "sourceData"}, {"hash": "d2a53caa56a9de7ab57b1469d9af60d8", "key": "naslFamily"}, {"hash": "7bad91af487510c7e059d4a680c9e801", "key": "href"}, {"hash": "3bc7c9c745a888d9e276dd44c21067da", "key": "cvelist"}, {"hash": "a792e2393dff1e200b885c5245988f6f", "key": "cvss"}, {"hash": "47c1f692ea47a21f716dad07043ade01", "key": "type"}, {"hash": "a51761d829dc789fc5c705bb80f7116c", "key": "title"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "6f3f526f55eef07b1f540f3860d3f582", "key": "pluginID"}, {"hash": "f061a26454baa190c7d269997a24d53c", "key": "description"}, {"hash": "092308648d96cd05406a07d3e278adb0", "key": "published"}, {"hash": "0d134bf170d66438eb1e01173ee0187f", "key": "modified"}, {"hash": "bb3dbc0ecae053747a8a163af717a25f", "key": "reporter"}], "history": [], "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310130058", "id": "OPENVAS:1361412562310130058", "lastseen": "2017-07-25T10:52:15", "modified": "2017-07-10T00:00:00", "naslFamily": "Mageia Linux Local Security Checks", "objectVersion": "1.3", "pluginID": "1361412562310130058", "published": "2015-10-15T00:00:00", "references": ["https://advisories.mageia.org/MGASA-2015-0326.html"], "reporter": "Eero Volotinen", "sourceData": "# OpenVAS Vulnerability Test \n# Description: Mageia Linux security check \n# $Id: mgasa-2015-0326.nasl 6637 2017-07-10 09:58:13Z teissa $\n \n# Authors: \n# Eero Volotinen <eero.volotinen@solinor.com> \n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://www.solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\nif(description)\n {\nscript_oid(\"1.3.6.1.4.1.25623.1.0.130058\");\nscript_version(\"$Revision: 6637 $\");\nscript_tag(name:\"creation_date\", value:\"2015-10-15 10:42:09 +0300 (Thu, 15 Oct 2015)\");\nscript_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 11:58:13 +0200 (Mon, 10 Jul 2017) $\");\nscript_name(\"Mageia Linux Local Check: mgasa-2015-0326\");\nscript_tag(name: \"insight\", value: \"Subversion's mod_authz_svn does not properly restrict anonymous access in some mixed anonymous/authenticated environments when using Apache httpd 2.4. The result is that anonymous access may be possible to files for which only authenticated access should be possible (CVE-2015-3184). Subversion servers, both httpd and svnserve, will reveal some paths that should be hidden by path-based authz. When a node is copied from an unreadable location to a readable location the unreadable path may be revealed. This vulnerablity only reveals the path, it does not reveal the contents of the path (CVE-2015-3187). This update also re-enables the java subpackage for the Mageia 5 subversion package (mga#16075).\"); \nscript_tag(name : \"solution\", value : \"update software\");\nscript_tag(name : \"solution_type\", value : \"VendorFix\");\nscript_xref(name : \"URL\" , value : \"https://advisories.mageia.org/MGASA-2015-0326.html\");\nscript_cve_id(\"CVE-2015-3184\",\"CVE-2015-3187\");\nscript_tag(name:\"cvss_base\", value:\"5.0\");\nscript_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\nscript_tag(name:\"qod_type\", value:\"package\");\nscript_dependencies(\"gather-package-list.nasl\");\nscript_mandatory_keys(\"ssh/login/mageia_linux\", \"ssh/login/release\");\nscript_category(ACT_GATHER_INFO);\nscript_tag(name : \"summary\", value : \"Mageia Linux Local Security Checks mgasa-2015-0326\");\nscript_copyright(\"Eero Volotinen\");\nscript_family(\"Mageia Linux Local Security Checks\");\nexit(0);\n}\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\nrelease = get_kb_item(\"ssh/login/release\");\nres = \"\";\nif(release == NULL)\n{\n exit(0);\n}\nif(release == \"MAGEIA5\")\n{\nif ((res = isrpmvuln(pkg:\"subversion\", rpm:\"subversion~1.8.14~1.mga5\", rls:\"MAGEIA5\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif (__pkg_match) exit(99); #Not vulnerable\n exit(0);\n}\n", "title": "Mageia Linux Local Check: mgasa-2015-0326", "type": "openvas", "viewCount": 0}, "differentElements": ["cvss"], "edition": 3, "lastseen": "2017-07-25T10:52:15"}, {"bulletin": {"bulletinFamily": "scanner", "cvelist": ["CVE-2015-3187", "CVE-2015-3184"], "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "description": "Mageia Linux Local Security Checks mgasa-2015-0326", "edition": 5, "enchantments": {"score": {"value": 7.2, "vector": "NONE"}}, "hash": "560bdaa94954d867c6217890d60448ecd23007ed4ad00db40a230439fcefe9f8", "hashmap": [{"hash": "10cac684b003ad802f99f154631a0c91", "key": "references"}, {"hash": "b4ee9cbedbbc4673cada7a0d6b62f055", "key": "sourceData"}, {"hash": "d2a53caa56a9de7ab57b1469d9af60d8", "key": "naslFamily"}, {"hash": "7bad91af487510c7e059d4a680c9e801", "key": "href"}, {"hash": "3bc7c9c745a888d9e276dd44c21067da", "key": "cvelist"}, {"hash": "a792e2393dff1e200b885c5245988f6f", "key": "cvss"}, {"hash": "47c1f692ea47a21f716dad07043ade01", "key": "type"}, {"hash": "a51761d829dc789fc5c705bb80f7116c", "key": "title"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "6f3f526f55eef07b1f540f3860d3f582", "key": "pluginID"}, {"hash": "f061a26454baa190c7d269997a24d53c", "key": "description"}, {"hash": "092308648d96cd05406a07d3e278adb0", "key": "published"}, {"hash": "0d134bf170d66438eb1e01173ee0187f", "key": "modified"}, {"hash": "bb3dbc0ecae053747a8a163af717a25f", "key": "reporter"}], "history": [], "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310130058", "id": "OPENVAS:1361412562310130058", "lastseen": "2018-09-01T23:48:54", "modified": "2017-07-10T00:00:00", "naslFamily": "Mageia Linux Local Security Checks", "objectVersion": "1.3", "pluginID": "1361412562310130058", "published": "2015-10-15T00:00:00", "references": ["https://advisories.mageia.org/MGASA-2015-0326.html"], "reporter": "Eero Volotinen", "sourceData": "# OpenVAS Vulnerability Test \n# Description: Mageia Linux security check \n# $Id: mgasa-2015-0326.nasl 6637 2017-07-10 09:58:13Z teissa $\n \n# Authors: \n# Eero Volotinen <eero.volotinen@solinor.com> \n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://www.solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\nif(description)\n {\nscript_oid(\"1.3.6.1.4.1.25623.1.0.130058\");\nscript_version(\"$Revision: 6637 $\");\nscript_tag(name:\"creation_date\", value:\"2015-10-15 10:42:09 +0300 (Thu, 15 Oct 2015)\");\nscript_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 11:58:13 +0200 (Mon, 10 Jul 2017) $\");\nscript_name(\"Mageia Linux Local Check: mgasa-2015-0326\");\nscript_tag(name: \"insight\", value: \"Subversion's mod_authz_svn does not properly restrict anonymous access in some mixed anonymous/authenticated environments when using Apache httpd 2.4. The result is that anonymous access may be possible to files for which only authenticated access should be possible (CVE-2015-3184). Subversion servers, both httpd and svnserve, will reveal some paths that should be hidden by path-based authz. When a node is copied from an unreadable location to a readable location the unreadable path may be revealed. This vulnerablity only reveals the path, it does not reveal the contents of the path (CVE-2015-3187). This update also re-enables the java subpackage for the Mageia 5 subversion package (mga#16075).\"); \nscript_tag(name : \"solution\", value : \"update software\");\nscript_tag(name : \"solution_type\", value : \"VendorFix\");\nscript_xref(name : \"URL\" , value : \"https://advisories.mageia.org/MGASA-2015-0326.html\");\nscript_cve_id(\"CVE-2015-3184\",\"CVE-2015-3187\");\nscript_tag(name:\"cvss_base\", value:\"5.0\");\nscript_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\nscript_tag(name:\"qod_type\", value:\"package\");\nscript_dependencies(\"gather-package-list.nasl\");\nscript_mandatory_keys(\"ssh/login/mageia_linux\", \"ssh/login/release\");\nscript_category(ACT_GATHER_INFO);\nscript_tag(name : \"summary\", value : \"Mageia Linux Local Security Checks mgasa-2015-0326\");\nscript_copyright(\"Eero Volotinen\");\nscript_family(\"Mageia Linux Local Security Checks\");\nexit(0);\n}\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\nrelease = get_kb_item(\"ssh/login/release\");\nres = \"\";\nif(release == NULL)\n{\n exit(0);\n}\nif(release == \"MAGEIA5\")\n{\nif ((res = isrpmvuln(pkg:\"subversion\", rpm:\"subversion~1.8.14~1.mga5\", rls:\"MAGEIA5\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif (__pkg_match) exit(99); #Not vulnerable\n exit(0);\n}\n", "title": "Mageia Linux Local Check: mgasa-2015-0326", "type": "openvas", "viewCount": 0}, "differentElements": ["modified", "sourceData"], "edition": 5, "lastseen": "2018-09-01T23:48:54"}, {"bulletin": {"bulletinFamily": "scanner", "cvelist": ["CVE-2015-3187", "CVE-2015-3184"], "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "description": "Mageia Linux Local Security Checks mgasa-2015-0326", "edition": 1, "enchantments": {}, "hash": "58032ae083f59ad3f252b816b91ee988c278bfc43d5d9251095fe0af05b748e9", "hashmap": [{"hash": "10cac684b003ad802f99f154631a0c91", "key": "references"}, {"hash": "d2a53caa56a9de7ab57b1469d9af60d8", "key": "naslFamily"}, {"hash": "451ccf9b33cae434b1236ed7a06114ec", "key": "modified"}, {"hash": "7bad91af487510c7e059d4a680c9e801", "key": "href"}, {"hash": "3bc7c9c745a888d9e276dd44c21067da", "key": "cvelist"}, {"hash": "a792e2393dff1e200b885c5245988f6f", "key": "cvss"}, {"hash": "47c1f692ea47a21f716dad07043ade01", "key": "type"}, {"hash": "a51761d829dc789fc5c705bb80f7116c", "key": "title"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "6f3f526f55eef07b1f540f3860d3f582", "key": "pluginID"}, {"hash": "f061a26454baa190c7d269997a24d53c", "key": "description"}, {"hash": "092308648d96cd05406a07d3e278adb0", "key": "published"}, {"hash": "7951c583f407e09a36264a712e8887be", "key": "sourceData"}, {"hash": "bb3dbc0ecae053747a8a163af717a25f", "key": "reporter"}], "history": [], "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310130058", "id": "OPENVAS:1361412562310130058", "lastseen": "2017-07-02T21:11:26", "modified": "2016-11-15T00:00:00", "naslFamily": "Mageia Linux Local Security Checks", "objectVersion": "1.3", "pluginID": "1361412562310130058", "published": "2015-10-15T00:00:00", "references": ["https://advisories.mageia.org/MGASA-2015-0326.html"], "reporter": "Eero Volotinen", "sourceData": "# OpenVAS Vulnerability Test \n# Description: Mageia Linux security check \n# $Id: mgasa-2015-0326.nasl 4513 2016-11-15 09:37:48Z cfi $\n \n# Authors: \n# Eero Volotinen <eero.volotinen@solinor.com> \n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://www.solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\nif(description)\n {\nscript_oid(\"1.3.6.1.4.1.25623.1.0.130058\");\nscript_version(\"$Revision: 4513 $\");\nscript_tag(name:\"creation_date\", value:\"2015-10-15 10:42:09 +0300 (Thu, 15 Oct 2015)\");\nscript_tag(name:\"last_modification\", value:\"$Date: 2016-11-15 10:37:48 +0100 (Tue, 15 Nov 2016) $\");\nscript_name(\"Mageia Linux Local Check: mgasa-2015-0326\");\nscript_tag(name: \"insight\", value: \"Subversion's mod_authz_svn does not properly restrict anonymous access in some mixed anonymous/authenticated environments when using Apache httpd 2.4. The result is that anonymous access may be possible to files for which only authenticated access should be possible (CVE-2015-3184). Subversion servers, both httpd and svnserve, will reveal some paths that should be hidden by path-based authz. When a node is copied from an unreadable location to a readable location the unreadable path may be revealed. This vulnerablity only reveals the path, it does not reveal the contents of the path (CVE-2015-3187). This update also re-enables the java subpackage for the Mageia 5 subversion package (mga#16075).\"); \nscript_tag(name : \"solution\", value : \"update software\");\nscript_tag(name : \"solution_type\", value : \"VendorFix\");\nscript_xref(name : \"URL\" , value : \"https://advisories.mageia.org/MGASA-2015-0326.html\");\nscript_cve_id(\"CVE-2015-3184\",\"CVE-2015-3187\");\nscript_tag(name:\"cvss_base\", value:\"5.0\");\nscript_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\nscript_tag(name:\"qod_type\", value:\"package\");\nscript_dependencies(\"gather-package-list.nasl\");\nscript_mandatory_keys(\"login/SSH/success\", \"ssh/login/release\");\nscript_category(ACT_GATHER_INFO);\nscript_tag(name : \"summary\", value : \"Mageia Linux Local Security Checks mgasa-2015-0326\");\nscript_summary(\"Mageia Linux Local Security Checks mgasa-2015-0326\");\nscript_copyright(\"Eero Volotinen\");\nscript_family(\"Mageia Linux Local Security Checks\");\nexit(0);\n}\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\nrelease = get_kb_item(\"ssh/login/release\");\nres = \"\";\nif(release == NULL)\n{\n exit(0);\n}\nif(release == \"MAGEIA5\")\n{\nif ((res = isrpmvuln(pkg:\"subversion\", rpm:\"subversion~1.8.14~1.mga5\", rls:\"MAGEIA5\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif (__pkg_match) exit(99); #Not vulnerable\n exit(0);\n}\n", "title": "Mageia Linux Local Check: mgasa-2015-0326", "type": "openvas", "viewCount": 0}, "differentElements": ["modified", "sourceData"], "edition": 1, "lastseen": "2017-07-02T21:11:26"}, {"bulletin": {"bulletinFamily": "scanner", "cvelist": ["CVE-2015-3187", "CVE-2015-3184"], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "Mageia Linux Local Security Checks mgasa-2015-0326", "edition": 4, "enchantments": {"score": {"value": 7.2, "vector": "NONE"}}, "hash": "efa0a3b17a5bda61dff32e81fbb719e48650b34a2de58173bea6f5aae08218ed", "hashmap": [{"hash": "10cac684b003ad802f99f154631a0c91", "key": "references"}, {"hash": "b4ee9cbedbbc4673cada7a0d6b62f055", "key": "sourceData"}, {"hash": "d2a53caa56a9de7ab57b1469d9af60d8", "key": "naslFamily"}, {"hash": "7bad91af487510c7e059d4a680c9e801", "key": "href"}, {"hash": "3bc7c9c745a888d9e276dd44c21067da", "key": "cvelist"}, {"hash": "47c1f692ea47a21f716dad07043ade01", "key": "type"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "a51761d829dc789fc5c705bb80f7116c", "key": "title"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "6f3f526f55eef07b1f540f3860d3f582", "key": "pluginID"}, {"hash": "f061a26454baa190c7d269997a24d53c", "key": "description"}, {"hash": "092308648d96cd05406a07d3e278adb0", "key": "published"}, {"hash": "0d134bf170d66438eb1e01173ee0187f", "key": "modified"}, {"hash": "bb3dbc0ecae053747a8a163af717a25f", "key": "reporter"}], "history": [], "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310130058", "id": "OPENVAS:1361412562310130058", "lastseen": "2018-08-30T19:21:38", "modified": "2017-07-10T00:00:00", "naslFamily": "Mageia Linux Local Security Checks", "objectVersion": "1.3", "pluginID": "1361412562310130058", "published": "2015-10-15T00:00:00", "references": ["https://advisories.mageia.org/MGASA-2015-0326.html"], "reporter": "Eero Volotinen", "sourceData": "# OpenVAS Vulnerability Test \n# Description: Mageia Linux security check \n# $Id: mgasa-2015-0326.nasl 6637 2017-07-10 09:58:13Z teissa $\n \n# Authors: \n# Eero Volotinen <eero.volotinen@solinor.com> \n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://www.solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\nif(description)\n {\nscript_oid(\"1.3.6.1.4.1.25623.1.0.130058\");\nscript_version(\"$Revision: 6637 $\");\nscript_tag(name:\"creation_date\", value:\"2015-10-15 10:42:09 +0300 (Thu, 15 Oct 2015)\");\nscript_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 11:58:13 +0200 (Mon, 10 Jul 2017) $\");\nscript_name(\"Mageia Linux Local Check: mgasa-2015-0326\");\nscript_tag(name: \"insight\", value: \"Subversion's mod_authz_svn does not properly restrict anonymous access in some mixed anonymous/authenticated environments when using Apache httpd 2.4. The result is that anonymous access may be possible to files for which only authenticated access should be possible (CVE-2015-3184). Subversion servers, both httpd and svnserve, will reveal some paths that should be hidden by path-based authz. When a node is copied from an unreadable location to a readable location the unreadable path may be revealed. This vulnerablity only reveals the path, it does not reveal the contents of the path (CVE-2015-3187). This update also re-enables the java subpackage for the Mageia 5 subversion package (mga#16075).\"); \nscript_tag(name : \"solution\", value : \"update software\");\nscript_tag(name : \"solution_type\", value : \"VendorFix\");\nscript_xref(name : \"URL\" , value : \"https://advisories.mageia.org/MGASA-2015-0326.html\");\nscript_cve_id(\"CVE-2015-3184\",\"CVE-2015-3187\");\nscript_tag(name:\"cvss_base\", value:\"5.0\");\nscript_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\nscript_tag(name:\"qod_type\", value:\"package\");\nscript_dependencies(\"gather-package-list.nasl\");\nscript_mandatory_keys(\"ssh/login/mageia_linux\", \"ssh/login/release\");\nscript_category(ACT_GATHER_INFO);\nscript_tag(name : \"summary\", value : \"Mageia Linux Local Security Checks mgasa-2015-0326\");\nscript_copyright(\"Eero Volotinen\");\nscript_family(\"Mageia Linux Local Security Checks\");\nexit(0);\n}\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\nrelease = get_kb_item(\"ssh/login/release\");\nres = \"\";\nif(release == NULL)\n{\n exit(0);\n}\nif(release == \"MAGEIA5\")\n{\nif ((res = isrpmvuln(pkg:\"subversion\", rpm:\"subversion~1.8.14~1.mga5\", rls:\"MAGEIA5\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif (__pkg_match) exit(99); #Not vulnerable\n exit(0);\n}\n", "title": "Mageia Linux Local Check: mgasa-2015-0326", "type": "openvas", "viewCount": 0}, "differentElements": ["cvss"], "edition": 4, "lastseen": "2018-08-30T19:21:38"}], "edition": 6, "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cvelist", "hash": "3bc7c9c745a888d9e276dd44c21067da"}, {"key": "cvss", "hash": "a792e2393dff1e200b885c5245988f6f"}, {"key": "description", "hash": "f061a26454baa190c7d269997a24d53c"}, {"key": "href", "hash": "7bad91af487510c7e059d4a680c9e801"}, {"key": "modified", "hash": "e3fe0a23059307d9f79f162426695d44"}, {"key": "naslFamily", "hash": "d2a53caa56a9de7ab57b1469d9af60d8"}, {"key": "pluginID", "hash": "6f3f526f55eef07b1f540f3860d3f582"}, {"key": "published", "hash": "092308648d96cd05406a07d3e278adb0"}, {"key": "references", "hash": "10cac684b003ad802f99f154631a0c91"}, {"key": "reporter", "hash": "bb3dbc0ecae053747a8a163af717a25f"}, {"key": "sourceData", "hash": "4a8dfb0458065ab9f182a432c0aa9e39"}, {"key": "title", "hash": "a51761d829dc789fc5c705bb80f7116c"}, {"key": "type", "hash": "47c1f692ea47a21f716dad07043ade01"}], "hash": "3448ceef7c31d40ec4a356bd58b77c71f5aee686807b3d96348163475c455191", "viewCount": 0, "enchantments": {"score": {"value": 7.2, "vector": "NONE"}, "vulnersScore": 7.2}, "objectVersion": "1.3", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: mgasa-2015-0326.nasl 11692 2018-09-28 16:55:19Z cfischer $\n#\n# Mageia Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://www.solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.130058\");\n script_version(\"$Revision: 11692 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-15 10:42:09 +0300 (Thu, 15 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 18:55:19 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Mageia Linux Local Check: mgasa-2015-0326\");\n script_tag(name:\"insight\", value:\"Subversion's mod_authz_svn does not properly restrict anonymous access in some mixed anonymous/authenticated environments when using Apache httpd 2.4. The result is that anonymous access may be possible to files for which only authenticated access should be possible (CVE-2015-3184). Subversion servers, both httpd and svnserve, will reveal some paths that should be hidden by path-based authz. When a node is copied from an unreadable location to a readable location the unreadable path may be revealed. This vulnerablity only reveals the path, it does not reveal the contents of the path (CVE-2015-3187). This update also re-enables the java subpackage for the Mageia 5 subversion package (mga#16075).\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://advisories.mageia.org/MGASA-2015-0326.html\");\n script_cve_id(\"CVE-2015-3184\", \"CVE-2015-3187\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mageia_linux\", \"ssh/login/release\", re:\"ssh/login/release=MAGEIA5\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Mageia Linux Local Security Checks mgasa-2015-0326\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Mageia Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"MAGEIA5\")\n{\nif ((res = isrpmvuln(pkg:\"subversion\", rpm:\"subversion~1.8.14~1.mga5\", rls:\"MAGEIA5\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif (__pkg_match) exit(99);\n exit(0);\n}\n", "naslFamily": "Mageia Linux Local Security Checks", "pluginID": "1361412562310130058"}
{"cve": [{"lastseen": "2017-07-01T10:43:24", "references": ["https://support.apple.com/HT206172", "http://www.securityfocus.com/bid/76273", "https://security.gentoo.org/glsa/201610-05", "http://www.ubuntu.com/usn/USN-2721-1", "http://www.debian.org/security/2015/dsa-3331", "http://subversion.apache.org/security/CVE-2015-3187-advisory.txt", "http://rhn.redhat.com/errata/RHSA-2015-1633.html", "http://lists.opensuse.org/opensuse-updates/2015-08/msg00022.html", "http://lists.apple.com/archives/security-announce/2016/Mar/msg00003.html", "http://www.securitytracker.com/id/1033215", "http://rhn.redhat.com/errata/RHSA-2015-1742.html"], "edition": 3, "description": "The svn_repos_trace_node_locations function in Apache Subversion before 1.7.21 and 1.8.x before 1.8.14, when path-based authorization is used, allows remote authenticated users to obtain sensitive path information by reading the history of a node that has been moved from a hidden path.", "reporter": "NVD", "published": "2015-08-12T10:59:12", "title": "CVE-2015-3187", "type": "cve", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2015-3187"], "scanner": [], "cpe": ["cpe:/a:apache:subversion:1.7.20", "cpe:/a:apache:subversion:1.8.1", "cpe:/a:apache:subversion:1.8.3", "cpe:/a:apache:subversion:1.8.7", "cpe:/a:apache:subversion:1.8.6", "cpe:/a:apache:subversion:1.8.10", "cpe:/a:apache:subversion:1.8.2", "cpe:/a:apache:subversion:1.8.13", "cpe:/a:apache:subversion:1.8.9", "cpe:/a:apache:subversion:1.8.11", "cpe:/a:apache:subversion:1.8.5", "cpe:/a:apache:subversion:1.8.8", "cpe:/a:apache:subversion:1.8.4", "cpe:/a:apple:xcode:7.2.1"], "modified": "2017-06-30T21:29:15", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3187", "id": "CVE-2015-3187", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2017-07-01T10:43:24", "references": ["https://support.apple.com/HT206172", "https://security.gentoo.org/glsa/201610-05", "http://www.securityfocus.com/bid/76274", "http://www.ubuntu.com/usn/USN-2721-1", "http://www.debian.org/security/2015/dsa-3331", "http://lists.opensuse.org/opensuse-updates/2015-08/msg00022.html", "http://subversion.apache.org/security/CVE-2015-3184-advisory.txt", "http://lists.apple.com/archives/security-announce/2016/Mar/msg00003.html", "http://www.securitytracker.com/id/1033215", "http://rhn.redhat.com/errata/RHSA-2015-1742.html"], "edition": 3, "description": "mod_authz_svn in Apache Subversion 1.7.x before 1.7.21 and 1.8.x before 1.8.14, when using Apache httpd 2.4.x, does not properly restrict anonymous access, which allows remote anonymous users to read hidden files via the path name.", "reporter": "NVD", "published": "2015-08-12T10:59:10", "title": "CVE-2015-3184", "type": "cve", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2015-3184"], "scanner": [], "cpe": ["cpe:/a:apache:subversion:1.7.17", "cpe:/a:apache:subversion:1.7.15", "cpe:/a:apache:subversion:1.7.20", "cpe:/a:apache:subversion:1.7.2", "cpe:/a:apache:subversion:1.8.1", "cpe:/a:apache:subversion:1.7.3", "cpe:/a:apache:subversion:1.7.6", "cpe:/a:apache:subversion:1.8.3", "cpe:/a:apache:subversion:1.7.10", "cpe:/a:apache:subversion:1.7.4", "cpe:/a:apache:subversion:1.8.7", "cpe:/a:apache:subversion:1.8.6", "cpe:/a:apache:subversion:1.7.19", "cpe:/a:apache:subversion:1.8.10", "cpe:/a:apache:subversion:1.8.2", "cpe:/a:apache:subversion:1.8.13", "cpe:/a:apache:subversion:1.7.5", "cpe:/a:apache:subversion:1.8.9", "cpe:/a:apache:subversion:1.8.11", "cpe:/a:apache:subversion:1.7.11", "cpe:/a:apache:subversion:1.7.14", "cpe:/a:apache:subversion:1.7.0", "cpe:/a:apache:subversion:1.7.8", "cpe:/a:apache:subversion:1.8.0", "cpe:/a:apache:subversion:1.7.16", "cpe:/a:apache:subversion:1.8.5", "cpe:/a:apache:subversion:1.7.12", "cpe:/a:apache:subversion:1.7.7", "cpe:/a:apache:subversion:1.8.8", "cpe:/a:apache:subversion:1.8.4", "cpe:/a:apache:subversion:1.7.1", "cpe:/a:apache:subversion:1.7.18", "cpe:/a:apple:xcode:7.2.1", "cpe:/a:apache:subversion:1.7.13", "cpe:/a:apache:subversion:1.7.9"], "modified": "2017-06-30T21:29:15", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3184", "id": "CVE-2015-3184", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "debian": [{"lastseen": "2018-10-18T13:50:06", "references": [], "affectedPackage": [{"OS": "Debian", "OSVersion": "8", "packageVersion": "1.8.10-6+deb8u1", "arch": "all", "packageFilename": "python-subversion_1.8.10-6+deb8u1_all.deb", "packageName": "python-subversion", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "1.8.10-6+deb8u1", "arch": "all", "packageFilename": "libapache2-svn_1.8.10-6+deb8u1_all.deb", "packageName": "libapache2-svn", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "1.8.10-6+deb8u1", "arch": "all", "packageFilename": "subversion-tools_1.8.10-6+deb8u1_all.deb", "packageName": "subversion-tools", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "1.8.10-6+deb8u1", "arch": "all", "packageFilename": "libsvn-ruby1.8_1.8.10-6+deb8u1_all.deb", "packageName": "libsvn-ruby1.8", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "1.8.10-6+deb8u1", "arch": "all", "packageFilename": "libsvn-dev_1.8.10-6+deb8u1_all.deb", "packageName": "libsvn-dev", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "1.8.10-6+deb8u1", "arch": "all", "packageFilename": "subversion-dbg_1.8.10-6+deb8u1_all.deb", "packageName": "subversion-dbg", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "1.8.10-6+deb8u1", "arch": "all", "packageFilename": "libapache2-mod-svn_1.8.10-6+deb8u1_all.deb", "packageName": "libapache2-mod-svn", "operator": "lt"}, {"OS": "Debian", "OSVersion": "7", "packageVersion": "1.6.17dfsg-4+deb7u10", "arch": "all", "packageFilename": "subversion_1.6.17dfsg-4+deb7u10_all.deb", "packageName": "subversion", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "1.8.10-6+deb8u1", "arch": "all", "packageFilename": "libsvn1_1.8.10-6+deb8u1_all.deb", "packageName": "libsvn1", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "1.8.10-6+deb8u1", "arch": "all", "packageFilename": "subversion_1.8.10-6+deb8u1_all.deb", "packageName": "subversion", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "1.8.10-6+deb8u1", "arch": "all", "packageFilename": "libsvn-doc_1.8.10-6+deb8u1_all.deb", "packageName": "libsvn-doc", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "1.8.10-6+deb8u1", "arch": "all", "packageFilename": "libsvn-java_1.8.10-6+deb8u1_all.deb", "packageName": "libsvn-java", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "1.8.10-6+deb8u1", "arch": "all", "packageFilename": "libsvn-perl_1.8.10-6+deb8u1_all.deb", "packageName": "libsvn-perl", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "1.8.10-6+deb8u1", "arch": "all", "packageFilename": "ruby-svn_1.8.10-6+deb8u1_all.deb", "packageName": "ruby-svn", "operator": "lt"}], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3331-1 security@debian.org\nhttps://www.debian.org/security/ Stefan Fritsch\nAugust 10, 2015 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : subversion\nCVE ID : CVE-2015-3184 CVE-2015-3187\n\nSeveral security issues have been found in the server components of the\nversion control system subversion.\n\nCVE-2015-3184\n\n Subversion's mod_authz_svn does not properly restrict anonymous\n access in some mixed anonymous/authenticated environments when\n using Apache httpd 2.4. The result is that anonymous access may\n be possible to files for which only authenticated access should\n be possible. This issue does not affect the oldstable distribution\n (wheezy) because it only contains Apache httpd 2.2.\n\n\nCVE-2015-3187\n\n Subversion servers, both httpd and svnserve, will reveal some\n paths that should be hidden by path-based authz. When a node is\n copied from an unreadable location to a readable location the\n unreadable path may be revealed. This vulnerablity only reveals\n the path, it does not reveal the contents of the path.\n\nFor the oldstable distribution (wheezy), this problem has been fixed\nin version 1.6.17dfsg-4+deb7u10.\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 1.8.10-6+deb8u1.\n\nFor the testing distribution (stretch), these problems will be fixed in\nversion 1.9.0-1.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 1.9.0-1.\n\nWe recommend that you upgrade your subversion packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 2, "reporter": "Debian", "published": "2015-08-10T18:22:09", "title": "[SECURITY] [DSA 3331-1] subversion security update", "type": "debian", "enchantments": {"score": {"modified": "2018-10-18T13:50:06", "vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2015-3187", "CVE-2015-3184"], "modified": "2015-08-10T18:22:09", "id": "DEBIAN:DSA-3331-1:834EF", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2015/msg00229.html", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-10-16T22:15:06", "references": [], "affectedPackage": [{"OS": "Debian", "OSVersion": "6", "packageVersion": "1.6.12dfsg-7+deb6u3", "arch": "all", "packageFilename": "subversion_1.6.12dfsg-7+deb6u3_all.deb", "packageName": "subversion", "operator": "lt"}, {"OS": "Debian", "OSVersion": "6", "packageVersion": "1.6.12dfsg-7+deb6u3", "arch": "all", "packageFilename": "libapache2-svn_1.6.12dfsg-7+deb6u3_all.deb", "packageName": "libapache2-svn", "operator": "lt"}, {"OS": "Debian", "OSVersion": "6", "packageVersion": "1.6.12dfsg-7+deb6u3", "arch": "all", "packageFilename": "libsvn-ruby1.8_1.6.12dfsg-7+deb6u3_all.deb", "packageName": "libsvn-ruby1.8", "operator": "lt"}, {"OS": "Debian", "OSVersion": "6", "packageVersion": "1.6.12dfsg-7+deb6u3", "arch": "all", "packageFilename": "libsvn-doc_1.6.12dfsg-7+deb6u3_all.deb", "packageName": "libsvn-doc", "operator": "lt"}, {"OS": "Debian", "OSVersion": "6", "packageVersion": "1.6.12dfsg-7+deb6u3", "arch": "all", "packageFilename": "libsvn-perl_1.6.12dfsg-7+deb6u3_all.deb", "packageName": "libsvn-perl", "operator": "lt"}, {"OS": "Debian", "OSVersion": "6", "packageVersion": "1.6.12dfsg-7+deb6u3", "arch": "all", "packageFilename": "libsvn-java_1.6.12dfsg-7+deb6u3_all.deb", "packageName": "libsvn-java", "operator": "lt"}, {"OS": "Debian", "OSVersion": "6", "packageVersion": "1.6.12dfsg-7+deb6u3", "arch": "all", "packageFilename": "subversion-tools_1.6.12dfsg-7+deb6u3_all.deb", "packageName": "subversion-tools", "operator": "lt"}, {"OS": "Debian", "OSVersion": "6", "packageVersion": "1.6.12dfsg-7+deb6u3", "arch": "all", "packageFilename": "python-subversion_1.6.12dfsg-7+deb6u3_all.deb", "packageName": "python-subversion", "operator": "lt"}, {"OS": "Debian", "OSVersion": "6", "packageVersion": "1.6.12dfsg-7+deb6u3", "arch": "all", "packageFilename": "libsvn-ruby_1.6.12dfsg-7+deb6u3_all.deb", "packageName": "libsvn-ruby", "operator": "lt"}, {"OS": "Debian", "OSVersion": "6", "packageVersion": "1.6.12dfsg-7+deb6u3", "arch": "all", "packageFilename": "libsvn1_1.6.12dfsg-7+deb6u3_all.deb", "packageName": "libsvn1", "operator": "lt"}, {"OS": "Debian", "OSVersion": "6", "packageVersion": "1.6.12dfsg-7+deb6u3", "arch": "all", "packageFilename": "libsvn-dev_1.6.12dfsg-7+deb6u3_all.deb", "packageName": "libsvn-dev", "operator": "lt"}], "description": "Package : subversion\nVersion : 1.6.12dfsg-7+deb6u3\nCVE ID : CVE-2015-3187\n\nC. Michael Pilato, from CollabNet, reported an issue in the version\ncontrol system Subversion.\n\nCVE-2015-3187\n\n Subversion servers revealed some sensible paths hidden by path-based\n authorization. Remote authenticated users were allowed to obtain\n path information by reading the history of a node that has been\n moved from a hidden path. The vulnerability only revealed the path,\n though it didn't reveal its content.\n\nFor Debian 6 \u201cSqueeze\u201d, this issue has been fixed in subversion\n1.6.12dfsg-7+deb6u3. We recommend to upgrade your subversion packages.\n\n", "edition": 1, "reporter": "Debian", "published": "2015-08-16T10:24:32", "title": "[SECURITY] [DLA 293-1] subversion security update", "type": "debian", "enchantments": {"score": {"modified": "2018-10-16T22:15:06", "vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2015-3187"], "modified": "2015-08-16T10:24:32", "id": "DEBIAN:DLA-293-1:55795", "href": "https://lists.debian.org/debian-lts-announce/2015/debian-lts-announce-201508/msg00006.html", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:PARTIAL/I:NONE/A:NONE/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:02", "references": ["https://vulners.com/securityvulns/securityvulns:doc:32400"], "description": "Authentication bypass, unauthorized files access.", "edition": 1, "reporter": "BUGTRAQ", "published": "2015-08-24T00:00:00", "title": "Apache Subversion security vulnerabilities", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:10:02", "vector": "NONE", "value": 7.5}}, "bulletinFamily": "software", "affectedSoftware": [{"name": "Subversion", "version": "1.8", "operator": "eq"}], "cvelist": ["CVE-2015-3187", "CVE-2015-3184"], "modified": "2015-08-24T00:00:00", "id": "SECURITYVULNS:VULN:14638", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:14638", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-08-31T11:11:01", "references": [], "description": "\r\n\r\n==========================================================================\r\nUbuntu Security Notice USN-2721-1\r\nAugust 20, 2015\r\n\r\nsubversion vulnerabilities\r\n==========================================================================\r\n\r\nA security issue affects these releases of Ubuntu and its derivatives:\r\n\r\n- Ubuntu 15.04\r\n- Ubuntu 14.04 LTS\r\n- Ubuntu 12.04 LTS\r\n\r\nSummary:\r\n\r\nSeveral security issues were fixed in Subversion.\r\n\r\nSoftware Description:\r\n- subversion: Advanced version control system\r\n\r\nDetails:\r\n\r\nIt was discovered that the Subversion mod_dav_svn module incorrectly\r\nhandled REPORT requests for a resource that does not exist. A remote\r\nattacker could use this issue to cause the server to crash, resulting in a\r\ndenial of service. This issue only affected Ubuntu 12.04 LTS and Ubuntu\r\n14.04 LTS. (CVE-2014-3580)\r\n\r\nIt was discovered that the Subversion mod_dav_svn module incorrectly\r\nhandled requests requiring a lookup for a virtual transaction name that\r\ndoes not exist. A remote attacker could use this issue to cause the server\r\nto crash, resulting in a denial of service. This issue only affected Ubuntu\r\n14.04 LTS. (CVE-2014-8108)\r\n\r\nEvgeny Kotkov discovered that the Subversion mod_dav_svn module incorrectly\r\nhandled large numbers of REPORT requests. A remote attacker could use this\r\nissue to cause the server to crash, resulting in a denial of service. This\r\nissue only affected Ubuntu 14.04 LTS and Ubuntu 15.04. (CVE-2015-0202)\r\n\r\nEvgeny Kotkov discovered that the Subversion mod_dav_svn and svnserve\r\nmodules incorrectly certain crafted parameter combinations. A remote\r\nattacker could use this issue to cause the server to crash, resulting in a\r\ndenial of service. (CVE-2015-0248)\r\n\r\nIvan Zhakov discovered that the Subversion mod_dav_svn module incorrectly\r\nhandled crafted v1 HTTP protocol request sequences. A remote attacker could\r\nuse this issue to spoof the svn:author property. (CVE-2015-0251)\r\n\r\nC. Michael Pilato discovered that the Subversion mod_dav_svn module\r\nincorrectly restricted anonymous access. A remote attacker could use this\r\nissue to read hidden files via the path name. This issue only affected\r\nUbuntu 14.04 LTS and Ubuntu 15.04. (CVE-2015-3184)\r\n\r\nC. Michael Pilato discovered that Subversion incorrectly handled path-based\r\nauthorization. A remote attacker could use this issue to obtain sensitive\r\npath information. (CVE-2015-3187)\r\n\r\nUpdate instructions:\r\n\r\nThe problem can be corrected by updating your system to the following\r\npackage versions:\r\n\r\nUbuntu 15.04:\r\n libapache2-svn 1.8.10-5ubuntu1.1\r\n libsvn1 1.8.10-5ubuntu1.1\r\n subversion 1.8.10-5ubuntu1.1\r\n\r\nUbuntu 14.04 LTS:\r\n libapache2-svn 1.8.8-1ubuntu3.2\r\n libsvn1 1.8.8-1ubuntu3.2\r\n subversion 1.8.8-1ubuntu3.2\r\n\r\nUbuntu 12.04 LTS:\r\n libapache2-svn 1.6.17dfsg-3ubuntu3.5\r\n libsvn1 1.6.17dfsg-3ubuntu3.5\r\n subversion 1.6.17dfsg-3ubuntu3.5\r\n\r\nIn general, a standard system update will make all the necessary changes.\r\n\r\nReferences:\r\n http://www.ubuntu.com/usn/usn-2721-1\r\n CVE-2014-3580, CVE-2014-8108, CVE-2015-0202, CVE-2015-0248,\r\n CVE-2015-0251, CVE-2015-3184, CVE-2015-3187\r\n\r\nPackage Information:\r\n https://launchpad.net/ubuntu/+source/subversion/1.8.10-5ubuntu1.1\r\n https://launchpad.net/ubuntu/+source/subversion/1.8.8-1ubuntu3.2\r\n https://launchpad.net/ubuntu/+source/subversion/1.6.17dfsg-3ubuntu3.5\r\n\r\n\r\n\r\n\r\n-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce\r\n\r\n", "edition": 1, "reporter": "Securityvulns", "published": "2015-08-24T00:00:00", "title": "[USN-2721-1] Subversion vulnerabilities", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:11:01", "vector": "NONE", "value": 5.0}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2015-0248", "CVE-2015-3187", "CVE-2015-0251", "CVE-2015-0202", "CVE-2015-3184", "CVE-2014-3580", "CVE-2014-8108"], "modified": "2015-08-24T00:00:00", "id": "SECURITYVULNS:DOC:32400", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:32400", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "openvas": [{"lastseen": "2018-09-01T23:51:50", "references": ["http://www.debian.org/security/2015/dsa-3331.html"], "pluginID": "1361412562310703331", "description": "Several security issues have been found in the server components of the\nversion control system subversion.\n\nCVE-2015-3184 \nSubversion", "edition": 3, "reporter": "Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net", "published": "2015-08-10T00:00:00", "title": "Debian Security Advisory DSA 3331-1 (subversion - security update)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-3187", "CVE-2015-3184"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310703331", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703331", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3331.nasl 9355 2018-04-06 07:16:07Z cfischer $\n# Auto-generated from advisory DSA 3331-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703331\");\n script_version(\"$Revision: 9355 $\");\n script_cve_id(\"CVE-2015-3184\", \"CVE-2015-3187\");\n script_name(\"Debian Security Advisory DSA 3331-1 (subversion - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2018-04-06 09:16:07 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name: \"creation_date\", value: \"2015-08-10 00:00:00 +0200 (Mon, 10 Aug 2015)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n script_tag(name: \"qod_type\", value: \"package\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2015/dsa-3331.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"subversion on Debian Linux\");\n script_tag(name: \"insight\", value: \"Subversion, also known as svn, is a version control system much like\nthe Concurrent Versions System (CVS). Version control systems allow\nmany individuals (who may be distributed geographically) to\ncollaborate on a set of files (typically source code). Subversion has\nall the major features of CVS, plus certain new features that CVS\nusers often wish they had.\");\n script_tag(name: \"solution\", value: \"For the oldstable distribution (wheezy), this problem has been fixed\nin version 1.6.17dfsg-4+deb7u10.\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 1.8.10-6+deb8u1.\n\nFor the testing distribution (stretch), these problems will be fixed in\nversion 1.9.0-1.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 1.9.0-1.\n\nWe recommend that you upgrade your subversion packages.\");\n script_tag(name: \"summary\", value: \"Several security issues have been found in the server components of the\nversion control system subversion.\n\nCVE-2015-3184 \nSubversion's mod_authz_svn does not properly restrict anonymous\naccess in some mixed anonymous/authenticated environments when\nusing Apache httpd 2.4. The result is that anonymous access may\nbe possible to files for which only authenticated access should\nbe possible. This issue does not affect the oldstable distribution\n(wheezy) because it only contains Apache httpd 2.2.\n\nCVE-2015-3187 \nSubversion servers, both httpd and svnserve, will reveal some\npaths that should be hidden by path-based authz. When a node is\ncopied from an unreadable location to a readable location the\nunreadable path may be revealed. This vulnerablity only reveals\nthe path, it does not reveal the contents of the path.\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software version using the apt package manager.\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libapache2-svn\", ver:\"1.6.17dfsg-4+deb7u10\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsvn-dev\", ver:\"1.6.17dfsg-4+deb7u10\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsvn-doc\", ver:\"1.6.17dfsg-4+deb7u10\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsvn-java\", ver:\"1.6.17dfsg-4+deb7u10\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsvn-perl\", ver:\"1.6.17dfsg-4+deb7u10\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsvn-ruby\", ver:\"1.6.17dfsg-4+deb7u10\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsvn-ruby1.8\", ver:\"1.6.17dfsg-4+deb7u10\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsvn1\", ver:\"1.6.17dfsg-4+deb7u10\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python-subversion\", ver:\"1.6.17dfsg-4+deb7u10\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"subversion\", ver:\"1.6.17dfsg-4+deb7u10\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"subversion-tools\", ver:\"1.6.17dfsg-4+deb7u10\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libapache2-mod-svn\", ver:\"1.8.10-6+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libapache2-svn\", ver:\"1.8.10-6+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsvn-dev\", ver:\"1.8.10-6+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsvn-doc\", ver:\"1.8.10-6+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsvn-java\", ver:\"1.8.10-6+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsvn-perl\", ver:\"1.8.10-6+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsvn-ruby1.8\", ver:\"1.8.10-6+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsvn1\", ver:\"1.8.10-6+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python-subversion\", ver:\"1.8.10-6+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ruby-svn\", ver:\"1.8.10-6+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"subversion\", ver:\"1.8.10-6+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"subversion-dbg\", ver:\"1.8.10-6+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"subversion-tools\", ver:\"1.8.10-6+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2017-07-24T12:52:20", "references": ["http://www.debian.org/security/2015/dsa-3331.html"], "pluginID": "703331", "description": "Several security issues have been found in the server components of the\nversion control system subversion.\n\nCVE-2015-3184 \nSubversion", "edition": 2, "reporter": "Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net", "published": "2015-08-10T00:00:00", "title": "Debian Security Advisory DSA 3331-1 (subversion - security update)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-3187", "CVE-2015-3184"], "modified": "2017-07-07T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=703331", "id": "OPENVAS:703331", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3331.nasl 6609 2017-07-07 12:05:59Z cfischer $\n# Auto-generated from advisory DSA 3331-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_id(703331);\n script_version(\"$Revision: 6609 $\");\n script_cve_id(\"CVE-2015-3184\", \"CVE-2015-3187\");\n script_name(\"Debian Security Advisory DSA 3331-1 (subversion - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2017-07-07 14:05:59 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name: \"creation_date\", value: \"2015-08-10 00:00:00 +0200 (Mon, 10 Aug 2015)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n script_tag(name: \"qod_type\", value: \"package\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2015/dsa-3331.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"subversion on Debian Linux\");\n script_tag(name: \"insight\", value: \"Subversion, also known as svn, is a version control system much like\nthe Concurrent Versions System (CVS). Version control systems allow\nmany individuals (who may be distributed geographically) to\ncollaborate on a set of files (typically source code). Subversion has\nall the major features of CVS, plus certain new features that CVS\nusers often wish they had.\");\n script_tag(name: \"solution\", value: \"For the oldstable distribution (wheezy), this problem has been fixed\nin version 1.6.17dfsg-4+deb7u10.\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 1.8.10-6+deb8u1.\n\nFor the testing distribution (stretch), these problems will be fixed in\nversion 1.9.0-1.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 1.9.0-1.\n\nWe recommend that you upgrade your subversion packages.\");\n script_tag(name: \"summary\", value: \"Several security issues have been found in the server components of the\nversion control system subversion.\n\nCVE-2015-3184 \nSubversion's mod_authz_svn does not properly restrict anonymous\naccess in some mixed anonymous/authenticated environments when\nusing Apache httpd 2.4. The result is that anonymous access may\nbe possible to files for which only authenticated access should\nbe possible. This issue does not affect the oldstable distribution\n(wheezy) because it only contains Apache httpd 2.2.\n\nCVE-2015-3187 \nSubversion servers, both httpd and svnserve, will reveal some\npaths that should be hidden by path-based authz. When a node is\ncopied from an unreadable location to a readable location the\nunreadable path may be revealed. This vulnerablity only reveals\nthe path, it does not reveal the contents of the path.\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software version using the apt package manager.\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libapache2-svn\", ver:\"1.6.17dfsg-4+deb7u10\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsvn-dev\", ver:\"1.6.17dfsg-4+deb7u10\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsvn-doc\", ver:\"1.6.17dfsg-4+deb7u10\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsvn-java\", ver:\"1.6.17dfsg-4+deb7u10\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsvn-perl\", ver:\"1.6.17dfsg-4+deb7u10\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsvn-ruby\", ver:\"1.6.17dfsg-4+deb7u10\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsvn-ruby1.8\", ver:\"1.6.17dfsg-4+deb7u10\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsvn1\", ver:\"1.6.17dfsg-4+deb7u10\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python-subversion\", ver:\"1.6.17dfsg-4+deb7u10\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"subversion\", ver:\"1.6.17dfsg-4+deb7u10\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"subversion-tools\", ver:\"1.6.17dfsg-4+deb7u10\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libapache2-mod-svn\", ver:\"1.8.10-6+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libapache2-svn\", ver:\"1.8.10-6+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsvn-dev\", ver:\"1.8.10-6+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsvn-doc\", ver:\"1.8.10-6+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsvn-java\", ver:\"1.8.10-6+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsvn-perl\", ver:\"1.8.10-6+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsvn-ruby1.8\", ver:\"1.8.10-6+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsvn1\", ver:\"1.8.10-6+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python-subversion\", ver:\"1.8.10-6+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ruby-svn\", ver:\"1.8.10-6+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"subversion\", ver:\"1.8.10-6+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"subversion-dbg\", ver:\"1.8.10-6+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"subversion-tools\", ver:\"1.8.10-6+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-10-22T16:40:14", "references": ["https://subversion.apache.org", "http://subversion.apache.org/security/CVE-2015-3187-advisory.txt", "http://subversion.apache.org/security/CVE-2015-3184-advisory.txt", "http://www.securitytracker.com/id/1033215"], "pluginID": "1361412562310805095", "description": "This host is installed with Apache Subversion\n and is prone to multiple vulnerabilities.", "edition": 8, "reporter": "Copyright (C) 2015 Greenbone Networks GmbH", "published": "2015-08-18T00:00:00", "title": "Apache Subversion Multiple Vulnerabilities - Aug15", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "General", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-3187", "CVE-2015-3184"], "modified": "2018-10-19T00:00:00", "id": "OPENVAS:1361412562310805095", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310805095", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_apache_subversion_mult_vuln_aug15.nasl 11975 2018-10-19 06:54:12Z cfischer $\n#\n# Apache Subversion Multiple Vulnerabilities - Aug15\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:apache:subversion\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.805095\");\n script_version(\"$Revision: 11975 $\");\n script_cve_id(\"CVE-2015-3184\", \"CVE-2015-3187\");\n script_bugtraq_id(76274, 76273);\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-19 08:54:12 +0200 (Fri, 19 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-08-18 13:39:48 +0530 (Tue, 18 Aug 2015)\");\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n script_name(\"Apache Subversion Multiple Vulnerabilities - Aug15\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Apache Subversion\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Flaws are due to,\n\n - The mod_authz_svn does not properly restrict anonymous access in some\n mixed anonymous/authenticated environments when using Apache httpd 2.4.\n\n - The svnserve will reveal some paths that should be hidden by path-based\n authz. When a node is copied rom an unreadable location to a readable\n location the unreadable path may be revealed.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an\n authenticated remote attacker to obtain potentially sensitive information\n from an ostensibly hidden repository.\");\n\n script_tag(name:\"affected\", value:\"Apache Subversion 1.7.x before 1.7.21 and 1.8.x before 1.8.14\");\n\n script_tag(name:\"solution\", value:\"Upgrade to version 1.7.21 or 1.8.14 or\n later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://www.securitytracker.com/id/1033215\");\n script_xref(name:\"URL\", value:\"http://subversion.apache.org/security/CVE-2015-3187-advisory.txt\");\n script_xref(name:\"URL\", value:\"http://subversion.apache.org/security/CVE-2015-3184-advisory.txt\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_subversion_remote_detect.nasl\");\n script_mandatory_keys(\"Subversion/installed\");\n script_require_ports(\"Services/www\", 3690);\n script_xref(name:\"URL\", value:\"https://subversion.apache.org\");\n exit(0);\n}\n\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!http_port = get_app_port(cpe:CPE)){\n exit(0);\n}\n\nif(!subver = get_app_version(cpe:CPE, port:http_port)){\n exit(0);\n}\n\nif(version_in_range(version:subver, test_version:\"1.7.0\", test_version2:\"1.7.20\"))\n{\n fix = \"1.7.21\";\n VULN = TRUE;\n}\n\nif(version_in_range(version:subver, test_version:\"1.8.0\", test_version2:\"1.8.13\"))\n{\n fix = \"1.8.14\";\n VULN = TRUE;\n}\n\nif(VULN)\n{\n report = 'Installed version: ' + subver + '\\n' +\n 'Fixed version: ' + fix + '\\n';\n security_message(data:report, port:http_port);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-09-01T23:47:06", "references": ["2015-6", "https://lists.fedoraproject.org/pipermail/package-announce/2016-February/178157.html"], "pluginID": "1361412562310807425", "description": "Check the version of subversion", "edition": 4, "reporter": "Copyright (C) 2016 Greenbone Networks GmbH", "published": "2016-03-01T00:00:00", "title": "Fedora Update for subversion FEDORA-2015-6", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-5259", "CVE-2015-3187", "CVE-2015-5343", "CVE-2015-3184"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:1361412562310807425", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310807425", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for subversion FEDORA-2015-6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.807425\");\n script_version(\"$Revision: 6631 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:36:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2016-03-01 06:16:09 +0100 (Tue, 01 Mar 2016)\");\n script_cve_id(\"CVE-2015-3184\", \"CVE-2015-3187\", \"CVE-2015-5343\", \"CVE-2015-5259\");\n script_tag(name:\"cvss_base\", value:\"9.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for subversion FEDORA-2015-6\");\n script_tag(name: \"summary\", value: \"Check the version of subversion\");\n \n script_tag(name: \"vuldetect\", value: \"Get the installed version with the help\n of detect NVT and check if the version is vulnerable or not.\");\n \n script_tag(name: \"insight\", value: \"Subversion is a concurrent version control\n system which enables one or more users to collaborate in developing and\n maintaining a hierarchy of files and directories while keeping a history of all\n changes. Subversion only stores the differences between versions, instead of\n every complete file. Subversion is intended to be a compelling replacement\n for CVS.\");\n\n script_tag(name: \"affected\", value: \"subversion on Fedora 22\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n\n script_xref(name: \"FEDORA\", value: \"2015-6\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2016-February/178157.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC22\")\n{\n\n if ((res = isrpmvuln(pkg:\"subversion\", rpm:\"subversion~1.8.15~1.fc22\", rls:\"FC22\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:51:12", "references": ["2015:1742", "http://lists.centos.org/pipermail/centos-announce/2015-September/021377.html"], "pluginID": "1361412562310882281", "description": "Check the version of mod_dav_svn", "edition": 4, "reporter": "Copyright (C) 2015 Greenbone Networks GmbH", "published": "2015-09-09T00:00:00", "title": "CentOS Update for mod_dav_svn CESA-2015:1742 centos7 ", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "CentOS Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-0248", "CVE-2015-3187", "CVE-2015-0251", "CVE-2015-3184"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:1361412562310882281", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882281", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for mod_dav_svn CESA-2015:1742 centos7 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882281\");\n script_version(\"$Revision: 6657 $\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:50:44 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2015-09-09 06:27:33 +0200 (Wed, 09 Sep 2015)\");\n script_cve_id(\"CVE-2015-0248\", \"CVE-2015-0251\", \"CVE-2015-3184\", \"CVE-2015-3187\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for mod_dav_svn CESA-2015:1742 centos7 \");\n script_tag(name: \"summary\", value: \"Check the version of mod_dav_svn\");\n script_tag(name: \"vuldetect\", value: \"Get the installed version with the help of detect NVT and check if the version is vulnerable or not.\");\n script_tag(name: \"insight\", value: \"Subversion (SVN) is a concurrent version control system which enables one\nor more users to collaborate in developing and maintaining a hierarchy of\nfiles and directories while keeping a history of all changes. The\nmod_dav_svn module is used with the Apache HTTP Server to allow access\nto Subversion repositories via HTTP.\n\nAn assertion failure flaw was found in the way the SVN server processed\ncertain requests with dynamically evaluated revision numbers. A remote\nattacker could use this flaw to cause the SVN server (both svnserve and\nhttpd with the mod_dav_svn module) to crash. (CVE-2015-0248)\n\nIt was found that the mod_authz_svn module did not properly restrict\nanonymous access to Subversion repositories under certain configurations\nwhen used with Apache httpd 2.4.x. This could allow a user to anonymously\naccess files in a Subversion repository, which should only be accessible to\nauthenticated users. (CVE-2015-3184)\n\nIt was found that the mod_dav_svn module did not properly validate the\nsvn:author property of certain requests. An attacker able to create new\nrevisions could use this flaw to spoof the svn:author property.\n(CVE-2015-0251)\n\nIt was found that when an SVN server (both svnserve and httpd with the\nmod_dav_svn module) searched the history of a file or a directory, it would\ndisclose its location in the repository if that file or directory was not\nreadable (for example, if it had been moved). (CVE-2015-3187)\n\nRed Hat would like to thank the Apache Software Foundation for reporting\nthese issues. Upstream acknowledges Evgeny Kotkov of VisualSVN as the\noriginal reporter of CVE-2015-0248 and CVE-2015-0251, and C. Michael\nPilato of CollabNet as the original reporter of CVE-2015-3184 and\nCVE-2015-3187 flaws.\n\nAll subversion users should upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing the\nupdated packages, for the update to take effect, you must restart the httpd\ndaemon, if you are using mod_dav_svn, and the svnserve daemon, if you are\nserving Subversion repositories via the svn:// protocol.\n\");\n script_tag(name: \"affected\", value: \"mod_dav_svn on CentOS 7\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n script_xref(name: \"CESA\", value: \"2015:1742\");\n script_xref(name: \"URL\" , value: \"http://lists.centos.org/pipermail/centos-announce/2015-September/021377.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS7\")\n{\n\n if ((res = isrpmvuln(pkg:\"mod_dav_svn\", rpm:\"mod_dav_svn~1.7.14~7.el7_1.1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"subversion\", rpm:\"subversion~1.7.14~7.el7_1.1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"subversion-devel\", rpm:\"subversion-devel~1.7.14~7.el7_1.1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"subversion-gnome\", rpm:\"subversion-gnome~1.7.14~7.el7_1.1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"subversion-javahl\", rpm:\"subversion-javahl~1.7.14~7.el7_1.1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"subversion-kde\", rpm:\"subversion-kde~1.7.14~7.el7_1.1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"subversion-libs\", rpm:\"subversion-libs~1.7.14~7.el7_1.1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"subversion-perl\", rpm:\"subversion-perl~1.7.14~7.el7_1.1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"subversion-python\", rpm:\"subversion-python~1.7.14~7.el7_1.1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"subversion-ruby\", rpm:\"subversion-ruby~1.7.14~7.el7_1.1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"subversion-tools\", rpm:\"subversion-tools~1.7.14~7.el7_1.1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-10-12T12:38:08", "references": ["https://alas.aws.amazon.com/ALAS-2016-676.html"], "pluginID": "1361412562310120666", "description": "Amazon Linux Local Security Checks", "edition": 6, "reporter": "Eero Volotinen", "published": "2016-03-31T00:00:00", "title": "Amazon Linux Local Check: alas-2016-676", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Amazon Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-5259", "CVE-2015-3187", "CVE-2015-5343", "CVE-2015-3184"], "modified": "2018-10-12T00:00:00", "id": "OPENVAS:1361412562310120666", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120666", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: alas-2016-676.nasl 6574 2017-07-06 13:41:26Z cfischer$\n#\n# Amazon Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@iki.fi>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://ping-viini.org\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120666\");\n script_version(\"$Revision: 11856 $\");\n script_tag(name:\"creation_date\", value:\"2016-03-31 08:02:09 +0300 (Thu, 31 Mar 2016)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-12 09:45:29 +0200 (Fri, 12 Oct 2018) $\");\n script_name(\"Amazon Linux Local Check: alas-2016-676\");\n script_tag(name:\"insight\", value:\"Multiple flaws were found in mod_dav_svn and subversion. Please see the references for more information.\");\n script_tag(name:\"solution\", value:\"Run yum update mod_dav_svn to update your system. Run yum update subversion to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2016-676.html\");\n script_cve_id(\"CVE-2015-3187\", \"CVE-2015-5259\", \"CVE-2015-3184\", \"CVE-2015-5343\");\n script_tag(name:\"cvss_base\", value:\"9.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Amazon Linux Local Security Checks\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"AMAZON\")\n{\nif ((res = isrpmvuln(pkg:\"svn\", rpm:\"svn~1.8.15~1.52.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"svn-debuginfo\", rpm:\"svn-debuginfo~1.8.15~1.52.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"svn\", rpm:\"svn~1.8.15~1.54.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"subversion-tools\", rpm:\"subversion-tools~1.8.15~1.54.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"subversion\", rpm:\"subversion~1.8.15~1.54.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"subversion-python27\", rpm:\"subversion-python27~1.8.15~1.54.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"subversion-javahl\", rpm:\"subversion-javahl~1.8.15~1.54.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"subversion-ruby\", rpm:\"subversion-ruby~1.8.15~1.54.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"subversion-perl\", rpm:\"subversion-perl~1.8.15~1.54.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"subversion-debuginfo\", rpm:\"subversion-debuginfo~1.8.15~1.54.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"subversion-devel\", rpm:\"subversion-devel~1.8.15~1.54.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"subversion-libs\", rpm:\"subversion-libs~1.8.15~1.54.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"subversion-python26\", rpm:\"subversion-python26~1.8.15~1.54.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 9.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:COMPLETE/"}}, {"lastseen": "2018-11-23T15:12:34", "references": ["https://www.redhat.com/archives/rhsa-announce/2015-September/msg00017.html", "2015:1742-01"], "pluginID": "1361412562310871449", "description": "The remote host is missing an update for the ", "edition": 7, "reporter": "Copyright (C) 2015 Greenbone Networks GmbH", "published": "2015-09-09T00:00:00", "title": "RedHat Update for subversion RHSA-2015:1742-01", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Red Hat Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-0248", "CVE-2015-3187", "CVE-2015-0251", "CVE-2015-3184"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310871449", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871449", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for subversion RHSA-2015:1742-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871449\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-09-09 06:26:34 +0200 (Wed, 09 Sep 2015)\");\n script_cve_id(\"CVE-2015-0248\", \"CVE-2015-0251\", \"CVE-2015-3184\", \"CVE-2015-3187\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"RedHat Update for subversion RHSA-2015:1742-01\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'subversion'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Subversion (SVN) is a concurrent version control system which enables one\nor more users to collaborate in developing and maintaining a hierarchy of\nfiles and directories while keeping a history of all changes. The\nmod_dav_svn module is used with the Apache HTTP Server to allow access\nto Subversion repositories via HTTP.\n\nAn assertion failure flaw was found in the way the SVN server processed\ncertain requests with dynamically evaluated revision numbers. A remote\nattacker could use this flaw to cause the SVN server (both svnserve and\nhttpd with the mod_dav_svn module) to crash. (CVE-2015-0248)\n\nIt was found that the mod_authz_svn module did not properly restrict\nanonymous access to Subversion repositories under certain configurations\nwhen used with Apache httpd 2.4.x. This could allow a user to anonymously\naccess files in a Subversion repository, which should only be accessible to\nauthenticated users. (CVE-2015-3184)\n\nIt was found that the mod_dav_svn module did not properly validate the\nsvn:author property of certain requests. An attacker able to create new\nrevisions could use this flaw to spoof the svn:author property.\n(CVE-2015-0251)\n\nIt was found that when an SVN server (both svnserve and httpd with the\nmod_dav_svn module) searched the history of a file or a directory, it would\ndisclose its location in the repository if that file or directory was not\nreadable (for example, if it had been moved). (CVE-2015-3187)\n\nRed Hat would like to thank the Apache Software Foundation for reporting\nthese issues. Upstream acknowledges Evgeny Kotkov of VisualSVN as the\noriginal reporter of CVE-2015-0248 and CVE-2015-0251, and C. Michael\nPilato of CollabNet as the original reporter of CVE-2015-3184 and\nCVE-2015-3187 flaws.\n\nAll subversion users should upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing the\nupdated packages, for the update to take effect, you must restart the httpd\ndaemon, if you are using mod_dav_svn, and the svnserve daemon, if you are\nserving Subversion repositories via the svn:// protocol.\");\n script_tag(name:\"affected\", value:\"subversion on Red Hat Enterprise Linux Server (v. 7)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"RHSA\", value:\"2015:1742-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2015-September/msg00017.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_7\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_7\")\n{\n\n if ((res = isrpmvuln(pkg:\"mod_dav_svn\", rpm:\"mod_dav_svn~1.7.14~7.el7_1.1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"subversion\", rpm:\"subversion~1.7.14~7.el7_1.1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"subversion-debuginfo\", rpm:\"subversion-debuginfo~1.7.14~7.el7_1.1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"subversion-libs\", rpm:\"subversion-libs~1.7.14~7.el7_1.1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-09-28T18:24:52", "references": ["http://linux.oracle.com/errata/ELSA-2015-1742.html"], "pluginID": "1361412562310123007", "description": "Oracle Linux Local Security Checks ELSA-2015-1742", "edition": 5, "reporter": "Eero Volotinen", "published": "2015-10-06T00:00:00", "title": "Oracle Linux Local Check: ELSA-2015-1742", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "naslFamily": "Oracle Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-0248", "CVE-2015-3187", "CVE-2015-0251", "CVE-2015-3184"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310123007", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123007", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2015-1742.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123007\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 09:46:34 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2015-1742\");\n script_tag(name:\"insight\", value:\"ELSA-2015-1742 - subversion security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2015-1742\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2015-1742.html\");\n script_cve_id(\"CVE-2015-0248\", \"CVE-2015-0251\", \"CVE-2015-3187\", \"CVE-2015-3184\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux7\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux7\")\n{\n if ((res = isrpmvuln(pkg:\"mod_dav_svn\", rpm:\"mod_dav_svn~1.7.14~7.el7_1.1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"subversion\", rpm:\"subversion~1.7.14~7.el7_1.1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"subversion-devel\", rpm:\"subversion-devel~1.7.14~7.el7_1.1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"subversion-gnome\", rpm:\"subversion-gnome~1.7.14~7.el7_1.1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"subversion-javahl\", rpm:\"subversion-javahl~1.7.14~7.el7_1.1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"subversion-kde\", rpm:\"subversion-kde~1.7.14~7.el7_1.1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"subversion-libs\", rpm:\"subversion-libs~1.7.14~7.el7_1.1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"subversion-perl\", rpm:\"subversion-perl~1.7.14~7.el7_1.1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"subversion-python\", rpm:\"subversion-python~1.7.14~7.el7_1.1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"subversion-ruby\", rpm:\"subversion-ruby~1.7.14~7.el7_1.1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"subversion-tools\", rpm:\"subversion-tools~1.7.14~7.el7_1.1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-11-19T13:02:41", "references": ["2721-1", "http://www.ubuntu.com/usn/usn-2721-1/"], "pluginID": "1361412562310842420", "description": "The remote host is missing an update for the ", "edition": 8, "reporter": "Copyright (C) 2015 Greenbone Networks GmbH", "published": "2015-08-21T00:00:00", "title": "Ubuntu Update for subversion USN-2721-1", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Ubuntu Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-0248", "CVE-2015-3187", "CVE-2015-0251", "CVE-2015-0202", "CVE-2015-3184", "CVE-2014-3580", "CVE-2014-8108"], "modified": "2018-11-16T00:00:00", "id": "OPENVAS:1361412562310842420", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842420", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for subversion USN-2721-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842420\");\n script_version(\"$Revision: 12381 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 12:16:30 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-08-21 07:50:15 +0200 (Fri, 21 Aug 2015)\");\n script_cve_id(\"CVE-2014-3580\", \"CVE-2014-8108\", \"CVE-2015-0202\", \"CVE-2015-0248\",\n \"CVE-2015-0251\", \"CVE-2015-3184\", \"CVE-2015-3187\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for subversion USN-2721-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'subversion'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"It was discovered that the Subversion\nmod_dav_svn module incorrectly handled REPORT requests for a resource that does\nnot exist. A remote attacker could use this issue to cause the server to crash,\nresulting in a denial of service. This issue only affected Ubuntu 12.04 LTS\nand Ubuntu 14.04 LTS. (CVE-2014-3580)\n\nIt was discovered that the Subversion mod_dav_svn module incorrectly\nhandled requests requiring a lookup for a virtual transaction name that\ndoes not exist. A remote attacker could use this issue to cause the server\nto crash, resulting in a denial of service. This issue only affected Ubuntu\n14.04 LTS. (CVE-2014-8108)\n\nEvgeny Kotkov discovered that the Subversion mod_dav_svn module incorrectly\nhandled large numbers of REPORT requests. A remote attacker could use this\nissue to cause the server to crash, resulting in a denial of service. This\nissue only affected Ubuntu 14.04 LTS and Ubuntu 15.04. (CVE-2015-0202)\n\nEvgeny Kotkov discovered that the Subversion mod_dav_svn and svnserve\nmodules incorrectly certain crafted parameter combinations. A remote\nattacker could use this issue to cause the server to crash, resulting in a\ndenial of service. (CVE-2015-0248)\n\nIvan Zhakov discovered that the Subversion mod_dav_svn module incorrectly\nhandled crafted v1 HTTP protocol request sequences. A remote attacker could\nuse this issue to spoof the svn:author property. (CVE-2015-0251)\n\nC. Michael Pilato discovered that the Subversion mod_dav_svn module\nincorrectly restricted anonymous access. A remote attacker could use this\nissue to read hidden files via the path name. This issue only affected\nUbuntu 14.04 LTS and Ubuntu 15.04. (CVE-2015-3184)\n\nC. Michael Pilato discovered that Subversion incorrectly handled path-based\nauthorization. A remote attacker could use this issue to obtain sensitive\npath information. (CVE-2015-3187)\");\n script_tag(name:\"affected\", value:\"subversion on Ubuntu 14.04 LTS,\n Ubuntu 12.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"USN\", value:\"2721-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2721-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(14\\.04 LTS|12\\.04 LTS)\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-svn\", ver:\"1.8.8-1ubuntu3.2\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libsvn1:amd64\", ver:\"1.8.8-1ubuntu3.2\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n if ((res = isdpkgvuln(pkg:\"libsvn1:i386\", ver:\"1.8.8-1ubuntu3.2\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"subversion\", ver:\"1.8.8-1ubuntu3.2\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-svn\", ver:\"1.6.17dfsg-3ubuntu3.5\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libsvn1\", ver:\"1.6.17dfsg-3ubuntu3.5\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"subversion\", ver:\"1.6.17dfsg-3ubuntu3.5\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:51:09", "references": ["http://lists.centos.org/pipermail/centos-announce/2015-August/021333.html", "2015:1633"], "pluginID": "1361412562310882252", "description": "Check the version of mod_dav_svn", "edition": 5, "reporter": "Copyright (C) 2015 Greenbone Networks GmbH", "published": "2015-08-18T00:00:00", "title": "CentOS Update for mod_dav_svn CESA-2015:1633 centos6 ", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "CentOS Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-0248", "CVE-2015-3187", "CVE-2015-0251"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:1361412562310882252", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882252", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for mod_dav_svn CESA-2015:1633 centos6 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882252\");\n script_version(\"$Revision: 6657 $\");\n script_cve_id(\"CVE-2015-0248\", \"CVE-2015-0251\", \"CVE-2015-3187\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:50:44 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2015-08-18 06:50:44 +0200 (Tue, 18 Aug 2015)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for mod_dav_svn CESA-2015:1633 centos6 \");\n script_tag(name: \"summary\", value: \"Check the version of mod_dav_svn\");\n script_tag(name: \"vuldetect\", value: \"Get the installed version with the help of detect NVT and check if the version is vulnerable or not.\");\n script_tag(name: \"insight\", value: \"Subversion (SVN) is a concurrent version control system which enables one\nor more users to collaborate in developing and maintaining a hierarchy of\nfiles and directories while keeping a history of all changes.\nThe mod_dav_svn module is used with the Apache HTTP Server to allow access\nto Subversion repositories via HTTP.\n\nAn assertion failure flaw was found in the way the SVN server processed\ncertain requests with dynamically evaluated revision numbers. A remote\nattacker could use this flaw to cause the SVN server (both svnserve and\nhttpd with the mod_dav_svn module) to crash. (CVE-2015-0248)\n\nIt was found that the mod_dav_svn module did not properly validate the\nsvn:author property of certain requests. An attacker able to create new\nrevisions could use this flaw to spoof the svn:author property.\n(CVE-2015-0251)\n\nIt was found that when an SVN server (both svnserve and httpd with the\nmod_dav_svn module) searched the history of a file or a directory, it would\ndisclose its location in the repository if that file or directory was not\nreadable (for example, if it had been moved). (CVE-2015-3187)\n\nRed Hat would like to thank the Apache Software Foundation for reporting\nthese issues. Upstream acknowledges Evgeny Kotkov of VisualSVN as the\noriginal reporter of CVE-2015-0248 and CVE-2015-0251, and C. Michael Pilato\nof CollabNet as the original reporter of CVE-2015-3187.\n\nAll subversion users should upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing the\nupdated packages, for the update to take effect, you must restart the httpd\ndaemon, if you are using mod_dav_svn, and the svnserve daemon, if you are\nserving Subversion repositories via the svn:// protocol.\n\");\n script_tag(name: \"affected\", value: \"mod_dav_svn on CentOS 6\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n script_xref(name: \"CESA\", value: \"2015:1633\");\n script_xref(name: \"URL\" , value: \"http://lists.centos.org/pipermail/centos-announce/2015-August/021333.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"mod_dav_svn\", rpm:\"mod_dav_svn~1.6.11~15.el6_7\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"subversion\", rpm:\"subversion~1.6.11~15.el6_7\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"subversion-devel\", rpm:\"subversion-devel~1.6.11~15.el6_7\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"subversion-gnome\", rpm:\"subversion-gnome~1.6.11~15.el6_7\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"subversion-javahl\", rpm:\"subversion-javahl~1.6.11~15.el6_7\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"subversion-kde\", rpm:\"subversion-kde~1.6.11~15.el6_7\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"subversion-perl\", rpm:\"subversion-perl~1.6.11~15.el6_7\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"subversion-ruby\", rpm:\"subversion-ruby~1.6.11~15.el6_7\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"subversion-svn2cl\", rpm:\"subversion-svn2cl~1.6.11~15.el6_7\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "archlinux": [{"lastseen": "2016-09-02T18:44:37", "references": ["https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3187", "https://subversion.apache.org/security/CVE-2015-3184-advisory.txt", "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3184", "https://subversion.apache.org/security/CVE-2015-3187-advisory.txt"], "affectedPackage": [{"OS": "any", "OSVersion": "any", "packageVersion": "1.9.0-1", "packageName": "subversion", "arch": "any", "packageFilename": "UNKNOWN", "operator": "lt"}], "edition": 1, "description": "- CVE-2015-3184:\n\nSubversion's mod_authz_svn does not properly restrict anonymous access\nin some mixed anonymous/authenticated environments when using Apache\nhttpd 2.4. The result is that anonymous access may be possible to files\nfor which only authenticated access should be possible.\n\n- CVE-2015-3187:\n\nSubversion servers, both httpd and svnserve, will reveal some paths that\nshould be hidden by path-based authz. When a node is copied from an\nunreadable location to a readable location the unreadable path may be\nrevealed. This vulnerability only reveals the path, it does not reveal\nthe contents of the path.", "reporter": "Arch Linux", "published": "2015-08-14T00:00:00", "title": "subversion: authentication bypass", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "type": "archlinux", "bulletinFamily": "unix", "cvelist": ["CVE-2015-3187", "CVE-2015-3184"], "modified": "2015-08-14T00:00:00", "href": "https://lists.archlinux.org/pipermail/arch-security/2015-August/000382.html", "id": "ASA-201508-5", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "nessus": [{"lastseen": "2018-11-13T17:12:15", "references": ["http://subversion.apache.org/security/CVE-2015-3187-advisory.txt", "http://www.nessus.org/u?9e07d01c", "http://subversion.apache.org/security/CVE-2015-3184-advisory.txt"], "pluginID": "85257", "description": "Subversion reports :\n\nCVE-2015-3184 : Subversion's mod_authz_svn does not properly restrict anonymous access in some mixed anonymous/authenticated environments when using Apache httpd 2.4.\n\nCVE-2015-3187 : Subversion servers, both httpd and svnserve, will reveal some paths that should be hidden by path-based authz.", "edition": 5, "reporter": "Tenable", "published": "2015-08-07T00:00:00", "title": "FreeBSD : subversion -- multiple vulnerabilities (57bb5e3d-3c4f-11e5-a4d4-001e8c75030d)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "FreeBSD Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-3187", "CVE-2015-3184"], "modified": "2018-11-10T00:00:00", "cpe": ["cpe:/o:freebsd:freebsd", "p-cpe:/a:freebsd:freebsd:subversion"], "id": "FREEBSD_PKG_57BB5E3D3C4F11E5A4D4001E8C75030D.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=85257", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(85257);\n script_version(\"2.3\");\n script_cvs_date(\"Date: 2018/11/10 11:49:44\");\n\n script_cve_id(\"CVE-2015-3184\", \"CVE-2015-3187\");\n\n script_name(english:\"FreeBSD : subversion -- multiple vulnerabilities (57bb5e3d-3c4f-11e5-a4d4-001e8c75030d)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Subversion reports :\n\nCVE-2015-3184 : Subversion's mod_authz_svn does not properly restrict\nanonymous access in some mixed anonymous/authenticated environments\nwhen using Apache httpd 2.4.\n\nCVE-2015-3187 : Subversion servers, both httpd and svnserve, will\nreveal some paths that should be hidden by path-based authz.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://subversion.apache.org/security/CVE-2015-3184-advisory.txt\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://subversion.apache.org/security/CVE-2015-3187-advisory.txt\"\n );\n # https://vuxml.freebsd.org/freebsd/57bb5e3d-3c4f-11e5-a4d4-001e8c75030d.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9e07d01c\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:subversion\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/07/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/08/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/08/07\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"subversion>=1.8.0<1.8.14\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"subversion>=1.7.0<1.7.21\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-11-13T16:53:09", "references": ["https://packages.debian.org/source/jessie/subversion", "https://packages.debian.org/source/wheezy/subversion", "https://security-tracker.debian.org/tracker/CVE-2015-3184", "https://www.debian.org/security/2015/dsa-3331", "https://security-tracker.debian.org/tracker/CVE-2015-3187"], "pluginID": "85354", "description": "Several security issues have been found in the server components of the version control system subversion.\n\n - CVE-2015-3184 Subversion's mod_authz_svn does not properly restrict anonymous access in some mixed anonymous/authenticated environments when using Apache httpd 2.4. The result is that anonymous access may be possible to files for which only authenticated access should be possible. This issue does not affect the oldstable distribution (wheezy) because it only contains Apache httpd 2.2.\n\n - CVE-2015-3187 Subversion servers, both httpd and svnserve, will reveal some paths that should be hidden by path-based authz.\n When a node is copied from an unreadable location to a readable location the unreadable path may be revealed.\n This vulnerablity only reveals the path, it does not reveal the contents of the path.", "edition": 5, "reporter": "Tenable", "published": "2015-08-13T00:00:00", "title": "Debian DSA-3331-1 : subversion - security update", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-3187", "CVE-2015-3184"], "modified": "2018-11-10T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:subversion", "cpe:/o:debian:debian_linux:8.0", "cpe:/o:debian:debian_linux:7.0"], "id": "DEBIAN_DSA-3331.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=85354", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3331. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(85354);\n script_version(\"2.2\");\n script_cvs_date(\"Date: 2018/11/10 11:49:37\");\n\n script_cve_id(\"CVE-2015-3184\", \"CVE-2015-3187\");\n script_xref(name:\"DSA\", value:\"3331\");\n\n script_name(english:\"Debian DSA-3331-1 : subversion - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several security issues have been found in the server components of\nthe version control system subversion.\n\n - CVE-2015-3184\n Subversion's mod_authz_svn does not properly restrict\n anonymous access in some mixed anonymous/authenticated\n environments when using Apache httpd 2.4. The result is\n that anonymous access may be possible to files for which\n only authenticated access should be possible. This issue\n does not affect the oldstable distribution (wheezy)\n because it only contains Apache httpd 2.2.\n\n - CVE-2015-3187\n Subversion servers, both httpd and svnserve, will reveal\n some paths that should be hidden by path-based authz.\n When a node is copied from an unreadable location to a\n readable location the unreadable path may be revealed.\n This vulnerablity only reveals the path, it does not\n reveal the contents of the path.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2015-3184\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2015-3187\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/subversion\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/subversion\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2015/dsa-3331\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the subversion packages.\n\nFor the oldstable distribution (wheezy), this problem has been fixed\nin version 1.6.17dfsg-4+deb7u10.\n\nFor the stable distribution (jessie), these problems have been fixed\nin version 1.8.10-6+deb8u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:subversion\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/08/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/08/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"libapache2-svn\", reference:\"1.6.17dfsg-4+deb7u10\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libsvn-dev\", reference:\"1.6.17dfsg-4+deb7u10\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libsvn-doc\", reference:\"1.6.17dfsg-4+deb7u10\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libsvn-java\", reference:\"1.6.17dfsg-4+deb7u10\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libsvn-perl\", reference:\"1.6.17dfsg-4+deb7u10\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libsvn-ruby\", reference:\"1.6.17dfsg-4+deb7u10\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libsvn-ruby1.8\", reference:\"1.6.17dfsg-4+deb7u10\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libsvn1\", reference:\"1.6.17dfsg-4+deb7u10\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"python-subversion\", reference:\"1.6.17dfsg-4+deb7u10\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"subversion\", reference:\"1.6.17dfsg-4+deb7u10\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"subversion-tools\", reference:\"1.6.17dfsg-4+deb7u10\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libapache2-mod-svn\", reference:\"1.8.10-6+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libapache2-svn\", reference:\"1.8.10-6+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libsvn-dev\", reference:\"1.8.10-6+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libsvn-doc\", reference:\"1.8.10-6+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libsvn-java\", reference:\"1.8.10-6+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libsvn-perl\", reference:\"1.8.10-6+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libsvn-ruby1.8\", reference:\"1.8.10-6+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libsvn1\", reference:\"1.8.10-6+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"python-subversion\", reference:\"1.8.10-6+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ruby-svn\", reference:\"1.8.10-6+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"subversion\", reference:\"1.8.10-6+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"subversion-dbg\", reference:\"1.8.10-6+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"subversion-tools\", reference:\"1.8.10-6+deb8u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-09-01T23:58:03", "references": ["https://bugzilla.opensuse.org/show_bug.cgi?id=939514", "https://bugzilla.opensuse.org/show_bug.cgi?id=939517"], "pluginID": "85524", "description": "subversion was updated to version 1.8.14 to fix two security issues.\n\nThese security issues were fixed :\n\n - CVE-2015-3187: Information leak (only paths) that were hidden by path-based authz (bsc#939517).\n\n - CVE-2015-3184: Information leak in mixed anonymous/authenticated httpd (dav) configurations (bsc#939514).", "edition": 4, "reporter": "Tenable", "published": "2015-08-19T00:00:00", "title": "openSUSE Security Update : subversion (openSUSE-2015-549)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-3187", "CVE-2015-3184"], "modified": "2015-08-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:subversion-python", "p-cpe:/a:novell:opensuse:libsvn_auth_gnome_keyring-1-0", "p-cpe:/a:novell:opensuse:subversion-tools-debuginfo", "p-cpe:/a:novell:opensuse:subversion-debugsource", "p-cpe:/a:novell:opensuse:subversion-tools", "p-cpe:/a:novell:opensuse:subversion-python-ctypes", "p-cpe:/a:novell:opensuse:subversion", "p-cpe:/a:novell:opensuse:subversion-bash-completion", "p-cpe:/a:novell:opensuse:libsvn_auth_kwallet-1-0", "p-cpe:/a:novell:opensuse:subversion-ruby", "p-cpe:/a:novell:opensuse:subversion-devel", "p-cpe:/a:novell:opensuse:subversion-server-debuginfo", "p-cpe:/a:novell:opensuse:subversion-perl", "p-cpe:/a:novell:opensuse:subversion-server", "p-cpe:/a:novell:opensuse:subversion-ruby-debuginfo", "cpe:/o:novell:opensuse:13.2", "p-cpe:/a:novell:opensuse:subversion-python-debuginfo", "p-cpe:/a:novell:opensuse:subversion-perl-debuginfo", "p-cpe:/a:novell:opensuse:libsvn_auth_kwallet-1-0-debuginfo", "p-cpe:/a:novell:opensuse:libsvn_auth_gnome_keyring-1-0-debuginfo", "cpe:/o:novell:opensuse:13.1", "p-cpe:/a:novell:opensuse:subversion-debuginfo"], "id": "OPENSUSE-2015-549.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=85524", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2015-549.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(85524);\n script_version(\"$Revision: 2.1 $\");\n script_cvs_date(\"$Date: 2015/08/19 14:23:09 $\");\n\n script_cve_id(\"CVE-2015-3184\", \"CVE-2015-3187\");\n\n script_name(english:\"openSUSE Security Update : subversion (openSUSE-2015-549)\");\n script_summary(english:\"Check for the openSUSE-2015-549 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"subversion was updated to version 1.8.14 to fix two security issues.\n\nThese security issues were fixed :\n\n - CVE-2015-3187: Information leak (only paths) that were\n hidden by path-based authz (bsc#939517).\n\n - CVE-2015-3184: Information leak in mixed\n anonymous/authenticated httpd (dav) configurations\n (bsc#939514).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=939514\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=939517\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected subversion packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsvn_auth_gnome_keyring-1-0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsvn_auth_gnome_keyring-1-0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsvn_auth_kwallet-1-0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsvn_auth_kwallet-1-0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-bash-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-perl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-python-ctypes\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-python-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-ruby-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-server-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/08/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/08/19\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE13\\.1|SUSE13\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"13.1 / 13.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libsvn_auth_gnome_keyring-1-0-1.8.14-2.39.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libsvn_auth_gnome_keyring-1-0-debuginfo-1.8.14-2.39.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libsvn_auth_kwallet-1-0-1.8.14-2.39.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libsvn_auth_kwallet-1-0-debuginfo-1.8.14-2.39.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"subversion-1.8.14-2.39.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"subversion-bash-completion-1.8.14-2.39.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"subversion-debuginfo-1.8.14-2.39.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"subversion-debugsource-1.8.14-2.39.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"subversion-devel-1.8.14-2.39.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"subversion-perl-1.8.14-2.39.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"subversion-perl-debuginfo-1.8.14-2.39.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"subversion-python-1.8.14-2.39.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"subversion-python-debuginfo-1.8.14-2.39.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"subversion-ruby-1.8.14-2.39.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"subversion-ruby-debuginfo-1.8.14-2.39.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"subversion-server-1.8.14-2.39.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"subversion-server-debuginfo-1.8.14-2.39.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"subversion-tools-1.8.14-2.39.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"subversion-tools-debuginfo-1.8.14-2.39.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libsvn_auth_gnome_keyring-1-0-1.8.14-2.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libsvn_auth_gnome_keyring-1-0-debuginfo-1.8.14-2.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libsvn_auth_kwallet-1-0-1.8.14-2.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libsvn_auth_kwallet-1-0-debuginfo-1.8.14-2.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"subversion-1.8.14-2.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"subversion-bash-completion-1.8.14-2.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"subversion-debuginfo-1.8.14-2.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"subversion-debugsource-1.8.14-2.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"subversion-devel-1.8.14-2.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"subversion-perl-1.8.14-2.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"subversion-perl-debuginfo-1.8.14-2.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"subversion-python-1.8.14-2.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"subversion-python-ctypes-1.8.14-2.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"subversion-python-debuginfo-1.8.14-2.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"subversion-ruby-1.8.14-2.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"subversion-ruby-debuginfo-1.8.14-2.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"subversion-server-1.8.14-2.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"subversion-server-debuginfo-1.8.14-2.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"subversion-tools-1.8.14-2.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"subversion-tools-debuginfo-1.8.14-2.17.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libsvn_auth_gnome_keyring-1-0 / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-09-01T23:41:01", "references": ["http://www.nessus.org/u?2a264ce9", "https://support.apple.com/en-ca/HT206172"], "pluginID": "90148", "description": "The version of Apple Xcode installed on the remote Mac OS X host is prior to 7.3. It is, therefore, affected by multiple vulnerabilities :\n\n - A flaw exists in Apache Subversion in mod_authz_svn due to a failure to properly restrict anonymous access. An unauthenticated, remote attacker can exploit this, via a crafted path name, to read hidden files. (CVE-2015-3184)\n\n - A flaw exists in Apache Subversion in the svn_repos_trace_node_locations() function that causes the first readable path to be returned when it encounters an unreadable path when following a node's history. An authenticated, remote attacker can exploit this to access paths that were intended to be hidden.\n (CVE-2015-3187)\n\n - Multiple unspecified memory corruption issues exist in otool due to improper validation of user-supplied input.\n A local attacker can exploit these to cause a denial of service or to execute arbitrary code. (CVE-2016-1765)", "edition": 6, "reporter": "Tenable", "published": "2016-03-24T00:00:00", "title": "Apple Xcode < 7.3 Multiple Vulnerabilities (Mac OS X)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "MacOS X Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-3187", "CVE-2016-1765", "CVE-2015-3184"], "modified": "2018-07-14T00:00:00", "cpe": ["cpe:/a:apple:xcode"], "id": "MACOSX_XCODE_7_3.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=90148", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(90148);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2018/07/14 1:59:37\");\n\n script_cve_id(\n \"CVE-2015-3184\",\n \"CVE-2015-3187\",\n \"CVE-2016-1765\"\n );\n script_bugtraq_id(\n 76273,\n 76274\n );\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2016-03-21-4\");\n\n script_name(english:\"Apple Xcode < 7.3 Multiple Vulnerabilities (Mac OS X)\");\n script_summary(english:\"Checks the version of Xcode.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application installed on the remote Mac OS X host is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Apple Xcode installed on the remote Mac OS X host is\nprior to 7.3. It is, therefore, affected by multiple vulnerabilities :\n\n - A flaw exists in Apache Subversion in mod_authz_svn due\n to a failure to properly restrict anonymous access. An\n unauthenticated, remote attacker can exploit this, via a\n crafted path name, to read hidden files. (CVE-2015-3184)\n\n - A flaw exists in Apache Subversion in the\n svn_repos_trace_node_locations() function that causes\n the first readable path to be returned when it\n encounters an unreadable path when following a node's\n history. An authenticated, remote attacker can exploit\n this to access paths that were intended to be hidden.\n (CVE-2015-3187)\n\n - Multiple unspecified memory corruption issues exist in\n otool due to improper validation of user-supplied input.\n A local attacker can exploit these to cause a denial of\n service or to execute arbitrary code. (CVE-2016-1765)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-ca/HT206172\");\n # https://lists.apple.com/archives/security-announce/2016/Mar/msg00003.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?2a264ce9\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Apple Xcode version 7.3 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\",value:\"2015/08/05\");\n script_set_attribute(attribute:\"patch_publication_date\",value:\"2016/03/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/24\");\n\n script_set_attribute(attribute:\"plugin_type\",value:\"local\");\n script_set_attribute(attribute:\"cpe\",value:\"cpe:/a:apple:xcode\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2016-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"macosx_xcode_installed.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/MacOSX/Version\", \"installed_sw/Apple Xcode\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"install_func.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nos = get_kb_item_or_exit(\"Host/MacOSX/Version\");\n\n# Patch is only available for OS X 10.11 and later\nif (ereg(pattern:\"Mac OS X 10\\.([0-9]|10)(\\.|$)\", string:os))\n audit(AUDIT_OS_NOT, \"Mac OS X 10.11 or above\");\n\nappname = \"Apple Xcode\";\n\ninstall = get_single_install(app_name:appname, exit_if_unknown_ver:TRUE);\npath = install[\"path\"];\nver = install[\"version\"];\n\nfix = '7.3';\n\nif (ver_compare(ver:ver, fix:fix, strict:FALSE) == -1)\n{\n report_items = make_array(\n \"Path\", path,\n \"Installed version\", ver,\n \"Fixed version\", fix\n );\n order = make_list(\"Path\", \"Installed version\", \"Fixed version\");\n report = report_items_str(report_items:report_items, ordered_fields:order);\n security_report_v4(severity:SECURITY_HOLE, port:0, extra:report);\n}\nelse audit(AUDIT_INST_PATH_NOT_VULN, appname, ver, path);\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-09-01T23:43:20", "references": ["https://bugzilla.opensuse.org/show_bug.cgi?id=958300", "https://bugzilla.opensuse.org/show_bug.cgi?id=939514", "https://bugzilla.opensuse.org/show_bug.cgi?id=939517"], "pluginID": "87624", "description": "This update fixes the following security issues :\n\n - CVE-2015-5343: Possible remotely triggerable heap overflow and out-of-bounds read in mod_dav_svn caused by integer overflow when parsing skel-encoded request bodies. (bsc#958300)\n\n - CVE-2015-3184: mod_authz_svn information leak information in mixed anonymous/authenticated httpd (dav) configurations (bsc#939514)\n\n - CVE-2015-3187: hidden paths leaked by path-based authz (bsc#939517)", "edition": 5, "reporter": "Tenable", "published": "2015-12-29T00:00:00", "title": "openSUSE Security Update : subversion (openSUSE-2015-949)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-3187", "CVE-2015-5343", "CVE-2015-3184"], "modified": "2016-10-13T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:subversion-python", "p-cpe:/a:novell:opensuse:libsvn_auth_gnome_keyring-1-0", "p-cpe:/a:novell:opensuse:subversion-tools-debuginfo", "p-cpe:/a:novell:opensuse:subversion-debugsource", "p-cpe:/a:novell:opensuse:subversion-tools", "cpe:/o:novell:opensuse:42.1", "p-cpe:/a:novell:opensuse:subversion", "p-cpe:/a:novell:opensuse:subversion-bash-completion", "p-cpe:/a:novell:opensuse:libsvn_auth_kwallet-1-0", "p-cpe:/a:novell:opensuse:subversion-ruby", "p-cpe:/a:novell:opensuse:subversion-devel", "p-cpe:/a:novell:opensuse:subversion-server-debuginfo", "p-cpe:/a:novell:opensuse:subversion-perl", "p-cpe:/a:novell:opensuse:subversion-server", "p-cpe:/a:novell:opensuse:subversion-ruby-debuginfo", "p-cpe:/a:novell:opensuse:subversion-python-debuginfo", "p-cpe:/a:novell:opensuse:subversion-perl-debuginfo", "p-cpe:/a:novell:opensuse:libsvn_auth_kwallet-1-0-debuginfo", "p-cpe:/a:novell:opensuse:libsvn_auth_gnome_keyring-1-0-debuginfo", "p-cpe:/a:novell:opensuse:subversion-debuginfo"], "id": "OPENSUSE-2015-949.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=87624", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2015-949.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(87624);\n script_version(\"$Revision: 2.3 $\");\n script_cvs_date(\"$Date: 2016/10/13 14:27:27 $\");\n\n script_cve_id(\"CVE-2015-3184\", \"CVE-2015-3187\", \"CVE-2015-5343\");\n\n script_name(english:\"openSUSE Security Update : subversion (openSUSE-2015-949)\");\n script_summary(english:\"Check for the openSUSE-2015-949 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes the following security issues :\n\n - CVE-2015-5343: Possible remotely triggerable heap\n overflow and out-of-bounds read in mod_dav_svn caused by\n integer overflow when parsing skel-encoded request\n bodies. (bsc#958300)\n\n - CVE-2015-3184: mod_authz_svn information leak\n information in mixed anonymous/authenticated httpd (dav)\n configurations (bsc#939514)\n\n - CVE-2015-3187: hidden paths leaked by path-based authz\n (bsc#939517)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=939514\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=939517\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=958300\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected subversion packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsvn_auth_gnome_keyring-1-0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsvn_auth_gnome_keyring-1-0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsvn_auth_kwallet-1-0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsvn_auth_kwallet-1-0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-bash-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-perl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-python-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-ruby-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-server-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2016 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libsvn_auth_gnome_keyring-1-0-1.8.10-6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libsvn_auth_gnome_keyring-1-0-debuginfo-1.8.10-6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libsvn_auth_kwallet-1-0-1.8.10-6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libsvn_auth_kwallet-1-0-debuginfo-1.8.10-6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"subversion-1.8.10-6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"subversion-bash-completion-1.8.10-6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"subversion-debuginfo-1.8.10-6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"subversion-debugsource-1.8.10-6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"subversion-devel-1.8.10-6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"subversion-perl-1.8.10-6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"subversion-perl-debuginfo-1.8.10-6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"subversion-python-1.8.10-6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"subversion-python-debuginfo-1.8.10-6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"subversion-ruby-1.8.10-6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"subversion-ruby-debuginfo-1.8.10-6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"subversion-server-1.8.10-6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"subversion-server-debuginfo-1.8.10-6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"subversion-tools-1.8.10-6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"subversion-tools-debuginfo-1.8.10-6.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libsvn_auth_gnome_keyring-1-0 / etc\");\n}\n", "cvss": {"score": 8.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:COMPLETE/"}}, {"lastseen": "2018-11-11T13:07:01", "references": ["http://www.nessus.org/u?af0d0b99"], "pluginID": "86510", "description": "Updated subversion packages that fix multiple security issues are now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nSubversion (SVN) is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. The mod_dav_svn module is used with the Apache HTTP Server to allow access to Subversion repositories via HTTP.\n\nAn assertion failure flaw was found in the way the SVN server processed certain requests with dynamically evaluated revision numbers. A remote attacker could use this flaw to cause the SVN server (both svnserve and httpd with the mod_dav_svn module) to crash.\n(CVE-2015-0248)\n\nIt was found that the mod_authz_svn module did not properly restrict anonymous access to Subversion repositories under certain configurations when used with Apache httpd 2.4.x. This could allow a user to anonymously access files in a Subversion repository, which should only be accessible to authenticated users. (CVE-2015-3184)\n\nIt was found that the mod_dav_svn module did not properly validate the svn:author property of certain requests. An attacker able to create new revisions could use this flaw to spoof the svn:author property.\n(CVE-2015-0251)\n\nIt was found that when an SVN server (both svnserve and httpd with the mod_dav_svn module) searched the history of a file or a directory, it would disclose its location in the repository if that file or directory was not readable (for example, if it had been moved).\n(CVE-2015-3187)\n\nRed Hat would like to thank the Apache Software Foundation for reporting these issues. Upstream acknowledges Evgeny Kotkov of VisualSVN as the original reporter of CVE-2015-0248 and CVE-2015-0251, and C. Michael Pilato of CollabNet as the original reporter of CVE-2015-3184 and CVE-2015-3187 flaws.\n\nAll subversion users should upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, for the update to take effect, you must restart the httpd daemon, if you are using mod_dav_svn, and the svnserve daemon, if you are serving Subversion repositories via the svn:// protocol.", "edition": 7, "reporter": "Tenable", "published": "2015-10-22T00:00:00", "title": "CentOS 7 : subversion (CESA-2015:1742)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "CentOS Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-0248", "CVE-2015-3187", "CVE-2015-0251", "CVE-2015-3184"], "modified": "2018-11-10T00:00:00", "cpe": ["p-cpe:/a:centos:centos:subversion-devel", "p-cpe:/a:centos:centos:subversion-python", "cpe:/o:centos:centos:7", "p-cpe:/a:centos:centos:subversion-javahl", "p-cpe:/a:centos:centos:subversion-gnome", "p-cpe:/a:centos:centos:subversion-ruby", "p-cpe:/a:centos:centos:subversion-kde", "p-cpe:/a:centos:centos:mod_dav_svn", "p-cpe:/a:centos:centos:subversion-tools", "p-cpe:/a:centos:centos:subversion-libs", "p-cpe:/a:centos:centos:subversion", "p-cpe:/a:centos:centos:subversion-perl"], "id": "CENTOS_RHSA-2015-1742.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=86510", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2015:1742 and \n# CentOS Errata and Security Advisory 2015:1742 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(86510);\n script_version(\"2.3\");\n script_cvs_date(\"Date: 2018/11/10 11:49:31\");\n\n script_cve_id(\"CVE-2015-0248\", \"CVE-2015-0251\", \"CVE-2015-3184\", \"CVE-2015-3187\");\n script_xref(name:\"RHSA\", value:\"2015:1742\");\n\n script_name(english:\"CentOS 7 : subversion (CESA-2015:1742)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated subversion packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nSubversion (SVN) is a concurrent version control system which enables\none or more users to collaborate in developing and maintaining a\nhierarchy of files and directories while keeping a history of all\nchanges. The mod_dav_svn module is used with the Apache HTTP Server to\nallow access to Subversion repositories via HTTP.\n\nAn assertion failure flaw was found in the way the SVN server\nprocessed certain requests with dynamically evaluated revision\nnumbers. A remote attacker could use this flaw to cause the SVN server\n(both svnserve and httpd with the mod_dav_svn module) to crash.\n(CVE-2015-0248)\n\nIt was found that the mod_authz_svn module did not properly restrict\nanonymous access to Subversion repositories under certain\nconfigurations when used with Apache httpd 2.4.x. This could allow a\nuser to anonymously access files in a Subversion repository, which\nshould only be accessible to authenticated users. (CVE-2015-3184)\n\nIt was found that the mod_dav_svn module did not properly validate the\nsvn:author property of certain requests. An attacker able to create\nnew revisions could use this flaw to spoof the svn:author property.\n(CVE-2015-0251)\n\nIt was found that when an SVN server (both svnserve and httpd with the\nmod_dav_svn module) searched the history of a file or a directory, it\nwould disclose its location in the repository if that file or\ndirectory was not readable (for example, if it had been moved).\n(CVE-2015-3187)\n\nRed Hat would like to thank the Apache Software Foundation for\nreporting these issues. Upstream acknowledges Evgeny Kotkov of\nVisualSVN as the original reporter of CVE-2015-0248 and CVE-2015-0251,\nand C. Michael Pilato of CollabNet as the original reporter of\nCVE-2015-3184 and CVE-2015-3187 flaws.\n\nAll subversion users should upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing\nthe updated packages, for the update to take effect, you must restart\nthe httpd daemon, if you are using mod_dav_svn, and the svnserve\ndaemon, if you are serving Subversion repositories via the svn://\nprotocol.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2015-September/021377.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?af0d0b99\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected subversion packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:mod_dav_svn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:subversion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:subversion-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:subversion-gnome\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:subversion-javahl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:subversion-kde\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:subversion-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:subversion-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:subversion-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:subversion-ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:subversion-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:7\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/09/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/10/22\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/CentOS/release\")) audit(AUDIT_OS_NOT, \"CentOS\");\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"mod_dav_svn-1.7.14-7.el7_1.1\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"subversion-1.7.14-7.el7_1.1\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"subversion-devel-1.7.14-7.el7_1.1\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"subversion-gnome-1.7.14-7.el7_1.1\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"subversion-javahl-1.7.14-7.el7_1.1\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"subversion-kde-1.7.14-7.el7_1.1\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"subversion-libs-1.7.14-7.el7_1.1\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"subversion-perl-1.7.14-7.el7_1.1\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"subversion-python-1.7.14-7.el7_1.1\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"subversion-ruby-1.7.14-7.el7_1.1\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"subversion-tools-1.7.14-7.el7_1.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-11-13T17:06:41", "references": ["https://subversion.apache.org/security/CVE-2015-0248-advisory.txt", "https://access.redhat.com/security/cve/cve-2015-0248", "https://subversion.apache.org/security/CVE-2015-0251-advisory.txt", "https://access.redhat.com/security/cve/cve-2015-3184", "https://access.redhat.com/security/cve/cve-2015-3187", "https://access.redhat.com/security/cve/cve-2015-0251", "https://subversion.apache.org/security/CVE-2015-3184-advisory.txt", "https://access.redhat.com/errata/RHSA-2015:1742", "https://subversion.apache.org/security/CVE-2015-3187-advisory.txt"], "pluginID": "85978", "description": "Updated subversion packages that fix multiple security issues are now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nSubversion (SVN) is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. The mod_dav_svn module is used with the Apache HTTP Server to allow access to Subversion repositories via HTTP.\n\nAn assertion failure flaw was found in the way the SVN server processed certain requests with dynamically evaluated revision numbers. A remote attacker could use this flaw to cause the SVN server (both svnserve and httpd with the mod_dav_svn module) to crash.\n(CVE-2015-0248)\n\nIt was found that the mod_authz_svn module did not properly restrict anonymous access to Subversion repositories under certain configurations when used with Apache httpd 2.4.x. This could allow a user to anonymously access files in a Subversion repository, which should only be accessible to authenticated users. (CVE-2015-3184)\n\nIt was found that the mod_dav_svn module did not properly validate the svn:author property of certain requests. An attacker able to create new revisions could use this flaw to spoof the svn:author property.\n(CVE-2015-0251)\n\nIt was found that when an SVN server (both svnserve and httpd with the mod_dav_svn module) searched the history of a file or a directory, it would disclose its location in the repository if that file or directory was not readable (for example, if it had been moved).\n(CVE-2015-3187)\n\nRed Hat would like to thank the Apache Software Foundation for reporting these issues. Upstream acknowledges Evgeny Kotkov of VisualSVN as the original reporter of CVE-2015-0248 and CVE-2015-0251, and C. Michael Pilato of CollabNet as the original reporter of CVE-2015-3184 and CVE-2015-3187 flaws.\n\nAll subversion users should upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, for the update to take effect, you must restart the httpd daemon, if you are using mod_dav_svn, and the svnserve daemon, if you are serving Subversion repositories via the svn:// protocol.", "edition": 9, "reporter": "Tenable", "published": "2015-09-17T00:00:00", "title": "RHEL 7 : subversion (RHSA-2015:1742)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Red Hat Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-0248", "CVE-2015-3187", "CVE-2015-0251", "CVE-2015-3184"], "modified": "2018-11-10T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:subversion-ruby", "p-cpe:/a:redhat:enterprise_linux:subversion", "p-cpe:/a:redhat:enterprise_linux:subversion-tools", "p-cpe:/a:redhat:enterprise_linux:mod_dav_svn", "p-cpe:/a:redhat:enterprise_linux:subversion-perl", "cpe:/o:redhat:enterprise_linux:7.4", "p-cpe:/a:redhat:enterprise_linux:subversion-gnome", "p-cpe:/a:redhat:enterprise_linux:subversion-javahl", "cpe:/o:redhat:enterprise_linux:7.1", "p-cpe:/a:redhat:enterprise_linux:subversion-python", "p-cpe:/a:redhat:enterprise_linux:subversion-debuginfo", "p-cpe:/a:redhat:enterprise_linux:subversion-devel", "cpe:/o:redhat:enterprise_linux:7.5", "cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:subversion-kde", "cpe:/o:redhat:enterprise_linux:7.3", "cpe:/o:redhat:enterprise_linux:7.2", "cpe:/o:redhat:enterprise_linux:7.6", "p-cpe:/a:redhat:enterprise_linux:subversion-libs"], "id": "REDHAT-RHSA-2015-1742.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=85978", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2015:1742. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(85978);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2018/11/10 11:49:54\");\n\n script_cve_id(\"CVE-2015-0248\", \"CVE-2015-0251\", \"CVE-2015-3184\", \"CVE-2015-3187\");\n script_xref(name:\"RHSA\", value:\"2015:1742\");\n\n script_name(english:\"RHEL 7 : subversion (RHSA-2015:1742)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated subversion packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nSubversion (SVN) is a concurrent version control system which enables\none or more users to collaborate in developing and maintaining a\nhierarchy of files and directories while keeping a history of all\nchanges. The mod_dav_svn module is used with the Apache HTTP Server to\nallow access to Subversion repositories via HTTP.\n\nAn assertion failure flaw was found in the way the SVN server\nprocessed certain requests with dynamically evaluated revision\nnumbers. A remote attacker could use this flaw to cause the SVN server\n(both svnserve and httpd with the mod_dav_svn module) to crash.\n(CVE-2015-0248)\n\nIt was found that the mod_authz_svn module did not properly restrict\nanonymous access to Subversion repositories under certain\nconfigurations when used with Apache httpd 2.4.x. This could allow a\nuser to anonymously access files in a Subversion repository, which\nshould only be accessible to authenticated users. (CVE-2015-3184)\n\nIt was found that the mod_dav_svn module did not properly validate the\nsvn:author property of certain requests. An attacker able to create\nnew revisions could use this flaw to spoof the svn:author property.\n(CVE-2015-0251)\n\nIt was found that when an SVN server (both svnserve and httpd with the\nmod_dav_svn module) searched the history of a file or a directory, it\nwould disclose its location in the repository if that file or\ndirectory was not readable (for example, if it had been moved).\n(CVE-2015-3187)\n\nRed Hat would like to thank the Apache Software Foundation for\nreporting these issues. Upstream acknowledges Evgeny Kotkov of\nVisualSVN as the original reporter of CVE-2015-0248 and CVE-2015-0251,\nand C. Michael Pilato of CollabNet as the original reporter of\nCVE-2015-3184 and CVE-2015-3187 flaws.\n\nAll subversion users should upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing\nthe updated packages, for the update to take effect, you must restart\nthe httpd daemon, if you are using mod_dav_svn, and the svnserve\ndaemon, if you are serving Subversion repositories via the svn://\nprotocol.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://subversion.apache.org/security/CVE-2015-0248-advisory.txt\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://subversion.apache.org/security/CVE-2015-3184-advisory.txt\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://subversion.apache.org/security/CVE-2015-0251-advisory.txt\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://subversion.apache.org/security/CVE-2015-3187-advisory.txt\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2015:1742\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-3187\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-0248\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-0251\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-3184\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mod_dav_svn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:subversion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:subversion-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:subversion-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:subversion-gnome\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:subversion-javahl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:subversion-kde\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:subversion-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:subversion-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:subversion-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:subversion-ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:subversion-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.6\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/09/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/09/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2015:1742\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"mod_dav_svn-1.7.14-7.el7_1.1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"mod_dav_svn-1.7.14-7.el7_1.1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"subversion-1.7.14-7.el7_1.1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"subversion-debuginfo-1.7.14-7.el7_1.1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"subversion-devel-1.7.14-7.el7_1.1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"subversion-gnome-1.7.14-7.el7_1.1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"subversion-javahl-1.7.14-7.el7_1.1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"subversion-kde-1.7.14-7.el7_1.1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"subversion-libs-1.7.14-7.el7_1.1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"subversion-perl-1.7.14-7.el7_1.1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"subversion-python-1.7.14-7.el7_1.1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"subversion-python-1.7.14-7.el7_1.1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"subversion-ruby-1.7.14-7.el7_1.1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"subversion-tools-1.7.14-7.el7_1.1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"subversion-tools-1.7.14-7.el7_1.1\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mod_dav_svn / subversion / subversion-debuginfo / subversion-devel / etc\");\n }\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:56:20", "references": ["https://oss.oracle.com/pipermail/el-errata/2015-September/005391.html"], "pluginID": "85865", "description": "From Red Hat Security Advisory 2015:1742 :\n\nUpdated subversion packages that fix multiple security issues are now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nSubversion (SVN) is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. The mod_dav_svn module is used with the Apache HTTP Server to allow access to Subversion repositories via HTTP.\n\nAn assertion failure flaw was found in the way the SVN server processed certain requests with dynamically evaluated revision numbers. A remote attacker could use this flaw to cause the SVN server (both svnserve and httpd with the mod_dav_svn module) to crash.\n(CVE-2015-0248)\n\nIt was found that the mod_authz_svn module did not properly restrict anonymous access to Subversion repositories under certain configurations when used with Apache httpd 2.4.x. This could allow a user to anonymously access files in a Subversion repository, which should only be accessible to authenticated users. (CVE-2015-3184)\n\nIt was found that the mod_dav_svn module did not properly validate the svn:author property of certain requests. An attacker able to create new revisions could use this flaw to spoof the svn:author property.\n(CVE-2015-0251)\n\nIt was found that when an SVN server (both svnserve and httpd with the mod_dav_svn module) searched the history of a file or a directory, it would disclose its location in the repository if that file or directory was not readable (for example, if it had been moved).\n(CVE-2015-3187)\n\nRed Hat would like to thank the Apache Software Foundation for reporting these issues. Upstream acknowledges Evgeny Kotkov of VisualSVN as the original reporter of CVE-2015-0248 and CVE-2015-0251, and C. Michael Pilato of CollabNet as the original reporter of CVE-2015-3184 and CVE-2015-3187 flaws.\n\nAll subversion users should upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, for the update to take effect, you must restart the httpd daemon, if you are using mod_dav_svn, and the svnserve daemon, if you are serving Subversion repositories via the svn:// protocol.", "edition": 5, "reporter": "Tenable", "published": "2015-09-09T00:00:00", "title": "Oracle Linux 7 : subversion (ELSA-2015-1742)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Oracle Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-0248", "CVE-2015-3187", "CVE-2015-0251", "CVE-2015-3184"], "modified": "2018-07-18T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:subversion-kde", "p-cpe:/a:oracle:linux:subversion-libs", "p-cpe:/a:oracle:linux:subversion-javahl", "p-cpe:/a:oracle:linux:subversion-ruby", "p-cpe:/a:oracle:linux:subversion-python", "p-cpe:/a:oracle:linux:subversion-perl", "p-cpe:/a:oracle:linux:subversion-tools", "p-cpe:/a:oracle:linux:subversion", "p-cpe:/a:oracle:linux:mod_dav_svn", "cpe:/o:oracle:linux:7", "p-cpe:/a:oracle:linux:subversion-devel", "p-cpe:/a:oracle:linux:subversion-gnome"], "id": "ORACLELINUX_ELSA-2015-1742.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=85865", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2015:1742 and \n# Oracle Linux Security Advisory ELSA-2015-1742 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(85865);\n script_version(\"2.5\");\n script_cvs_date(\"Date: 2018/07/18 17:43:58\");\n\n script_cve_id(\"CVE-2015-0248\", \"CVE-2015-0251\", \"CVE-2015-3184\", \"CVE-2015-3187\");\n script_xref(name:\"RHSA\", value:\"2015:1742\");\n\n script_name(english:\"Oracle Linux 7 : subversion (ELSA-2015-1742)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2015:1742 :\n\nUpdated subversion packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nSubversion (SVN) is a concurrent version control system which enables\none or more users to collaborate in developing and maintaining a\nhierarchy of files and directories while keeping a history of all\nchanges. The mod_dav_svn module is used with the Apache HTTP Server to\nallow access to Subversion repositories via HTTP.\n\nAn assertion failure flaw was found in the way the SVN server\nprocessed certain requests with dynamically evaluated revision\nnumbers. A remote attacker could use this flaw to cause the SVN server\n(both svnserve and httpd with the mod_dav_svn module) to crash.\n(CVE-2015-0248)\n\nIt was found that the mod_authz_svn module did not properly restrict\nanonymous access to Subversion repositories under certain\nconfigurations when used with Apache httpd 2.4.x. This could allow a\nuser to anonymously access files in a Subversion repository, which\nshould only be accessible to authenticated users. (CVE-2015-3184)\n\nIt was found that the mod_dav_svn module did not properly validate the\nsvn:author property of certain requests. An attacker able to create\nnew revisions could use this flaw to spoof the svn:author property.\n(CVE-2015-0251)\n\nIt was found that when an SVN server (both svnserve and httpd with the\nmod_dav_svn module) searched the history of a file or a directory, it\nwould disclose its location in the repository if that file or\ndirectory was not readable (for example, if it had been moved).\n(CVE-2015-3187)\n\nRed Hat would like to thank the Apache Software Foundation for\nreporting these issues. Upstream acknowledges Evgeny Kotkov of\nVisualSVN as the original reporter of CVE-2015-0248 and CVE-2015-0251,\nand C. Michael Pilato of CollabNet as the original reporter of\nCVE-2015-3184 and CVE-2015-3187 flaws.\n\nAll subversion users should upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing\nthe updated packages, for the update to take effect, you must restart\nthe httpd daemon, if you are using mod_dav_svn, and the svnserve\ndaemon, if you are serving Subversion repositories via the svn://\nprotocol.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2015-September/005391.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected subversion packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mod_dav_svn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:subversion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:subversion-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:subversion-gnome\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:subversion-javahl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:subversion-kde\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:subversion-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:subversion-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:subversion-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:subversion-ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:subversion-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/09/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/09/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 7\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"mod_dav_svn-1.7.14-7.el7_1.1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"subversion-1.7.14-7.el7_1.1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"subversion-devel-1.7.14-7.el7_1.1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"subversion-gnome-1.7.14-7.el7_1.1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"subversion-javahl-1.7.14-7.el7_1.1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"subversion-kde-1.7.14-7.el7_1.1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"subversion-libs-1.7.14-7.el7_1.1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"subversion-perl-1.7.14-7.el7_1.1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"subversion-python-1.7.14-7.el7_1.1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"subversion-ruby-1.7.14-7.el7_1.1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"subversion-tools-1.7.14-7.el7_1.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mod_dav_svn / subversion / subversion-devel / subversion-gnome / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:52:32", "references": ["http://www.nessus.org/u?3be87462"], "pluginID": "85867", "description": "An assertion failure flaw was found in the way the SVN server processed certain requests with dynamically evaluated revision numbers. A remote attacker could use this flaw to cause the SVN server (both svnserve and httpd with the mod_dav_svn module) to crash.\n(CVE-2015-0248)\n\nIt was found that the mod_authz_svn module did not properly restrict anonymous access to Subversion repositories under certain configurations when used with Apache httpd 2.4.x. This could allow a user to anonymously access files in a Subversion repository, which should only be accessible to authenticated users. (CVE-2015-3184)\n\nIt was found that the mod_dav_svn module did not properly validate the svn:author property of certain requests. An attacker able to create new revisions could use this flaw to spoof the svn:author property.\n(CVE-2015-0251)\n\nIt was found that when an SVN server (both svnserve and httpd with the mod_dav_svn module) searched the history of a file or a directory, it would disclose its location in the repository if that file or directory was not readable (for example, if it had been moved).\n(CVE-2015-3187)\n\nAfter installing the updated packages, for the update to take effect, you must restart the httpd daemon, if you are using mod_dav_svn, and the svnserve daemon, if you are serving Subversion repositories via the svn:// protocol.", "edition": 4, "reporter": "Tenable", "published": "2015-09-09T00:00:00", "title": "Scientific Linux Security Update : subversion on SL7.x x86_64", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Scientific Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-0248", "CVE-2015-3187", "CVE-2015-0251", "CVE-2015-3184"], "modified": "2015-09-09T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20150908_SUBVERSION_ON_SL7_X.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=85867", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(85867);\n script_version(\"$Revision: 2.1 $\");\n script_cvs_date(\"$Date: 2015/09/09 14:39:26 $\");\n\n script_cve_id(\"CVE-2015-0248\", \"CVE-2015-0251\", \"CVE-2015-3184\", \"CVE-2015-3187\");\n\n script_name(english:\"Scientific Linux Security Update : subversion on SL7.x x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An assertion failure flaw was found in the way the SVN server\nprocessed certain requests with dynamically evaluated revision\nnumbers. A remote attacker could use this flaw to cause the SVN server\n(both svnserve and httpd with the mod_dav_svn module) to crash.\n(CVE-2015-0248)\n\nIt was found that the mod_authz_svn module did not properly restrict\nanonymous access to Subversion repositories under certain\nconfigurations when used with Apache httpd 2.4.x. This could allow a\nuser to anonymously access files in a Subversion repository, which\nshould only be accessible to authenticated users. (CVE-2015-3184)\n\nIt was found that the mod_dav_svn module did not properly validate the\nsvn:author property of certain requests. An attacker able to create\nnew revisions could use this flaw to spoof the svn:author property.\n(CVE-2015-0251)\n\nIt was found that when an SVN server (both svnserve and httpd with the\nmod_dav_svn module) searched the history of a file or a directory, it\nwould disclose its location in the repository if that file or\ndirectory was not readable (for example, if it had been moved).\n(CVE-2015-3187)\n\nAfter installing the updated packages, for the update to take effect,\nyou must restart the httpd daemon, if you are using mod_dav_svn, and\nthe svnserve daemon, if you are serving Subversion repositories via\nthe svn:// protocol.\"\n );\n # http://listserv.fnal.gov/scripts/wa.exe?A2=ind1509&L=scientific-linux-errata&F=&S=&P=10618\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3be87462\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/09/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/09/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015 Tenable Network Security, Inc.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"mod_dav_svn-1.7.14-7.el7_1.1\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"subversion-1.7.14-7.el7_1.1\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"subversion-debuginfo-1.7.14-7.el7_1.1\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"subversion-devel-1.7.14-7.el7_1.1\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"subversion-gnome-1.7.14-7.el7_1.1\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"subversion-javahl-1.7.14-7.el7_1.1\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"subversion-kde-1.7.14-7.el7_1.1\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"subversion-libs-1.7.14-7.el7_1.1\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"subversion-perl-1.7.14-7.el7_1.1\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"subversion-python-1.7.14-7.el7_1.1\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"subversion-ruby-1.7.14-7.el7_1.1\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"subversion-tools-1.7.14-7.el7_1.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:47:59", "references": ["https://alas.aws.amazon.com/ALAS-2016-676.html"], "pluginID": "90269", "description": "It was found that when an SVN server (both svnserve and httpd with the mod_dav_svn module) searched the history of a file or a directory, it would disclose its location in the repository if that file or directory was not readable (for example, if it had been moved).\n(CVE-2015-3187)\n\nAn integer overflow was discovered allowing remote attackers to execute arbitrary code via an svn:// protocol string, which triggers a heap-based buffer overflow and an out-of-bounds read. (CVE-2015-5259)\n\nIt was found that the mod_authz_svn module did not properly restrict anonymous access to Subversion repositories under certain configurations when used with Apache httpd 2.4.x. This could allow a user to anonymously access files in a Subversion repository, which should only be accessible to authenticated users. (CVE-2015-3184)\n\nIt was found that the mod_dav_svn module was vulnerable to a remotely triggerable heap-based buffer overflow and out-of-bounds read caused by an integer overflow when parsing skel-encoded request bodies, allowing an attacker with write access to a repository to cause a denial of service attack (on 32-bit or 64-bit servers) or possibly execute arbitrary code (on 32-bit servers only) under the context of the httpd process. (CVE-2015-5343)", "edition": 6, "reporter": "Tenable", "published": "2016-04-01T00:00:00", "title": "Amazon Linux AMI : mod_dav_svn / subversion (ALAS-2016-676)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Amazon Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-5259", "CVE-2015-3187", "CVE-2015-5343", "CVE-2015-3184"], "modified": "2018-04-18T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:mod_dav_svn", "p-cpe:/a:amazon:linux:subversion-debuginfo", "p-cpe:/a:amazon:linux:mod_dav_svn-debuginfo", "p-cpe:/a:amazon:linux:subversion-devel", "p-cpe:/a:amazon:linux:subversion-libs", "p-cpe:/a:amazon:linux:subversion-python26", "p-cpe:/a:amazon:linux:subversion-perl", "p-cpe:/a:amazon:linux:subversion-ruby", "p-cpe:/a:amazon:linux:subversion", "p-cpe:/a:amazon:linux:subversion-javahl", "p-cpe:/a:amazon:linux:mod24_dav_svn", "cpe:/o:amazon:linux", "p-cpe:/a:amazon:linux:subversion-python27", "p-cpe:/a:amazon:linux:subversion-tools"], "id": "ALA_ALAS-2016-676.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=90269", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2016-676.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(90269);\n script_version(\"2.4\");\n script_cvs_date(\"Date: 2018/04/18 15:09:35\");\n\n script_cve_id(\"CVE-2015-3184\", \"CVE-2015-3187\", \"CVE-2015-5259\", \"CVE-2015-5343\");\n script_xref(name:\"ALAS\", value:\"2016-676\");\n\n script_name(english:\"Amazon Linux AMI : mod_dav_svn / subversion (ALAS-2016-676)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was found that when an SVN server (both svnserve and httpd with the\nmod_dav_svn module) searched the history of a file or a directory, it\nwould disclose its location in the repository if that file or\ndirectory was not readable (for example, if it had been moved).\n(CVE-2015-3187)\n\nAn integer overflow was discovered allowing remote attackers to\nexecute arbitrary code via an svn:// protocol string, which triggers a\nheap-based buffer overflow and an out-of-bounds read. (CVE-2015-5259)\n\nIt was found that the mod_authz_svn module did not properly restrict\nanonymous access to Subversion repositories under certain\nconfigurations when used with Apache httpd 2.4.x. This could allow a\nuser to anonymously access files in a Subversion repository, which\nshould only be accessible to authenticated users. (CVE-2015-3184)\n\nIt was found that the mod_dav_svn module was vulnerable to a remotely\ntriggerable heap-based buffer overflow and out-of-bounds read caused\nby an integer overflow when parsing skel-encoded request bodies,\nallowing an attacker with write access to a repository to cause a\ndenial of service attack (on 32-bit or 64-bit servers) or possibly\nexecute arbitrary code (on 32-bit servers only) under the context of\nthe httpd process. (CVE-2015-5343)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2016-676.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Run 'yum update mod_dav_svn' to update your system.\n\nRun 'yum update subversion' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:mod24_dav_svn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:mod_dav_svn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:mod_dav_svn-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:subversion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:subversion-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:subversion-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:subversion-javahl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:subversion-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:subversion-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:subversion-python26\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:subversion-python27\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:subversion-ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:subversion-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/03/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/04/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"mod24_dav_svn-1.8.15-1.54.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"mod_dav_svn-1.8.15-1.52.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"mod_dav_svn-debuginfo-1.8.15-1.52.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"subversion-1.8.15-1.54.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"subversion-debuginfo-1.8.15-1.54.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"subversion-devel-1.8.15-1.54.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"subversion-javahl-1.8.15-1.54.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"subversion-libs-1.8.15-1.54.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"subversion-perl-1.8.15-1.54.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"subversion-python26-1.8.15-1.54.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"subversion-python27-1.8.15-1.54.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"subversion-ruby-1.8.15-1.54.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"subversion-tools-1.8.15-1.54.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mod24_dav_svn / mod_dav_svn / mod_dav_svn-debuginfo / subversion / etc\");\n}\n", "cvss": {"score": 9.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:COMPLETE/"}}], "freebsd": [{"lastseen": "2018-08-31T01:14:36", "references": ["http://subversion.apache.org/security/CVE-2015-3187-advisory.txt", "http://subversion.apache.org/security/CVE-2015-3184-advisory.txt"], "affectedPackage": [{"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "1.8.0", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "subversion", "operator": "eq"}, {"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "1.8.14", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "subversion", "operator": "lt"}], "description": "\nSubversion reports:\n\nCVE-2015-3184:\n\t Subversion's mod_authz_svn does not properly restrict anonymous access\n\t in some mixed anonymous/authenticated environments when\n\t using Apache httpd 2.4.\nCVE-2015-3187:\n\t Subversion servers, both httpd and svnserve, will reveal some\n\t paths that should be hidden by path-based authz.\n\n", "edition": 3, "reporter": "FreeBSD", "published": "2015-07-27T00:00:00", "title": "subversion -- multiple vulnerabilities", "type": "freebsd", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2015-3187", "CVE-2015-3184"], "modified": "2015-07-27T00:00:00", "id": "57BB5E3D-3C4F-11E5-A4D4-001E8C75030D", "href": "https://vuxml.freebsd.org/freebsd/57bb5e3d-3c4f-11e5-a4d4-001e8c75030d.html", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "f5": [{"lastseen": "2017-06-08T00:16:29", "references": [], "edition": 1, "description": "\nF5 Product Development has assigned ID 552888 to this vulnerability, and has evaluated the currently supported releases for potential vulnerability.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct | Versions known to be vulnerable | Versions known to be not vulnerable | Severity | Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM | \nNone \n| 12.0.0 \n11.0.0 - 11.6.0 \n10.1.0 - 10.2.4 \n| Not vulnerable \n| \n \nNone \n \nBIG-IP AAM | None | 12.0.0 \n11.4.0 - 11.6.0 \n| Not vulnerable \n| None \n \nBIG-IP AFM | None | 12.0.0 \n11.3.0 - 11.6.0 \n| Not vulnerable \n| None \n \nBIG-IP Analytics | None | 12.0.0 \n11.0.0 - 11.6.0 \n| Not vulnerable \n| None \n \nBIG-IP APM | None | 12.0.0 \n11.0.0 - 11.6.0 \n10.1.0 - 10.2.4 \n| Not vulnerable \n| None \n \nBIG-IP ASM | None | 12.0.0 \n11.0.0 - 11.6.0 \n10.1.0 - 10.2.4 \n| Not vulnerable \n| None \n \nBIG-IP DNS \n| None | 12.0.0 \n| Not vulnerable \n| None \n \nBIG-IP Edge Gateway \n| None | 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4 \n| Not vulnerable \n| None \n \nBIG-IP GTM | None | 11.0.0 - 11.6.0 \n10.1.0 - 10.2.4 \n| Not vulnerable \n| None \n \nBIG-IP Link Controller | None | 12.0.0 \n11.0.0 - 11.6.0 \n10.1.0 - 10.2.4 \n| Not vulnerable \n| None \n \nBIG-IP PEM | None | 12.0.0 \n11.3.0 - 11.6.0 \n| Not vulnerable \n| None \n \nBIG-IP PSM | None | 11.0.0 - 11.4.1 \n10.1.0 - 10.2.4 \n| Not vulnerable \n| None \n \nBIG-IP WebAccelerator | None | 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4 \n| Not vulnerable \n| None \n \nBIG-IP WOM | None | 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4 \n| Not vulnerable \n| None \n \nARX | None | 6.0.0 - 6.4.0 \n| Not vulnerable \n| None \n \nEnterprise Manager | None | 3.0.0 - 3.1.1 \n| Not vulnerable \n| None \n \nFirePass | None | 7.0.0 \n6.0.0 - 6.1.0 \n| Not vulnerable \n| None \n \nBIG-IQ Cloud | None | 4.0.0 - 4.5.0 \n| Not vulnerable \n| None \n \nBIG-IQ Device | None | 4.2.0 - 4.5.0 \n| Not vulnerable \n| None \n \nBIG-IQ Security | None | 4.0.0 - 4.5.0 \n| Not vulnerable \n| None \n \nBIG-IQ ADC | None | 4.5.0 \n| Not vulnerable \n| None \n \nLineRate | None | 2.5.0 - 2.6.1 \n| Not vulnerable \n| None \n \nF5 WebSafe | None | 1.0.0 \n| Not vulnerable \n| None \n \nTraffix SDC | None | 4.0.0 - 4.4.0 \n3.3.2 - 3.5.1 \n| Not vulnerable \n| None \n\n\nNone\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n", "reporter": "f5", "published": "2015-10-17T01:23:00", "title": "Subversion vulnerabilities CVE-2015-0248, CVE-2015-0251, and CVE-2015-3187", "type": "f5", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "affectedSoftware": [], "bulletinFamily": "software", "cvelist": ["CVE-2015-0248", "CVE-2015-3187", "CVE-2015-0251"], "modified": "2016-01-09T02:32:00", "id": "F5:K17453", "href": "https://support.f5.com/csp/article/K17453", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2016-09-26T17:22:58", "references": ["https://support.f5.com/kb/en-us/solutions/public/9000/900/sol9970.html", "https://support.f5.com/kb/en-us/solutions/public/4000/900/sol4918.html", "https://support.f5.com/kb/en-us/solutions/public/4000/600/sol4602.html", "https://support.f5.com/kb/en-us/solutions/public/9000/900/sol9957.html"], "edition": 1, "description": "Recommended Action\n\nNone\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4602: Overview of the F5 security vulnerability response policy\n * SOL4918: Overview of the F5 critical issue hotfix policy\n", "reporter": "f5", "published": "2015-10-16T00:00:00", "title": "SOL17453 - Subversion vulnerabilities CVE-2015-0248, CVE-2015-0251, and CVE-2015-3187", "type": "f5", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2015-0248", "CVE-2015-3187", "CVE-2015-0251"], "modified": "2015-10-16T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/17000/400/sol17453.html", "id": "SOL17453", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "centos": [{"lastseen": "2017-10-03T18:26:17", "references": ["https://rhn.redhat.com/errata/RHSA-2015-1742.html"], "affectedPackage": [{"OS": "CentOS", "OSVersion": "7", "packageVersion": "1.7.14-7.el7_1.1", "packageFilename": "subversion-perl-1.7.14-7.el7_1.1.x86_64.rpm", "packageName": "subversion-perl", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "1.7.14-7.el7_1.1", "packageFilename": "subversion-gnome-1.7.14-7.el7_1.1.x86_64.rpm", "packageName": "subversion-gnome", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "1.7.14-7.el7_1.1", "packageFilename": "subversion-javahl-1.7.14-7.el7_1.1.i686.rpm", "packageName": "subversion-javahl", "arch": "i686", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "1.7.14-7.el7_1.1", "packageFilename": "subversion-1.7.14-7.el7_1.1.i686.rpm", "packageName": "subversion", "arch": "i686", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "1.7.14-7.el7_1.1", "packageFilename": "subversion-ruby-1.7.14-7.el7_1.1.i686.rpm", "packageName": "subversion-ruby", "arch": "i686", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "1.7.14-7.el7_1.1", "packageFilename": "subversion-python-1.7.14-7.el7_1.1.x86_64.rpm", "packageName": "subversion-python", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "1.7.14-7.el7_1.1", "packageFilename": "subversion-kde-1.7.14-7.el7_1.1.i686.rpm", "packageName": "subversion-kde", "arch": "i686", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "1.7.14-7.el7_1.1", "packageFilename": "subversion-gnome-1.7.14-7.el7_1.1.i686.rpm", "packageName": "subversion-gnome", "arch": "i686", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "1.7.14-7.el7_1.1", "packageFilename": "subversion-devel-1.7.14-7.el7_1.1.i686.rpm", "packageName": "subversion-devel", "arch": "i686", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "1.7.14-7.el7_1.1", "packageFilename": "subversion-devel-1.7.14-7.el7_1.1.x86_64.rpm", "packageName": "subversion-devel", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "1.7.14-7.el7_1.1", "packageFilename": "subversion-1.7.14-7.el7_1.1.x86_64.rpm", "packageName": "subversion", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "1.7.14-7.el7_1.1", "packageFilename": "mod_dav_svn-1.7.14-7.el7_1.1.x86_64.rpm", "packageName": "mod_dav_svn", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "1.7.14-7.el7_1.1", "packageFilename": "subversion-libs-1.7.14-7.el7_1.1.i686.rpm", "packageName": "subversion-libs", "arch": "i686", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "1.7.14-7.el7_1.1", "packageFilename": "subversion-1.7.14-7.el7_1.1.src.rpm", "packageName": "subversion", "arch": "any", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "1.7.14-7.el7_1.1", "packageFilename": "subversion-javahl-1.7.14-7.el7_1.1.x86_64.rpm", "packageName": "subversion-javahl", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "1.7.14-7.el7_1.1", "packageFilename": "subversion-libs-1.7.14-7.el7_1.1.x86_64.rpm", "packageName": "subversion-libs", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "1.7.14-7.el7_1.1", "packageFilename": "subversion-tools-1.7.14-7.el7_1.1.x86_64.rpm", "packageName": "subversion-tools", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "1.7.14-7.el7_1.1", "packageFilename": "subversion-kde-1.7.14-7.el7_1.1.x86_64.rpm", "packageName": "subversion-kde", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "1.7.14-7.el7_1.1", "packageFilename": "subversion-perl-1.7.14-7.el7_1.1.i686.rpm", "packageName": "subversion-perl", "arch": "i686", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "1.7.14-7.el7_1.1", "packageFilename": "subversion-ruby-1.7.14-7.el7_1.1.x86_64.rpm", "packageName": "subversion-ruby", "arch": "x86_64", "operator": "lt"}], "description": "**CentOS Errata and Security Advisory** CESA-2015:1742\n\n\nSubversion (SVN) is a concurrent version control system which enables one\nor more users to collaborate in developing and maintaining a hierarchy of\nfiles and directories while keeping a history of all changes. The\nmod_dav_svn module is used with the Apache HTTP Server to allow access\nto Subversion repositories via HTTP.\n\nAn assertion failure flaw was found in the way the SVN server processed\ncertain requests with dynamically evaluated revision numbers. A remote\nattacker could use this flaw to cause the SVN server (both svnserve and\nhttpd with the mod_dav_svn module) to crash. (CVE-2015-0248)\n\nIt was found that the mod_authz_svn module did not properly restrict\nanonymous access to Subversion repositories under certain configurations\nwhen used with Apache httpd 2.4.x. This could allow a user to anonymously\naccess files in a Subversion repository, which should only be accessible to\nauthenticated users. (CVE-2015-3184)\n\nIt was found that the mod_dav_svn module did not properly validate the\nsvn:author property of certain requests. An attacker able to create new\nrevisions could use this flaw to spoof the svn:author property.\n(CVE-2015-0251)\n\nIt was found that when an SVN server (both svnserve and httpd with the\nmod_dav_svn module) searched the history of a file or a directory, it would\ndisclose its location in the repository if that file or directory was not\nreadable (for example, if it had been moved). (CVE-2015-3187)\n\nRed Hat would like to thank the Apache Software Foundation for reporting\nthese issues. Upstream acknowledges Evgeny Kotkov of VisualSVN as the\noriginal reporter of CVE-2015-0248 and CVE-2015-0251, and C. Michael\nPilato of CollabNet as the original reporter of CVE-2015-3184 and\nCVE-2015-3187 flaws.\n\nAll subversion users should upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing the\nupdated packages, for the update to take effect, you must restart the httpd\ndaemon, if you are using mod_dav_svn, and the svnserve daemon, if you are\nserving Subversion repositories via the svn:// protocol.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2015-September/021377.html\n\n**Affected packages:**\nmod_dav_svn\nsubversion\nsubversion-devel\nsubversion-gnome\nsubversion-javahl\nsubversion-kde\nsubversion-libs\nsubversion-perl\nsubversion-python\nsubversion-ruby\nsubversion-tools\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2015-1742.html", "edition": 1, "reporter": "CentOS Project", "published": "2015-09-08T21:07:49", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "title": "mod_dav_svn, subversion security update", "type": "centos", "bulletinFamily": "unix", "cvelist": ["CVE-2015-0248", "CVE-2015-3187", "CVE-2015-0251", "CVE-2015-3184"], "modified": "2015-09-08T21:07:49", "href": "http://lists.centos.org/pipermail/centos-announce/2015-September/021377.html", "id": "CESA-2015:1742", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-10-03T18:25:25", "references": ["https://rhn.redhat.com/errata/RHSA-2015-1633.html"], "affectedPackage": [{"OS": "CentOS", "OSVersion": "6", "packageVersion": "1.6.11-15.el6_7", "packageFilename": "subversion-1.6.11-15.el6_7.x86_64.rpm", "packageName": "subversion", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "1.6.11-15.el6_7", "packageFilename": "subversion-perl-1.6.11-15.el6_7.i686.rpm", "packageName": "subversion-perl", "arch": "i686", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "1.6.11-15.el6_7", "packageFilename": "subversion-perl-1.6.11-15.el6_7.i686.rpm", "packageName": "subversion-perl", "arch": "i686", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "1.6.11-15.el6_7", "packageFilename": "subversion-javahl-1.6.11-15.el6_7.i686.rpm", "packageName": "subversion-javahl", "arch": "i686", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "1.6.11-15.el6_7", "packageFilename": "subversion-javahl-1.6.11-15.el6_7.i686.rpm", "packageName": "subversion-javahl", "arch": "i686", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "1.6.11-15.el6_7", "packageFilename": "subversion-javahl-1.6.11-15.el6_7.x86_64.rpm", "packageName": "subversion-javahl", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "1.6.11-15.el6_7", "packageFilename": "subversion-kde-1.6.11-15.el6_7.i686.rpm", "packageName": "subversion-kde", "arch": "i686", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "1.6.11-15.el6_7", "packageFilename": "subversion-kde-1.6.11-15.el6_7.i686.rpm", "packageName": "subversion-kde", "arch": "i686", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "1.6.11-15.el6_7", "packageFilename": "subversion-gnome-1.6.11-15.el6_7.i686.rpm", "packageName": "subversion-gnome", "arch": "i686", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "1.6.11-15.el6_7", "packageFilename": "subversion-gnome-1.6.11-15.el6_7.i686.rpm", "packageName": "subversion-gnome", "arch": "i686", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "1.6.11-15.el6_7", "packageFilename": "mod_dav_svn-1.6.11-15.el6_7.i686.rpm", "packageName": "mod_dav_svn", "arch": "i686", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "1.6.11-15.el6_7", "packageFilename": "subversion-devel-1.6.11-15.el6_7.i686.rpm", "packageName": "subversion-devel", "arch": "i686", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "1.6.11-15.el6_7", "packageFilename": "subversion-devel-1.6.11-15.el6_7.i686.rpm", "packageName": "subversion-devel", "arch": "i686", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "1.6.11-15.el6_7", "packageFilename": "subversion-svn2cl-1.6.11-15.el6_7.noarch.rpm", "packageName": "subversion-svn2cl", "arch": "noarch", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "1.6.11-15.el6_7", "packageFilename": "subversion-svn2cl-1.6.11-15.el6_7.noarch.rpm", "packageName": "subversion-svn2cl", "arch": "noarch", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "1.6.11-15.el6_7", "packageFilename": "subversion-1.6.11-15.el6_7.i686.rpm", "packageName": "subversion", "arch": "i686", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "1.6.11-15.el6_7", "packageFilename": "subversion-1.6.11-15.el6_7.i686.rpm", "packageName": "subversion", "arch": "i686", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "1.6.11-15.el6_7", "packageFilename": "subversion-devel-1.6.11-15.el6_7.x86_64.rpm", "packageName": "subversion-devel", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "1.6.11-15.el6_7", "packageFilename": "mod_dav_svn-1.6.11-15.el6_7.x86_64.rpm", "packageName": "mod_dav_svn", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "1.6.11-15.el6_7", "packageFilename": "subversion-ruby-1.6.11-15.el6_7.x86_64.rpm", "packageName": "subversion-ruby", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "1.6.11-15.el6_7", "packageFilename": "subversion-perl-1.6.11-15.el6_7.x86_64.rpm", "packageName": "subversion-perl", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "1.6.11-15.el6_7", "packageFilename": "subversion-gnome-1.6.11-15.el6_7.x86_64.rpm", "packageName": "subversion-gnome", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "1.6.11-15.el6_7", "packageFilename": "subversion-kde-1.6.11-15.el6_7.x86_64.rpm", "packageName": "subversion-kde", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "1.6.11-15.el6_7", "packageFilename": "subversion-1.6.11-15.el6_7.src.rpm", "packageName": "subversion", "arch": "any", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "1.6.11-15.el6_7", "packageFilename": "subversion-ruby-1.6.11-15.el6_7.i686.rpm", "packageName": "subversion-ruby", "arch": "i686", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "1.6.11-15.el6_7", "packageFilename": "subversion-ruby-1.6.11-15.el6_7.i686.rpm", "packageName": "subversion-ruby", "arch": "i686", "operator": "lt"}], "description": "**CentOS Errata and Security Advisory** CESA-2015:1633\n\n\nSubversion (SVN) is a concurrent version control system which enables one\nor more users to collaborate in developing and maintaining a hierarchy of\nfiles and directories while keeping a history of all changes.\nThe mod_dav_svn module is used with the Apache HTTP Server to allow access\nto Subversion repositories via HTTP.\n\nAn assertion failure flaw was found in the way the SVN server processed\ncertain requests with dynamically evaluated revision numbers. A remote\nattacker could use this flaw to cause the SVN server (both svnserve and\nhttpd with the mod_dav_svn module) to crash. (CVE-2015-0248)\n\nIt was found that the mod_dav_svn module did not properly validate the\nsvn:author property of certain requests. An attacker able to create new\nrevisions could use this flaw to spoof the svn:author property.\n(CVE-2015-0251)\n\nIt was found that when an SVN server (both svnserve and httpd with the\nmod_dav_svn module) searched the history of a file or a directory, it would\ndisclose its location in the repository if that file or directory was not\nreadable (for example, if it had been moved). (CVE-2015-3187)\n\nRed Hat would like to thank the Apache Software Foundation for reporting\nthese issues. Upstream acknowledges Evgeny Kotkov of VisualSVN as the\noriginal reporter of CVE-2015-0248 and CVE-2015-0251, and C. Michael Pilato\nof CollabNet as the original reporter of CVE-2015-3187.\n\nAll subversion users should upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing the\nupdated packages, for the update to take effect, you must restart the httpd\ndaemon, if you are using mod_dav_svn, and the svnserve daemon, if you are\nserving Subversion repositories via the svn:// protocol.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2015-August/021333.html\n\n**Affected packages:**\nmod_dav_svn\nsubversion\nsubversion-devel\nsubversion-gnome\nsubversion-javahl\nsubversion-kde\nsubversion-perl\nsubversion-ruby\nsubversion-svn2cl\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2015-1633.html", "edition": 1, "reporter": "CentOS Project", "published": "2015-08-17T15:33:54", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "title": "mod_dav_svn, subversion security update", "type": "centos", "bulletinFamily": "unix", "cvelist": ["CVE-2015-0248", "CVE-2015-3187", "CVE-2015-0251"], "modified": "2015-08-17T15:33:54", "href": "http://lists.centos.org/pipermail/centos-announce/2015-August/021333.html", "id": "CESA-2015:1633", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "oraclelinux": [{"lastseen": "2018-08-31T01:49:25", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "1.7.14-7.el7_1.1", "arch": "i686", "packageFilename": "subversion-javahl-1.7.14-7.el7_1.1.i686.rpm", "packageName": "subversion-javahl", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "1.7.14-7.el7_1.1", "arch": "x86_64", "packageFilename": "subversion-python-1.7.14-7.el7_1.1.x86_64.rpm", "packageName": "subversion-python", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "1.7.14-7.el7_1.1", "arch": "i686", "packageFilename": "subversion-perl-1.7.14-7.el7_1.1.i686.rpm", "packageName": "subversion-perl", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "1.7.14-7.el7_1.1", "arch": "x86_64", "packageFilename": "mod_dav_svn-1.7.14-7.el7_1.1.x86_64.rpm", "packageName": "mod_dav_svn", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "1.7.14-7.el7_1.1", "arch": "i686", "packageFilename": "subversion-1.7.14-7.el7_1.1.i686.rpm", "packageName": "subversion", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "1.7.14-7.el7_1.1", "arch": "x86_64", "packageFilename": "subversion-perl-1.7.14-7.el7_1.1.x86_64.rpm", "packageName": "subversion-perl", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "1.7.14-7.el7_1.1", "arch": "x86_64", "packageFilename": "subversion-libs-1.7.14-7.el7_1.1.x86_64.rpm", "packageName": "subversion-libs", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "1.7.14-7.el7_1.1", "arch": "i686", "packageFilename": "subversion-kde-1.7.14-7.el7_1.1.i686.rpm", "packageName": "subversion-kde", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "1.7.14-7.el7_1.1", "arch": "x86_64", "packageFilename": "subversion-devel-1.7.14-7.el7_1.1.x86_64.rpm", "packageName": "subversion-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "1.7.14-7.el7_1.1", "arch": "i686", "packageFilename": "subversion-libs-1.7.14-7.el7_1.1.i686.rpm", "packageName": "subversion-libs", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "1.7.14-7.el7_1.1", "arch": "x86_64", "packageFilename": "subversion-tools-1.7.14-7.el7_1.1.x86_64.rpm", "packageName": "subversion-tools", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "1.7.14-7.el7_1.1", "arch": "src", "packageFilename": "subversion-1.7.14-7.el7_1.1.src.rpm", "packageName": "subversion", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "1.7.14-7.el7_1.1", "arch": "x86_64", "packageFilename": "subversion-1.7.14-7.el7_1.1.x86_64.rpm", "packageName": "subversion", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "1.7.14-7.el7_1.1", "arch": "x86_64", "packageFilename": "subversion-javahl-1.7.14-7.el7_1.1.x86_64.rpm", "packageName": "subversion-javahl", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "1.7.14-7.el7_1.1", "arch": "i686", "packageFilename": "subversion-gnome-1.7.14-7.el7_1.1.i686.rpm", "packageName": "subversion-gnome", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "1.7.14-7.el7_1.1", "arch": "x86_64", "packageFilename": "subversion-kde-1.7.14-7.el7_1.1.x86_64.rpm", "packageName": "subversion-kde", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "1.7.14-7.el7_1.1", "arch": "i686", "packageFilename": "subversion-devel-1.7.14-7.el7_1.1.i686.rpm", "packageName": "subversion-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "1.7.14-7.el7_1.1", "arch": "x86_64", "packageFilename": "subversion-gnome-1.7.14-7.el7_1.1.x86_64.rpm", "packageName": "subversion-gnome", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "1.7.14-7.el7_1.1", "arch": "x86_64", "packageFilename": "subversion-ruby-1.7.14-7.el7_1.1.x86_64.rpm", "packageName": "subversion-ruby", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "1.7.14-7.el7_1.1", "arch": "i686", "packageFilename": "subversion-ruby-1.7.14-7.el7_1.1.i686.rpm", "packageName": "subversion-ruby", "operator": "lt"}], "description": "[1.7.14-7.1]\n- add security fixes for CVE-2015-0248, CVE-2015-0251, CVE-2015-3184,\n CVE-2015-3187", "edition": 3, "reporter": "Oracle", "published": "2015-09-08T00:00:00", "title": "subversion security update", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2015-0248", "CVE-2015-3187", "CVE-2015-0251", "CVE-2015-3184"], "modified": "2015-09-08T00:00:00", "id": "ELSA-2015-1742", "href": "http://linux.oracle.com/errata/ELSA-2015-1742.html", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-08-31T01:42:42", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.6.11-15.el6_7", "arch": "i686", "packageFilename": "subversion-javahl-1.6.11-15.el6_7.i686.rpm", "packageName": "subversion-javahl", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.6.11-15.el6_7", "arch": "i686", "packageFilename": "subversion-javahl-1.6.11-15.el6_7.i686.rpm", "packageName": "subversion-javahl", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.6.11-15.el6_7", "arch": "i686", "packageFilename": "subversion-devel-1.6.11-15.el6_7.i686.rpm", "packageName": "subversion-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.6.11-15.el6_7", "arch": "i686", "packageFilename": "subversion-devel-1.6.11-15.el6_7.i686.rpm", "packageName": "subversion-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.6.11-15.el6_7", "arch": "noarch", "packageFilename": "subversion-svn2cl-1.6.11-15.el6_7.noarch.rpm", "packageName": "subversion-svn2cl", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.6.11-15.el6_7", "arch": "noarch", "packageFilename": "subversion-svn2cl-1.6.11-15.el6_7.noarch.rpm", "packageName": "subversion-svn2cl", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.6.11-15.el6_7", "arch": "x86_64", "packageFilename": "subversion-1.6.11-15.el6_7.x86_64.rpm", "packageName": "subversion", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.6.11-15.el6_7", "arch": "x86_64", "packageFilename": "subversion-perl-1.6.11-15.el6_7.x86_64.rpm", "packageName": "subversion-perl", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.6.11-15.el6_7", "arch": "x86_64", "packageFilename": "subversion-devel-1.6.11-15.el6_7.x86_64.rpm", "packageName": "subversion-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.6.11-15.el6_7", "arch": "x86_64", "packageFilename": "subversion-kde-1.6.11-15.el6_7.x86_64.rpm", "packageName": "subversion-kde", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.6.11-15.el6_7", "arch": "i686", "packageFilename": "subversion-1.6.11-15.el6_7.i686.rpm", "packageName": "subversion", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.6.11-15.el6_7", "arch": "i686", "packageFilename": "subversion-1.6.11-15.el6_7.i686.rpm", "packageName": "subversion", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.6.11-15.el6_7", "arch": "i686", "packageFilename": "mod_dav_svn-1.6.11-15.el6_7.i686.rpm", "packageName": "mod_dav_svn", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.6.11-15.el6_7", "arch": "x86_64", "packageFilename": "subversion-javahl-1.6.11-15.el6_7.x86_64.rpm", "packageName": "subversion-javahl", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.6.11-15.el6_7", "arch": "i686", "packageFilename": "subversion-perl-1.6.11-15.el6_7.i686.rpm", "packageName": "subversion-perl", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.6.11-15.el6_7", "arch": "i686", "packageFilename": "subversion-perl-1.6.11-15.el6_7.i686.rpm", "packageName": "subversion-perl", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.6.11-15.el6_7", "arch": "x86_64", "packageFilename": "subversion-gnome-1.6.11-15.el6_7.x86_64.rpm", "packageName": "subversion-gnome", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.6.11-15.el6_7", "arch": "i686", "packageFilename": "subversion-kde-1.6.11-15.el6_7.i686.rpm", "packageName": "subversion-kde", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.6.11-15.el6_7", "arch": "i686", "packageFilename": "subversion-kde-1.6.11-15.el6_7.i686.rpm", "packageName": "subversion-kde", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.6.11-15.el6_7", "arch": "x86_64", "packageFilename": "subversion-ruby-1.6.11-15.el6_7.x86_64.rpm", "packageName": "subversion-ruby", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.6.11-15.el6_7", "arch": "src", "packageFilename": "subversion-1.6.11-15.el6_7.src.rpm", "packageName": "subversion", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.6.11-15.el6_7", "arch": "src", "packageFilename": "subversion-1.6.11-15.el6_7.src.rpm", "packageName": "subversion", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.6.11-15.el6_7", "arch": "i686", "packageFilename": "subversion-gnome-1.6.11-15.el6_7.i686.rpm", "packageName": "subversion-gnome", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.6.11-15.el6_7", "arch": "i686", "packageFilename": "subversion-gnome-1.6.11-15.el6_7.i686.rpm", "packageName": "subversion-gnome", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.6.11-15.el6_7", "arch": "i686", "packageFilename": "subversion-ruby-1.6.11-15.el6_7.i686.rpm", "packageName": "subversion-ruby", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.6.11-15.el6_7", "arch": "i686", "packageFilename": "subversion-ruby-1.6.11-15.el6_7.i686.rpm", "packageName": "subversion-ruby", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.6.11-15.el6_7", "arch": "x86_64", "packageFilename": "mod_dav_svn-1.6.11-15.el6_7.x86_64.rpm", "packageName": "mod_dav_svn", "operator": "lt"}], "description": "[1.6.11-15]\n- add security fixes for CVE-2015-0248, CVE-2015-0251, CVE-2015-3187", "edition": 3, "reporter": "Oracle", "published": "2015-08-17T00:00:00", "title": "subversion security update", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2015-0248", "CVE-2015-3187", "CVE-2015-0251"], "modified": "2015-08-17T00:00:00", "id": "ELSA-2015-1633", "href": "http://linux.oracle.com/errata/ELSA-2015-1633.html", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "amazon": [{"lastseen": "2018-10-02T16:55:16", "references": [], "affectedPackage": [{"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "1.8.15-1.54.amzn1", "arch": "i686", "packageFilename": "subversion-1.8.15-1.54.amzn1.i686.rpm", "packageName": "subversion", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "1.8.15-1.54.amzn1", "arch": "x86_64", "packageFilename": "mod24_dav_svn-1.8.15-1.54.amzn1.x86_64.rpm", "packageName": "mod24_dav_svn", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "1.8.15-1.54.amzn1", "arch": "i686", "packageFilename": "subversion-tools-1.8.15-1.54.amzn1.i686.rpm", "packageName": "subversion-tools", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "1.8.15-1.54.amzn1", "arch": "i686", "packageFilename": "subversion-python26-1.8.15-1.54.amzn1.i686.rpm", "packageName": "subversion-python26", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "1.8.15-1.54.amzn1", "arch": "x86_64", "packageFilename": "subversion-devel-1.8.15-1.54.amzn1.x86_64.rpm", "packageName": "subversion-devel", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "1.8.15-1.54.amzn1", "arch": "x86_64", "packageFilename": "subversion-javahl-1.8.15-1.54.amzn1.x86_64.rpm", "packageName": "subversion-javahl", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "1.8.15-1.52.amzn1", "arch": "x86_64", "packageFilename": "mod_dav_svn-1.8.15-1.52.amzn1.x86_64.rpm", "packageName": "mod_dav_svn", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "1.8.15-1.52.amzn1", "arch": "i686", "packageFilename": "mod_dav_svn-debuginfo-1.8.15-1.52.amzn1.i686.rpm", "packageName": "mod_dav_svn-debuginfo", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "1.8.15-1.52.amzn1", "arch": "i686", "packageFilename": "mod_dav_svn-1.8.15-1.52.amzn1.i686.rpm", "packageName": "mod_dav_svn", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "1.8.15-1.54.amzn1", "arch": "x86_64", "packageFilename": "subversion-python26-1.8.15-1.54.amzn1.x86_64.rpm", "packageName": "subversion-python26", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "1.8.15-1.54.amzn1", "arch": "x86_64", "packageFilename": "subversion-libs-1.8.15-1.54.amzn1.x86_64.rpm", "packageName": "subversion-libs", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "1.8.15-1.54.amzn1", "arch": "x86_64", "packageFilename": "subversion-python27-1.8.15-1.54.amzn1.x86_64.rpm", "packageName": "subversion-python27", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "1.8.15-1.54.amzn1", "arch": "src", "packageFilename": "subversion-1.8.15-1.54.amzn1.src.rpm", "packageName": "subversion", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "1.8.15-1.54.amzn1", "arch": "i686", "packageFilename": "subversion-python27-1.8.15-1.54.amzn1.i686.rpm", "packageName": "subversion-python27", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "1.8.15-1.54.amzn1", "arch": "i686", "packageFilename": "subversion-javahl-1.8.15-1.54.amzn1.i686.rpm", "packageName": "subversion-javahl", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "1.8.15-1.54.amzn1", "arch": "i686", "packageFilename": "subversion-perl-1.8.15-1.54.amzn1.i686.rpm", "packageName": "subversion-perl", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "1.8.15-1.54.amzn1", "arch": "i686", "packageFilename": "subversion-devel-1.8.15-1.54.amzn1.i686.rpm", "packageName": "subversion-devel", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "1.8.15-1.54.amzn1", "arch": "i686", "packageFilename": "subversion-debuginfo-1.8.15-1.54.amzn1.i686.rpm", "packageName": "subversion-debuginfo", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "1.8.15-1.54.amzn1", "arch": "x86_64", "packageFilename": "subversion-1.8.15-1.54.amzn1.x86_64.rpm", "packageName": "subversion", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "1.8.15-1.54.amzn1", "arch": "x86_64", "packageFilename": "subversion-perl-1.8.15-1.54.amzn1.x86_64.rpm", "packageName": "subversion-perl", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "1.8.15-1.54.amzn1", "arch": "i686", "packageFilename": "mod24_dav_svn-1.8.15-1.54.amzn1.i686.rpm", "packageName": "mod24_dav_svn", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "1.8.15-1.54.amzn1", "arch": "x86_64", "packageFilename": "subversion-debuginfo-1.8.15-1.54.amzn1.x86_64.rpm", "packageName": "subversion-debuginfo", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "1.8.15-1.54.amzn1", "arch": "i686", "packageFilename": "subversion-libs-1.8.15-1.54.amzn1.i686.rpm", "packageName": "subversion-libs", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "1.8.15-1.52.amzn1", "arch": "x86_64", "packageFilename": "mod_dav_svn-debuginfo-1.8.15-1.52.amzn1.x86_64.rpm", "packageName": "mod_dav_svn-debuginfo", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "1.8.15-1.54.amzn1", "arch": "x86_64", "packageFilename": "subversion-tools-1.8.15-1.54.amzn1.x86_64.rpm", "packageName": "subversion-tools", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "1.8.15-1.54.amzn1", "arch": "x86_64", "packageFilename": "subversion-ruby-1.8.15-1.54.amzn1.x86_64.rpm", "packageName": "subversion-ruby", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "1.8.15-1.52.amzn1", "arch": "src", "packageFilename": "mod_dav_svn-1.8.15-1.52.amzn1.src.rpm", "packageName": "mod_dav_svn", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "1.8.15-1.54.amzn1", "arch": "i686", "packageFilename": "subversion-ruby-1.8.15-1.54.amzn1.i686.rpm", "packageName": "subversion-ruby", "operator": "lt"}], "description": "**Issue Overview:**\n\nIt was found that when an SVN server (both svnserve and httpd with the mod_dav_svn module) searched the history of a file or a directory, it would disclose its location in the repository if that file or directory was not readable (for example, if it had been moved). ([CVE-2015-3187 __](<https://access.redhat.com/security/cve/CVE-2015-3187>))\n\nAn integer overflow was discovered allowing remote attackers to execute arbitrary code via an svn:// protocol string, which triggers a heap-based buffer overflow and an out-of-bounds read. ([CVE-2015-5259 __](<https://access.redhat.com/security/cve/CVE-2015-5259>))\n\nIt was found that the mod_authz_svn module did not properly restrict anonymous access to Subversion repositories under certain configurations when used with Apache httpd 2.4.x. This could allow a user to anonymously access files in a Subversion repository, which should only be accessible to authenticated users. ([CVE-2015-3184 __](<https://access.redhat.com/security/cve/CVE-2015-3184>))\n\nIt was found that the mod_dav_svn module was vulnerable to a remotely triggerable heap-based buffer overflow and out-of-bounds read caused by an integer overflow when parsing skel-encoded request bodies, allowing an attacker with write access to a repository to cause a denial of service attack (on 32-bit or 64-bit servers) or possibly execute arbitrary code (on 32-bit servers only) under the context of the httpd process. ([CVE-2015-5343 __](<https://access.redhat.com/security/cve/CVE-2015-5343>))\n\n \n**Affected Packages:** \n\n\nmod_dav_svn,subversion\n\n \n**Issue Correction:** \nRun _yum update mod_dav_svn_ to update your system. \nRun _yum update subversion_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n i686: \n mod_dav_svn-1.8.15-1.52.amzn1.i686 \n mod_dav_svn-debuginfo-1.8.15-1.52.amzn1.i686 \n mod24_dav_svn-1.8.15-1.54.amzn1.i686 \n subversion-tools-1.8.15-1.54.amzn1.i686 \n subversion-1.8.15-1.54.amzn1.i686 \n subversion-python27-1.8.15-1.54.amzn1.i686 \n subversion-javahl-1.8.15-1.54.amzn1.i686 \n subversion-ruby-1.8.15-1.54.amzn1.i686 \n subversion-perl-1.8.15-1.54.amzn1.i686 \n subversion-debuginfo-1.8.15-1.54.amzn1.i686 \n subversion-devel-1.8.15-1.54.amzn1.i686 \n subversion-libs-1.8.15-1.54.amzn1.i686 \n subversion-python26-1.8.15-1.54.amzn1.i686 \n \n src: \n mod_dav_svn-1.8.15-1.52.amzn1.src \n subversion-1.8.15-1.54.amzn1.src \n \n x86_64: \n mod_dav_svn-1.8.15-1.52.amzn1.x86_64 \n mod_dav_svn-debuginfo-1.8.15-1.52.amzn1.x86_64 \n subversion-debuginfo-1.8.15-1.54.amzn1.x86_64 \n subversion-devel-1.8.15-1.54.amzn1.x86_64 \n subversion-libs-1.8.15-1.54.amzn1.x86_64 \n subversion-javahl-1.8.15-1.54.amzn1.x86_64 \n subversion-tools-1.8.15-1.54.amzn1.x86_64 \n mod24_dav_svn-1.8.15-1.54.amzn1.x86_64 \n subversion-python26-1.8.15-1.54.amzn1.x86_64 \n subversion-python27-1.8.15-1.54.amzn1.x86_64 \n subversion-ruby-1.8.15-1.54.amzn1.x86_64 \n subversion-1.8.15-1.54.amzn1.x86_64 \n subversion-perl-1.8.15-1.54.amzn1.x86_64 \n \n \n", "edition": 1, "reporter": "Amazon", "published": "2016-03-29T15:30:00", "title": "Important: mod_dav_svn,subversion", "type": "amazon", "enchantments": {"score": {"modified": "2018-10-02T16:55:16", "vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2015-5259", "CVE-2015-3187", "CVE-2015-5343", "CVE-2015-3184"], "modified": "2016-03-29T15:30:00", "id": "ALAS-2016-676", "href": "https://alas.aws.amazon.com/ALAS-2016-676.html", "cvss": {"score": 9.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:COMPLETE/"}}], "redhat": [{"lastseen": "2018-12-11T17:41:09", "_object_types": ["robots.models.redhat.RedHatBulletin", "robots.models.base.Bulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "7", "packageVersion": "1.7.14-7.el7_1.1", "arch": "x86_64", "packageName": "subversion-debuginfo", "packageFilename": "subversion-debuginfo-1.7.14-7.el7_1.1.x86_64.rpm", "operator": "lt"}], "description": "Subversion (SVN) is a concurrent version control system which enables one\nor more users to collaborate in developing and maintaining a hierarchy of\nfiles and directories while keeping a history of all changes. The\nmod_dav_svn module is used with the Apache HTTP Server to allow access\nto Subversion repositories via HTTP.\n\nAn assertion failure flaw was found in the way the SVN server processed\ncertain requests with dynamically evaluated revision numbers. A remote\nattacker could use this flaw to cause the SVN server (both svnserve and\nhttpd with the mod_dav_svn module) to crash. (CVE-2015-0248)\n\nIt was found that the mod_authz_svn module did not properly restrict\nanonymous access to Subversion repositories under certain configurations\nwhen used with Apache httpd 2.4.x. This could allow a user to anonymously\naccess files in a Subversion repository, which should only be accessible to\nauthenticated users. (CVE-2015-3184)\n\nIt was found that the mod_dav_svn module did not properly validate the\nsvn:author property of certain requests. An attacker able to create new\nrevisions could use this flaw to spoof the svn:author property.\n(CVE-2015-0251)\n\nIt was found that when an SVN server (both svnserve and httpd with the\nmod_dav_svn module) searched the history of a file or a directory, it would\ndisclose its location in the repository if that file or directory was not\nreadable (for example, if it had been moved). (CVE-2015-3187)\n\nRed Hat would like to thank the Apache Software Foundation for reporting\nthese issues. Upstream acknowledges Evgeny Kotkov of VisualSVN as the\noriginal reporter of CVE-2015-0248 and CVE-2015-0251, and C. Michael\nPilato of CollabNet as the original reporter of CVE-2015-3184 and\nCVE-2015-3187 flaws.\n\nAll subversion users should upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing the\nupdated packages, for the update to take effect, you must restart the httpd\ndaemon, if you are using mod_dav_svn, and the svnserve daemon, if you are\nserving Subversion repositories via the svn:// protocol.\n", "reporter": "RedHat", "published": "2015-09-08T04:00:00", "type": "redhat", "title": "(RHSA-2015:1742) Moderate: subversion security update", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2015-0248", "CVE-2015-0251", "CVE-2015-3184", "CVE-2015-3187"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2018-04-12T03:33:29", "id": "RHSA-2015:1742", "href": "https://access.redhat.com/errata/RHSA-2015:1742", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-12-11T19:43:15", "_object_types": ["robots.models.base.Bulletin", "robots.models.redhat.RedHatBulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.6.11-15.el6_7", "arch": "x86_64", "packageName": "subversion-debuginfo", "packageFilename": "subversion-debuginfo-1.6.11-15.el6_7.x86_64.rpm", "operator": "lt"}], "description": "Subversion (SVN) is a concurrent version control system which enables one\nor more users to collaborate in developing and maintaining a hierarchy of\nfiles and directories while keeping a history of all changes.\nThe mod_dav_svn module is used with the Apache HTTP Server to allow access\nto Subversion repositories via HTTP.\n\nAn assertion failure flaw was found in the way the SVN server processed\ncertain requests with dynamically evaluated revision numbers. A remote\nattacker could use this flaw to cause the SVN server (both svnserve and\nhttpd with the mod_dav_svn module) to crash. (CVE-2015-0248)\n\nIt was found that the mod_dav_svn module did not properly validate the\nsvn:author property of certain requests. An attacker able to create new\nrevisions could use this flaw to spoof the svn:author property.\n(CVE-2015-0251)\n\nIt was found that when an SVN server (both svnserve and httpd with the\nmod_dav_svn module) searched the history of a file or a directory, it would\ndisclose its location in the repository if that file or directory was not\nreadable (for example, if it had been moved). (CVE-2015-3187)\n\nRed Hat would like to thank the Apache Software Foundation for reporting\nthese issues. Upstream acknowledges Evgeny Kotkov of VisualSVN as the\noriginal reporter of CVE-2015-0248 and CVE-2015-0251, and C. Michael Pilato\nof CollabNet as the original reporter of CVE-2015-3187.\n\nAll subversion users should upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing the\nupdated packages, for the update to take effect, you must restart the httpd\ndaemon, if you are using mod_dav_svn, and the svnserve daemon, if you are\nserving Subversion repositories via the svn:// protocol.\n", "reporter": "RedHat", "published": "2015-08-17T04:00:00", "type": "redhat", "title": "(RHSA-2015:1633) Moderate: subversion security update", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2015-0248", "CVE-2015-0251", "CVE-2015-3187"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2018-06-06T20:24:36", "id": "RHSA-2015:1633", "href": "https://access.redhat.com/errata/RHSA-2015:1633", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "ubuntu": [{"lastseen": "2018-08-31T00:08:54", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2014-8108", "https://people.canonical.com/~ubuntu-security/cve/CVE-2015-3184", "https://people.canonical.com/~ubuntu-security/cve/CVE-2015-3187", "https://people.canonical.com/~ubuntu-security/cve/CVE-2015-0202", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-3580", "https://people.canonical.com/~ubuntu-security/cve/CVE-2015-0251", "https://people.canonical.com/~ubuntu-security/cve/CVE-2015-0248"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "15.04", "packageVersion": "1.8.10-5ubuntu1.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libapache2-svn", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "12.04", "packageVersion": "1.6.17dfsg-3ubuntu3.5", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libsvn1", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "12.04", "packageVersion": "1.6.17dfsg-3ubuntu3.5", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libapache2-svn", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "1.8.8-1ubuntu3.2", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libapache2-svn", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "1.8.8-1ubuntu3.2", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libsvn1", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "15.04", "packageVersion": "1.8.10-5ubuntu1.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libsvn1", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "15.04", "packageVersion": "1.8.10-5ubuntu1.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "subversion", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "12.04", "packageVersion": "1.6.17dfsg-3ubuntu3.5", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "subversion", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "1.8.8-1ubuntu3.2", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "subversion", "operator": "lt"}], "description": "It was discovered that the Subversion mod_dav_svn module incorrectly handled REPORT requests for a resource that does not exist. A remote attacker could use this issue to cause the server to crash, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2014-3580)\n\nIt was discovered that the Subversion mod_dav_svn module incorrectly handled requests requiring a lookup for a virtual transaction name that does not exist. A remote attacker could use this issue to cause the server to crash, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS. (CVE-2014-8108)\n\nEvgeny Kotkov discovered that the Subversion mod_dav_svn module incorrectly handled large numbers of REPORT requests. A remote attacker could use this issue to cause the server to crash, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 15.04. (CVE-2015-0202)\n\nEvgeny Kotkov discovered that the Subversion mod_dav_svn and svnserve modules incorrectly certain crafted parameter combinations. A remote attacker could use this issue to cause the server to crash, resulting in a denial of service. (CVE-2015-0248)\n\nIvan Zhakov discovered that the Subversion mod_dav_svn module incorrectly handled crafted v1 HTTP protocol request sequences. A remote attacker could use this issue to spoof the svn:author property. (CVE-2015-0251)\n\nC. Michael Pilato discovered that the Subversion mod_dav_svn module incorrectly restricted anonymous access. A remote attacker could use this issue to read hidden files via the path name. This issue only affected Ubuntu 14.04 LTS and Ubuntu 15.04. (CVE-2015-3184)\n\nC. Michael Pilato discovered that Subversion incorrectly handled path-based authorization. A remote attacker could use this issue to obtain sensitive path information. (CVE-2015-3187)", "edition": 3, "reporter": "Ubuntu", "published": "2015-08-20T00:00:00", "title": "Subversion vulnerabilities", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2015-0248", "CVE-2015-3187", "CVE-2015-0251", "CVE-2015-0202", "CVE-2015-3184", "CVE-2014-3580", "CVE-2014-8108"], "modified": "2015-08-20T00:00:00", "id": "USN-2721-1", "href": "https://usn.ubuntu.com/2721-1/", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "suse": [{"lastseen": "2017-08-17T17:07:39", "references": ["https://bugzilla.suse.com/1026936", "https://bugzilla.suse.com/909935", "https://bugzilla.suse.com/969159", "https://bugzilla.suse.com/923794", "https://bugzilla.suse.com/939517", "https://bugzilla.suse.com/976850", "https://bugzilla.suse.com/911620", "https://bugzilla.suse.com/958300", "https://bugzilla.suse.com/1051362", "https://bugzilla.suse.com/977424", "https://bugzilla.suse.com/1011552", "https://bugzilla.suse.com/976849", "https://bugzilla.suse.com/942819", "https://bugzilla.suse.com/897033", "https://bugzilla.suse.com/923793", "https://bugzilla.suse.com/923795", "https://bugzilla.suse.com/916286", "https://bugzilla.suse.com/983938", "https://bugzilla.suse.com/939514"], "affectedPackage": [{"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.2", "packageVersion": "1.8.19-25.3.1", "arch": "ppc64le", "packageName": "subversion-server", "packageFilename": "subversion-server-1.8.19-25.3.1.ppc64le.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.3", "packageVersion": "1.8.19-25.3.1", "arch": "ppc64le", "packageName": "subversion-debuginfo", "packageFilename": "subversion-debuginfo-1.8.19-25.3.1.ppc64le.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.2", "packageVersion": "1.8.19-25.3.1", "arch": "noarch", "packageName": "subversion-bash-completion", "packageFilename": "subversion-bash-completion-1.8.19-25.3.1.noarch.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.3", "packageVersion": "1.8.19-25.3.1", "arch": "s390x", "packageName": "libsvn_auth_gnome_keyring-1-0-debuginfo", "packageFilename": "libsvn_auth_gnome_keyring-1-0-debuginfo-1.8.19-25.3.1.s390x.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.2", "packageVersion": "1.8.19-25.3.1", "arch": "s390x", "packageName": "subversion-tools-debuginfo", "packageFilename": "subversion-tools-debuginfo-1.8.19-25.3.1.s390x.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.2", "packageVersion": "1.8.19-25.3.1", "arch": "x86_64", "packageName": "subversion-debuginfo", "packageFilename": "subversion-debuginfo-1.8.19-25.3.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.2", "packageVersion": "1.8.19-25.3.1", "arch": "x86_64", "packageName": "subversion-server", "packageFilename": "subversion-server-1.8.19-25.3.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.3", "packageVersion": "1.8.19-25.3.1", "arch": "ppc64le", "packageName": "subversion", "packageFilename": "subversion-1.8.19-25.3.1.ppc64le.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.2", "packageVersion": "1.8.19-25.3.1", "arch": "ppc64le", "packageName": "subversion-devel", "packageFilename": "subversion-devel-1.8.19-25.3.1.ppc64le.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.2", "packageVersion": "1.8.19-25.3.1", "arch": "x86_64", "packageName": "subversion-tools", "packageFilename": "subversion-tools-1.8.19-25.3.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.3", "packageVersion": "1.8.19-25.3.1", "arch": "x86_64", "packageName": "subversion-tools", "packageFilename": "subversion-tools-1.8.19-25.3.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.3", "packageVersion": "1.8.19-25.3.1", "arch": "s390x", "packageName": "subversion-server", "packageFilename": "subversion-server-1.8.19-25.3.1.s390x.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.3", "packageVersion": "1.8.19-25.3.1", "arch": "aarch64", "packageName": "subversion-python", "packageFilename": "subversion-python-1.8.19-25.3.1.aarch64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.3", "packageVersion": "1.8.19-25.3.1", "arch": "ppc64le", "packageName": "subversion-debugsource", "packageFilename": "subversion-debugsource-1.8.19-25.3.1.ppc64le.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.3", "packageVersion": "1.8.19-25.3.1", "arch": "x86_64", "packageName": "libsvn_auth_gnome_keyring-1-0", "packageFilename": "libsvn_auth_gnome_keyring-1-0-1.8.19-25.3.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.3", "packageVersion": "1.8.19-25.3.1", "arch": "s390x", "packageName": "subversion", "packageFilename": "subversion-1.8.19-25.3.1.s390x.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.3", "packageVersion": "1.8.19-25.3.1", "arch": "aarch64", "packageName": "subversion", "packageFilename": "subversion-1.8.19-25.3.1.aarch64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.2", "packageVersion": "1.8.19-25.3.1", "arch": "s390x", "packageName": "subversion", "packageFilename": "subversion-1.8.19-25.3.1.s390x.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.3", "packageVersion": "1.8.19-25.3.1", "arch": "x86_64", "packageName": "subversion-python", "packageFilename": "subversion-python-1.8.19-25.3.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.3", "packageVersion": "1.8.19-25.3.1", "arch": "x86_64", "packageName": "subversion-devel", "packageFilename": "subversion-devel-1.8.19-25.3.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.3", "packageVersion": "1.8.19-25.3.1", "arch": "aarch64", "packageName": "subversion-tools-debuginfo", "packageFilename": "subversion-tools-debuginfo-1.8.19-25.3.1.aarch64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.3", "packageVersion": "1.8.19-25.3.1", "arch": "x86_64", "packageName": "subversion-debuginfo", "packageFilename": "subversion-debuginfo-1.8.19-25.3.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.3", "packageVersion": "1.8.19-25.3.1", "arch": "ppc64le", "packageName": "subversion-perl-debuginfo", "packageFilename": "subversion-perl-debuginfo-1.8.19-25.3.1.ppc64le.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.3", "packageVersion": "1.8.19-25.3.1", "arch": "s390x", "packageName": "subversion-debuginfo", "packageFilename": "subversion-debuginfo-1.8.19-25.3.1.s390x.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.3", "packageVersion": "1.8.19-25.3.1", "arch": "noarch", "packageName": "subversion-bash-completion", "packageFilename": "subversion-bash-completion-1.8.19-25.3.1.noarch.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.2", "packageVersion": "1.8.19-25.3.1", "arch": "s390x", "packageName": "subversion-devel", "packageFilename": "subversion-devel-1.8.19-25.3.1.s390x.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.3", "packageVersion": "1.8.19-25.3.1", "arch": "ppc64le", "packageName": "subversion-perl", "packageFilename": "subversion-perl-1.8.19-25.3.1.ppc64le.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.2", "packageVersion": "1.8.19-25.3.1", "arch": "aarch64", "packageName": "subversion-python-debuginfo", "packageFilename": "subversion-python-debuginfo-1.8.19-25.3.1.aarch64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.3", "packageVersion": "1.8.19-25.3.1", "arch": "s390x", "packageName": "subversion-debugsource", "packageFilename": "subversion-debugsource-1.8.19-25.3.1.s390x.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.2", "packageVersion": "1.8.19-25.3.1", "arch": "aarch64", "packageName": "subversion-server-debuginfo", "packageFilename": "subversion-server-debuginfo-1.8.19-25.3.1.aarch64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.3", "packageVersion": "1.8.19-25.3.1", "arch": "aarch64", "packageName": "subversion-devel", "packageFilename": "subversion-devel-1.8.19-25.3.1.aarch64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.3", "packageVersion": "1.8.19-25.3.1", "arch": "x86_64", "packageName": "subversion", "packageFilename": "subversion-1.8.19-25.3.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.3", "packageVersion": "1.8.19-25.3.1", "arch": "s390x", "packageName": "subversion-tools-debuginfo", "packageFilename": "subversion-tools-debuginfo-1.8.19-25.3.1.s390x.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.2", "packageVersion": "1.8.19-25.3.1", "arch": "x86_64", "packageName": "libsvn_auth_gnome_keyring-1-0", "packageFilename": "libsvn_auth_gnome_keyring-1-0-1.8.19-25.3.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.3", "packageVersion": "1.8.19-25.3.1", "arch": "aarch64", "packageName": "subversion-perl", "packageFilename": "subversion-perl-1.8.19-25.3.1.aarch64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.2", "packageVersion": "1.8.19-25.3.1", "arch": "ppc64le", "packageName": "subversion-debuginfo", "packageFilename": "subversion-debuginfo-1.8.19-25.3.1.ppc64le.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.2", "packageVersion": "1.8.19-25.3.1", "arch": "s390x", "packageName": "libsvn_auth_gnome_keyring-1-0", "packageFilename": "libsvn_auth_gnome_keyring-1-0-1.8.19-25.3.1.s390x.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.2", "packageVersion": "1.8.19-25.3.1", "arch": "aarch64", "packageName": "subversion-perl", "packageFilename": "subversion-perl-1.8.19-25.3.1.aarch64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.3", "packageVersion": "1.8.19-25.3.1", "arch": "ppc64le", "packageName": "subversion-devel", "packageFilename": "subversion-devel-1.8.19-25.3.1.ppc64le.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.3", "packageVersion": "1.8.19-25.3.1", "arch": "ppc64le", "packageName": "subversion-tools-debuginfo", "packageFilename": "subversion-tools-debuginfo-1.8.19-25.3.1.ppc64le.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.3", "packageVersion": "1.8.19-25.3.1", "arch": "x86_64", "packageName": "subversion-tools-debuginfo", "packageFilename": "subversion-tools-debuginfo-1.8.19-25.3.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.2", "packageVersion": "1.8.19-25.3.1", "arch": "s390x", "packageName": "subversion-server-debuginfo", "packageFilename": "subversion-server-debuginfo-1.8.19-25.3.1.s390x.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.2", "packageVersion": "1.8.19-25.3.1", "arch": "ppc64le", "packageName": "libsvn_auth_gnome_keyring-1-0", "packageFilename": "libsvn_auth_gnome_keyring-1-0-1.8.19-25.3.1.ppc64le.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.2", "packageVersion": "1.8.19-25.3.1", "arch": "aarch64", "packageName": "subversion-tools", "packageFilename": "subversion-tools-1.8.19-25.3.1.aarch64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.2", "packageVersion": "1.8.19-25.3.1", "arch": "ppc64le", "packageName": "subversion-perl", "packageFilename": "subversion-perl-1.8.19-25.3.1.ppc64le.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.3", "packageVersion": "1.8.19-25.3.1", "arch": "x86_64", "packageName": "subversion-server", "packageFilename": "subversion-server-1.8.19-25.3.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.3", "packageVersion": "1.8.19-25.3.1", "arch": "ppc64le", "packageName": "subversion-tools", "packageFilename": "subversion-tools-1.8.19-25.3.1.ppc64le.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.2", "packageVersion": "1.8.19-25.3.1", "arch": "aarch64", "packageName": "subversion-debuginfo", "packageFilename": "subversion-debuginfo-1.8.19-25.3.1.aarch64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.3", "packageVersion": "1.8.19-25.3.1", "arch": "aarch64", "packageName": "subversion-tools", "packageFilename": "subversion-tools-1.8.19-25.3.1.aarch64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.2", "packageVersion": "1.8.19-25.3.1", "arch": "x86_64", "packageName": "subversion-python-debuginfo", "packageFilename": "subversion-python-debuginfo-1.8.19-25.3.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.3", "packageVersion": "1.8.19-25.3.1", "arch": "s390x", "packageName": "libsvn_auth_gnome_keyring-1-0", "packageFilename": "libsvn_auth_gnome_keyring-1-0-1.8.19-25.3.1.s390x.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.3", "packageVersion": "1.8.19-25.3.1", "arch": "ppc64le", "packageName": "subversion-server", "packageFilename": "subversion-server-1.8.19-25.3.1.ppc64le.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.2", "packageVersion": "1.8.19-25.3.1", "arch": "s390x", "packageName": "subversion-debugsource", "packageFilename": "subversion-debugsource-1.8.19-25.3.1.s390x.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.3", "packageVersion": "1.8.19-25.3.1", "arch": "x86_64", "packageName": "subversion-python-debuginfo", "packageFilename": "subversion-python-debuginfo-1.8.19-25.3.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.2", "packageVersion": "1.8.19-25.3.1", "arch": "ppc64le", "packageName": "subversion-server-debuginfo", "packageFilename": "subversion-server-debuginfo-1.8.19-25.3.1.ppc64le.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.2", "packageVersion": "1.8.19-25.3.1", "arch": "x86_64", "packageName": "subversion-python", "packageFilename": "subversion-python-1.8.19-25.3.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.3", "packageVersion": "1.8.19-25.3.1", "arch": "x86_64", "packageName": "subversion-perl", "packageFilename": "subversion-perl-1.8.19-25.3.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.3", "packageVersion": "1.8.19-25.3.1", "arch": "aarch64", "packageName": "subversion-perl-debuginfo", "packageFilename": "subversion-perl-debuginfo-1.8.19-25.3.1.aarch64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.3", "packageVersion": "1.8.19-25.3.1", "arch": "x86_64", "packageName": "subversion-server-debuginfo", "packageFilename": "subversion-server-debuginfo-1.8.19-25.3.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.3", "packageVersion": "1.8.19-25.3.1", "arch": "s390x", "packageName": "subversion-perl", "packageFilename": "subversion-perl-1.8.19-25.3.1.s390x.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.3", "packageVersion": "1.8.19-25.3.1", "arch": "aarch64", "packageName": "libsvn_auth_gnome_keyring-1-0", "packageFilename": "libsvn_auth_gnome_keyring-1-0-1.8.19-25.3.1.aarch64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.2", "packageVersion": "1.8.19-25.3.1", "arch": "aarch64", "packageName": "subversion-server", "packageFilename": "subversion-server-1.8.19-25.3.1.aarch64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.3", "packageVersion": "1.8.19-25.3.1", "arch": "ppc64le", "packageName": "libsvn_auth_gnome_keyring-1-0-debuginfo", "packageFilename": "libsvn_auth_gnome_keyring-1-0-debuginfo-1.8.19-25.3.1.ppc64le.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.2", "packageVersion": "1.8.19-25.3.1", "arch": "aarch64", "packageName": "libsvn_auth_gnome_keyring-1-0", "packageFilename": "libsvn_auth_gnome_keyring-1-0-1.8.19-25.3.1.aarch64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.2", "packageVersion": "1.8.19-25.3.1", "arch": "x86_64", "packageName": "subversion-perl-debuginfo", "packageFilename": "subversion-perl-debuginfo-1.8.19-25.3.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.2", "packageVersion": "1.8.19-25.3.1", "arch": "aarch64", "packageName": "subversion-python", "packageFilename": "subversion-python-1.8.19-25.3.1.aarch64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.2", "packageVersion": "1.8.19-25.3.1", "arch": "ppc64le", "packageName": "subversion-python", "packageFilename": "subversion-python-1.8.19-25.3.1.ppc64le.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.2", "packageVersion": "1.8.19-25.3.1", "arch": "s390x", "packageName": "libsvn_auth_gnome_keyring-1-0-debuginfo", "packageFilename": "libsvn_auth_gnome_keyring-1-0-debuginfo-1.8.19-25.3.1.s390x.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.2", "packageVersion": "1.8.19-25.3.1", "arch": "aarch64", "packageName": "subversion-devel", "packageFilename": "subversion-devel-1.8.19-25.3.1.aarch64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.2", "packageVersion": "1.8.19-25.3.1", "arch": "s390x", "packageName": "subversion-debuginfo", "packageFilename": "subversion-debuginfo-1.8.19-25.3.1.s390x.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.3", "packageVersion": "1.8.19-25.3.1", "arch": "ppc64le", "packageName": "subversion-python-debuginfo", "packageFilename": "subversion-python-debuginfo-1.8.19-25.3.1.ppc64le.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.2", "packageVersion": "1.8.19-25.3.1", "arch": "s390x", "packageName": "subversion-python", "packageFilename": "subversion-python-1.8.19-25.3.1.s390x.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.3", "packageVersion": "1.8.19-25.3.1", "arch": "aarch64", "packageName": "subversion-server", "packageFilename": "subversion-server-1.8.19-25.3.1.aarch64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.3", "packageVersion": "1.8.19-25.3.1", "arch": "aarch64", "packageName": "subversion-debugsource", "packageFilename": "subversion-debugsource-1.8.19-25.3.1.aarch64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.2", "packageVersion": "1.8.19-25.3.1", "arch": "ppc64le", "packageName": "subversion-tools-debuginfo", "packageFilename": "subversion-tools-debuginfo-1.8.19-25.3.1.ppc64le.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.3", "packageVersion": "1.8.19-25.3.1", "arch": "x86_64", "packageName": "subversion-perl-debuginfo", "packageFilename": "subversion-perl-debuginfo-1.8.19-25.3.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.2", "packageVersion": "1.8.19-25.3.1", "arch": "x86_64", "packageName": "subversion-debugsource", "packageFilename": "subversion-debugsource-1.8.19-25.3.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.2", "packageVersion": "1.8.19-25.3.1", "arch": "s390x", "packageName": "subversion-perl-debuginfo", "packageFilename": "subversion-perl-debuginfo-1.8.19-25.3.1.s390x.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.2", "packageVersion": "1.8.19-25.3.1", "arch": "ppc64le", "packageName": "subversion-tools", "packageFilename": "subversion-tools-1.8.19-25.3.1.ppc64le.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.2", "packageVersion": "1.8.19-25.3.1", "arch": "aarch64", "packageName": "subversion-tools-debuginfo", "packageFilename": "subversion-tools-debuginfo-1.8.19-25.3.1.aarch64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.2", "packageVersion": "1.8.19-25.3.1", "arch": "x86_64", "packageName": "subversion-server-debuginfo", "packageFilename": "subversion-server-debuginfo-1.8.19-25.3.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.2", "packageVersion": "1.8.19-25.3.1", "arch": "x86_64", "packageName": "subversion-devel", "packageFilename": "subversion-devel-1.8.19-25.3.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.3", "packageVersion": "1.8.19-25.3.1", "arch": "aarch64", "packageName": "subversion-debuginfo", "packageFilename": "subversion-debuginfo-1.8.19-25.3.1.aarch64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.2", "packageVersion": "1.8.19-25.3.1", "arch": "aarch64", "packageName": "subversion-perl-debuginfo", "packageFilename": "subversion-perl-debuginfo-1.8.19-25.3.1.aarch64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.3", "packageVersion": "1.8.19-25.3.1", "arch": "aarch64", "packageName": "subversion-server-debuginfo", "packageFilename": "subversion-server-debuginfo-1.8.19-25.3.1.aarch64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.2", "packageVersion": "1.8.19-25.3.1", "arch": "s390x", "packageName": "subversion-tools", "packageFilename": "subversion-tools-1.8.19-25.3.1.s390x.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.2", "packageVersion": "1.8.19-25.3.1", "arch": "ppc64le", "packageName": "subversion-debugsource", "packageFilename": "subversion-debugsource-1.8.19-25.3.1.ppc64le.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.3", "packageVersion": "1.8.19-25.3.1", "arch": "s390x", "packageName": "subversion-python-debuginfo", "packageFilename": "subversion-python-debuginfo-1.8.19-25.3.1.s390x.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.2", "packageVersion": "1.8.19-25.3.1", "arch": "ppc64le", "packageName": "subversion-perl-debuginfo", "packageFilename": "subversion-perl-debuginfo-1.8.19-25.3.1.ppc64le.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.2", "packageVersion": "1.8.19-25.3.1", "arch": "ppc64le", "packageName": "subversion", "packageFilename": "subversion-1.8.19-25.3.1.ppc64le.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.2", "packageVersion": "1.8.19-25.3.1", "arch": "x86_64", "packageName": "subversion-perl", "packageFilename": "subversion-perl-1.8.19-25.3.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.2", "packageVersion": "1.8.19-25.3.1", "arch": "x86_64", "packageName": "subversion-tools-debuginfo", "packageFilename": "subversion-tools-debuginfo-1.8.19-25.3.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.2", "packageVersion": "1.8.19-25.3.1", "arch": "x86_64", "packageName": "libsvn_auth_gnome_keyring-1-0-debuginfo", "packageFilename": "libsvn_auth_gnome_keyring-1-0-debuginfo-1.8.19-25.3.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.3", "packageVersion": "1.8.19-25.3.1", "arch": "ppc64le", "packageName": "subversion-server-debuginfo", "packageFilename": "subversion-server-debuginfo-1.8.19-25.3.1.ppc64le.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.2", "packageVersion": "1.8.19-25.3.1", "arch": "s390x", "packageName": "subversion-server", "packageFilename": "subversion-server-1.8.19-25.3.1.s390x.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.2", "packageVersion": "1.8.19-25.3.1", "arch": "x86_64", "packageName": "subversion", "packageFilename": "subversion-1.8.19-25.3.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.3", "packageVersion": "1.8.19-25.3.1", "arch": "s390x", "packageName": "subversion-devel", "packageFilename": "subversion-devel-1.8.19-25.3.1.s390x.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.2", "packageVersion": "1.8.19-25.3.1", "arch": "s390x", "packageName": "subversion-perl", "packageFilename": "subversion-perl-1.8.19-25.3.1.s390x.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.3", "packageVersion": "1.8.19-25.3.1", "arch": "aarch64", "packageName": "libsvn_auth_gnome_keyring-1-0-debuginfo", "packageFilename": "libsvn_auth_gnome_keyring-1-0-debuginfo-1.8.19-25.3.1.aarch64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.3", "packageVersion": "1.8.19-25.3.1", "arch": "s390x", "packageName": "subversion-python", "packageFilename": "subversion-python-1.8.19-25.3.1.s390x.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.2", "packageVersion": "1.8.19-25.3.1", "arch": "ppc64le", "packageName": "subversion-python-debuginfo", "packageFilename": "subversion-python-debuginfo-1.8.19-25.3.1.ppc64le.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.3", "packageVersion": "1.8.19-25.3.1", "arch": "x86_64", "packageName": "libsvn_auth_gnome_keyring-1-0-debuginfo", "packageFilename": "libsvn_auth_gnome_keyring-1-0-debuginfo-1.8.19-25.3.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.3", "packageVersion": "1.8.19-25.3.1", "arch": "ppc64le", "packageName": "libsvn_auth_gnome_keyring-1-0", "packageFilename": "libsvn_auth_gnome_keyring-1-0-1.8.19-25.3.1.ppc64le.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.2", "packageVersion": "1.8.19-25.3.1", "arch": "s390x", "packageName": "subversion-python-debuginfo", "packageFilename": "subversion-python-debuginfo-1.8.19-25.3.1.s390x.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.3", "packageVersion": "1.8.19-25.3.1", "arch": "s390x", "packageName": "subversion-server-debuginfo", "packageFilename": "subversion-server-debuginfo-1.8.19-25.3.1.s390x.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.3", "packageVersion": "1.8.19-25.3.1", "arch": "ppc64le", "packageName": "subversion-python", "packageFilename": "subversion-python-1.8.19-25.3.1.ppc64le.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.3", "packageVersion": "1.8.19-25.3.1", "arch": "s390x", "packageName": "subversion-tools", "packageFilename": "subversion-tools-1.8.19-25.3.1.s390x.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.3", "packageVersion": "1.8.19-25.3.1", "arch": "aarch64", "packageName": "subversion-python-debuginfo", "packageFilename": "subversion-python-debuginfo-1.8.19-25.3.1.aarch64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.2", "packageVersion": "1.8.19-25.3.1", "arch": "ppc64le", "packageName": "libsvn_auth_gnome_keyring-1-0-debuginfo", "packageFilename": "libsvn_auth_gnome_keyring-1-0-debuginfo-1.8.19-25.3.1.ppc64le.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.3", "packageVersion": "1.8.19-25.3.1", "arch": "x86_64", "packageName": "subversion-debugsource", "packageFilename": "subversion-debugsource-1.8.19-25.3.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.2", "packageVersion": "1.8.19-25.3.1", "arch": "aarch64", "packageName": "libsvn_auth_gnome_keyring-1-0-debuginfo", "packageFilename": "libsvn_auth_gnome_keyring-1-0-debuginfo-1.8.19-25.3.1.aarch64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.3", "packageVersion": "1.8.19-25.3.1", "arch": "s390x", "packageName": "subversion-perl-debuginfo", "packageFilename": "subversion-perl-debuginfo-1.8.19-25.3.1.s390x.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.2", "packageVersion": "1.8.19-25.3.1", "arch": "aarch64", "packageName": "subversion", "packageFilename": "subversion-1.8.19-25.3.1.aarch64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.2", "packageVersion": "1.8.19-25.3.1", "arch": "aarch64", "packageName": "subversion-debugsource", "packageFilename": "subversion-debugsource-1.8.19-25.3.1.aarch64.rpm", "operator": "lt"}], "description": "This update for subversion fixes the following issues:\n\n\n - CVE-2017-9800: A malicious, compromised server or MITM may cause svn\n client to execute arbitrary commands by sending repository content with\n svn:externals definitions pointing to crafted svn+ssh URLs. (bsc#1051362)\n\n - Malicious user may commit SHA-1 collisions and cause repository\n inconsistencies (bsc#1026936)\n\n - CVE-2016-8734: Unrestricted XML entity expansion in mod_dontdothat and\n Subversion clients using http(s):// could lead to denial of service\n (bsc#1011552)\n\n - CVE-2016-2167: svnserve/sasl may authenticate users using the wrong\n realm (bsc#976849)\n\n - CVE-2016-2168: Remotely triggerable DoS vulnerability in mod_authz_svn\n during COPY/MOVE authorization check (bsc#976850)\n\n - mod_authz_svn: fix authz with mod_auth_kerb/mod_auth_ntlm (bsc#977424)\n\n - make the subversion package conflict with KWallet and Gnome Keyring\n packages with do not require matching subversion versions in SLE 12 and\n openSUSE Leap 42.1 and thus break the main package upon partial upgrade.\n (bsc#969159)\n\n - CVE-2015-5343: Remotely triggerable heap overflow and out-of-bounds read\n in mod_dav_svn caused by integer overflow when parsing skel-encoded\n request bodies. (bsc#958300)\n\n - Avoid recommending 180+ new pkgs for installation on minimal setup due\n subversion-password-store (bsc#942819)\n\n - CVE-2015-3184: mod_authz_svn: mixed anonymous/authenticated httpd (dav)\n configurations could lead to information leak (bsc#939514)\n\n - CVE-2015-3187: do not leak paths that were hidden by path-based authz\n (bsc#939517)\n\n - CVE-2015-0202: Subversion HTTP servers with FSFS repositories were\n vulnerable to a remotely triggerable excessive memory use with certain\n REPORT requests. (bsc#923793)\n\n - CVE-2015-0248: Subversion mod_dav_svn and svnserve were vulnerable to a\n remotely triggerable assertion DoS vulnerability for certain requests\n with dynamically evaluated revision numbers. (bsc#923794)\n\n - CVE-2015-0251: Subversion HTTP servers allow spoofing svn:author\n property values for new revisions (bsc#923795)\n\n - fix sample configuration comments in subversion.conf (bsc#916286)\n\n - fix sysconfig file generation (bsc#911620)\n\n - CVE-2014-3580: mod_dav_svn invalid REPORT requests could lead to denial\n of service (bsc#909935)\n\n - CVE-2014-8108: mod_dav_svn use of invalid transaction names could lead\n to denial of service (bsc#909935)\n\n - INSTALL#SQLite says 'Subversion 1.8 requires SQLite version 3.7.12 or\n above'; therefore I lowered the sqlite requirement to make the\n subversion run on\n older system versions, tooi. [bsc#897033]\n\n", "edition": 1, "reporter": "Suse", "published": "2017-08-17T12:10:12", "title": "Security update for subversion (important)", "type": "suse", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2016-2168", "CVE-2015-0248", "CVE-2015-3187", "CVE-2015-0251", "CVE-2015-0202", "CVE-2016-2167", "CVE-2015-5343", "CVE-2016-8734", "CVE-2017-9800", "CVE-2015-3184", "CVE-2014-3580", "CVE-2014-8108"], "modified": "2017-08-17T12:10:12", "href": "http://lists.opensuse.org/opensuse-security-announce/2017-08/msg00055.html", "id": "SUSE-SU-2017:2200-1", "cvss": {"score": 8.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:COMPLETE/"}}], "gentoo": [{"lastseen": "2016-10-11T12:54:23", "references": ["http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3522", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5259", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0032", "https://bugs.gentoo.org/show_bug.cgi?id=586046", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0248", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2168", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3184", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0202", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3504", "https://bugs.gentoo.org/show_bug.cgi?id=545348", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0251", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2167", "https://bugs.gentoo.org/show_bug.cgi?id=567810", "https://bugs.gentoo.org/show_bug.cgi?id=581448", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3528", "https://bugs.gentoo.org/show_bug.cgi?id=518716", "https://bugs.gentoo.org/show_bug.cgi?id=500482", "https://bugs.gentoo.org/show_bug.cgi?id=519202", "https://bugs.gentoo.org/show_bug.cgi?id=556076", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3187"], "affectedPackage": [{"OS": "Gentoo", "OSVersion": "any", "packageVersion": "1.9.4", "arch": "all", "packageFilename": "UNKNOWN", "packageName": "dev-vcs/subversion", "operator": "lt"}, {"OS": "Gentoo", "OSVersion": "any", "packageVersion": "1.3.7", "arch": "all", "packageFilename": "UNKNOWN", "packageName": "net-libs/serf", "operator": "lt"}], "edition": 1, "description": "### Background\n\nSubversion is a version control system intended to eventually replace CVS. Like CVS, it has an optional client-server architecture (where the server can be an Apache server running mod_svn, or an ssh program as in CVS\u2019s :ext: method). In addition to supporting the features found in CVS, Subversion also provides support for moving and copying files and directories. \n\nThe serf library is a high performance C-based HTTP client library built upon the Apache Portable Runtime (APR) library. \n\n### Description\n\nMultiple vulnerabilities have been discovered in Subversion and Serf. Please review the CVE identifiers referenced below for details \n\n### Impact\n\nA remote attacker could possibly execute arbitrary code with the privileges of the process, conduct a man-in-the-middle attack, obtain sensitive information, or cause a Denial of Service Condition. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Subversion users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-vcs/subversion-1.9.4\"\n \n\nAll Serf users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-libs/serf-1.3.7\"", "reporter": "Gentoo Foundation", "published": "2016-10-11T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "type": "gentoo", "title": "Subversion, Serf: Multiple Vulnerabilities", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3504", "CVE-2015-5259", "CVE-2016-2168", "CVE-2015-0248", "CVE-2015-3187", "CVE-2015-0251", "CVE-2014-0032", "CVE-2015-0202", "CVE-2016-2167", "CVE-2014-3522", "CVE-2015-3184", "CVE-2014-3528"], "modified": "2016-10-11T00:00:00", "id": "GLSA-201610-05", "href": "https://security.gentoo.org/glsa/201610-05", "cvss": {"score": 9.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:COMPLETE/"}}]}
