Lucene search
Copyright (C) 2009 E-Soft Inc.OPENVAS:136141256231063551HistoryMar 13, 2009 - 12:00 a.m.
Gentoo Security Advisory GLSA 200903-20 (websvn)
2009-03-1300:00:00
Copyright (C) 2009 E-Soft Inc.
plugins.openvas.org
10
6.5 Medium
AI Score
Confidence
Low
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.006 Low
EPSS
Percentile
78.6%
The remote host is missing updates announced in
advisory GLSA 200903-20.
# SPDX-FileCopyrightText: 2009 E-Soft Inc.
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.63551");
script_version("2023-07-19T05:05:15+0000");
script_tag(name:"last_modification", value:"2023-07-19 05:05:15 +0000 (Wed, 19 Jul 2023)");
script_tag(name:"creation_date", value:"2009-03-13 19:24:56 +0100 (Fri, 13 Mar 2009)");
script_cve_id("CVE-2008-5918", "CVE-2008-5919", "CVE-2009-0240");
script_tag(name:"cvss_base", value:"6.8");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:P/I:P/A:P");
script_name("Gentoo Security Advisory GLSA 200903-20 (websvn)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2009 E-Soft Inc.");
script_family("Gentoo Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/gentoo", "ssh/login/pkg");
script_tag(name:"insight", value:"Multiple vulnerabilities in WebSVN allow for file overwrite and information
disclosure.");
script_tag(name:"solution", value:"All WebSVN users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose '>=www-apps/websvn-2.1.0'");
script_xref(name:"URL", value:"http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200903-20");
script_xref(name:"URL", value:"http://bugs.gentoo.org/show_bug.cgi?id=243852");
script_tag(name:"summary", value:"The remote host is missing updates announced in
advisory GLSA 200903-20.");
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("pkg-lib-gentoo.inc");
include("revisions-lib.inc");
res = "";
report = "";
report = "";
if ((res = ispkgvuln(pkg:"www-apps/websvn", unaffected: make_list("ge 2.1.0"), vulnerable: make_list("lt 2.1.0"))) != NULL) {
report += res;
}
if (report != "") {
security_message(data:report);
} else if (__pkg_match) {
exit(99);
}
Related
openvas
openvas
FreeBSD Ports: websvn
2009-02-13 00:00:00
FreeBSD Ports: websvn
2009-02-13 00:00:00
Gentoo Security Advisory GLSA 200903-20 (websvn)
2009-03-13 00:00:00
nessus
nessus
GLSA-200903-20 : WebSVN: Multiple vulnerabilities
2009-03-10 00:00:00
FreeBSD : websvn -- multiple vulnerabilities (71597e3e-f6b8-11dd-94d9-0030843d3802)
2009-02-09 00:00:00
Debian DSA-1725-1 : websvn - programming error
2009-02-17 00:00:00
securityvulns
securityvulns
[ GLSA 200903-20 ] WebSVN: Multiple vulnerabilities
2009-03-12 00:00:00
freebsd
freebsd
websvn -- multiple vulnerabilities
2008-10-23 00:00:00
gentoo
gentoo
WebSVN: Multiple vulnerabilities
2009-03-09 00:00:00
cve
cve
ubuntucve
ubuntucve
prion
prion
Directory traversal
2009-01-21 02:30:00
Cross site scripting
2009-01-21 02:30:00
Design/Logic Flaw
2009-01-21 02:30:00
seebug
seebug
WebSVN listing.phpθζ¬η»θΏιεΆδΏ‘ζ―ζ³ι²ζΌζ΄
2009-02-19 00:00:00
cvelist
cvelist
CVE-2009-0240
2009-01-21 02:00:00
debian
debian
[SECURITY] [DSA 1725-1] New websvn packages fix information leak
2009-02-15 15:43:16
6.5 Medium
AI Score
Confidence
Low
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.006 Low
EPSS
Percentile
78.6%
Related for OPENVAS:136141256231063551