Search...

Fedora Update for subversion FEDORA-2011-8352

2011-07-12T00:00:00

ID OPENVAS:863295
Type openvas
Reporter Copyright (c) 2011 Greenbone Networks GmbH
Modified 2017-07-10T00:00:00

Description

Check for the Version of subversion

                                        
                                            ###############################################################################
# OpenVAS Vulnerability Test
#
# Fedora Update for subversion FEDORA-2011-8352
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################

include("revisions-lib.inc");
tag_affected = "subversion on Fedora 15";
tag_insight = "Subversion is a concurrent version control system which enables one
  or more users to collaborate in developing and maintaining a
  hierarchy of files and directories while keeping a history of all
  changes.  Subversion only stores the differences between versions,
  instead of every complete file.  Subversion is intended to be a
  compelling replacement for CVS.";
tag_solution = "Please Install the Updated Packages.";


if(description)
{
  script_xref(name : "URL" , value : "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061913.html");
  script_id(863295);
  script_version("$Revision: 6626 $");
  script_tag(name:"last_modification", value:"$Date: 2017-07-10 08:30:10 +0200 (Mon, 10 Jul 2017) $");
  script_tag(name:"creation_date", value:"2011-07-12 08:00:26 +0200 (Tue, 12 Jul 2011)");
  script_tag(name:"cvss_base", value:"5.0");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:P");
  script_xref(name: "FEDORA", value: "2011-8352");
  script_cve_id("CVE-2011-1783", "CVE-2011-1752", "CVE-2011-1921");
  script_name("Fedora Update for subversion FEDORA-2011-8352");

  script_summary("Check for the Version of subversion");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
  script_family("Fedora Local Security Checks");
  script_dependencies("gather-package-list.nasl");
  script_mandatory_keys("ssh/login/fedora", "ssh/login/rpms");
  script_tag(name : "affected" , value : tag_affected);
  script_tag(name : "insight" , value : tag_insight);
  script_tag(name : "solution" , value : tag_solution);
  script_tag(name:"qod_type", value:"package");
  script_tag(name:"solution_type", value:"VendorFix");
  exit(0);
}


include("pkg-lib-rpm.inc");

release = get_kb_item("ssh/login/release");


res = "";
if(release == NULL){
  exit(0);
}

if(release == "FC15")
{

  if ((res = isrpmvuln(pkg:"subversion", rpm:"subversion~1.6.17~1.fc15", rls:"FC15")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if (__pkg_match) exit(99); # Not vulnerable.
  exit(0);
}

JSON Vulners Source

Initial Source

{"id": "OPENVAS:863295", "type": "openvas", "bulletinFamily": "scanner", "title": "Fedora Update for subversion FEDORA-2011-8352", "description": "Check for the Version of subversion", "published": "2011-07-12T00:00:00", "modified": "2017-07-10T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=863295", "reporter": "Copyright (c) 2011 Greenbone Networks GmbH", "references": ["2011-8352", "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061913.html"], "cvelist": ["CVE-2011-1783", "CVE-2011-1752", "CVE-2011-1921"], "lastseen": "2017-07-25T10:55:34", "viewCount": 0, "enchantments": {"score": {"value": 6.4, "vector": "NONE", "modified": "2017-07-25T10:55:34", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2011-1783", "CVE-2011-1752", "CVE-2011-1921"]}, {"type": "seebug", "idList": ["SSV:20603", "SSV:20701"]}, {"type": "oraclelinux", "idList": ["ELSA-2011-0861", "ELSA-2011-0862"]}, {"type": "debian", "idList": ["DEBIAN:BSA-037:4B32C", "DEBIAN:DSA-2251-1:5380F"]}, {"type": "freebsd", "idList": ["E27A1AF3-8D21-11E0-A45D-001E8C75030D"]}, {"type": "redhat", "idList": ["RHSA-2011:0862", "RHSA-2011:0861"]}, {"type": "suse", "idList": ["SUSE-SU-2011:0691-1", "SUSE-SU-2011:0692-1", "OPENSUSE-SU-2011:0695-1", "OPENSUSE-SU-2011:0693-1"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:26457", "SECURITYVULNS:VULN:12164", "SECURITYVULNS:DOC:27600", "SECURITYVULNS:VULN:11704"]}, {"type": "ubuntu", "idList": ["USN-1144-1"]}, {"type": "centos", "idList": ["CESA-2011:0861", "CESA-2011:0862"]}, {"type": "fedora", "idList": ["FEDORA:933C61101D2", "FEDORA:ECEAB110A94"]}, {"type": "nessus", "idList": ["REDHAT-RHSA-2011-0862.NASL", "MANDRIVA_MDVSA-2011-106.NASL", "SUSE_11_4_LIBSVN_AUTH_GNOME_KEYRING-1-0-110607.NASL", "FREEBSD_PKG_E27A1AF38D2111E0A45D001E8C75030D.NASL", "DEBIAN_DSA-2251.NASL", "FEDORA_2011-8352.NASL", "CENTOS_RHSA-2011-0862.NASL", "FEDORA_2011-8341.NASL", "SL_20110608_SUBVERSION_ON_SL5_X.NASL", "ORACLELINUX_ELSA-2011-0862.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:69958", "OPENVAS:881360", "OPENVAS:136141256231069755", "OPENVAS:1361412562310831415", "OPENVAS:1361412562310881360", "OPENVAS:136141256231069958", "OPENVAS:863323", "OPENVAS:1361412562310863295", "OPENVAS:69755", "OPENVAS:1361412562310122150"]}, {"type": "gentoo", "idList": ["GLSA-201309-11"]}], "modified": "2017-07-25T10:55:34", "rev": 2}, "vulnersScore": 6.4}, "pluginID": "863295", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for subversion FEDORA-2011-8352\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"subversion on Fedora 15\";\ntag_insight = \"Subversion is a concurrent version control system which enables one\n or more users to collaborate in developing and maintaining a\n hierarchy of files and directories while keeping a history of all\n changes. Subversion only stores the differences between versions,\n instead of every complete file. Subversion is intended to be a\n compelling replacement for CVS.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061913.html\");\n script_id(863295);\n script_version(\"$Revision: 6626 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:30:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-07-12 08:00:26 +0200 (Tue, 12 Jul 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"FEDORA\", value: \"2011-8352\");\n script_cve_id(\"CVE-2011-1783\", \"CVE-2011-1752\", \"CVE-2011-1921\");\n script_name(\"Fedora Update for subversion FEDORA-2011-8352\");\n\n script_summary(\"Check for the Version of subversion\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"subversion\", rpm:\"subversion~1.6.17~1.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "naslFamily": "Fedora Local Security Checks"}

{"cve": [{"lastseen": "2020-12-09T19:39:06", "description": "The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x and 1.6.x before 1.6.17, when the SVNPathAuthz short_circuit option is enabled, allows remote attackers to cause a denial of service (infinite loop and memory consumption) in opportunistic circumstances by requesting data.", "edition": 6, "cvss3": {}, "published": "2011-06-06T19:55:00", "title": "CVE-2011-1783", "type": "cve", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-1783"], "modified": "2020-10-05T19:05:00", "cpe": ["cpe:/o:debian:debian_linux:6.0", "cpe:/o:canonical:ubuntu_linux:11.04", "cpe:/o:debian:debian_linux:5.0", "cpe:/o:fedoraproject:fedora:14", "cpe:/a:apache:subversion:1.5.8", "cpe:/o:canonical:ubuntu_linux:10.10", "cpe:/o:canonical:ubuntu_linux:10.04", "cpe:/o:fedoraproject:fedora:15"], "id": "CVE-2011-1783", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1783", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:o:fedoraproject:fedora:14:*:*:*:*:*:*:*", "cpe:2.3:a:apache:subversion:1.5.8:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:11.04:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:15:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*"]}, {"lastseen": "2020-10-03T11:39:27", "description": "The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x and 1.6.x before 1.6.17, when the SVNPathAuthz short_circuit option is disabled, does not properly enforce permissions for files that had been publicly readable in the past, which allows remote attackers to obtain sensitive information via a replay REPORT operation.", "edition": 3, "cvss3": {}, "published": "2011-06-06T19:55:00", "title": "CVE-2011-1921", "type": "cve", "cwe": ["CWE-264"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-1921"], "modified": "2017-09-19T01:32:00", "cpe": ["cpe:/a:apache:subversion:1.6.7", "cpe:/a:apache:subversion:1.5.5", "cpe:/a:apache:subversion:1.5.4", "cpe:/a:apache:subversion:1.5.2", "cpe:/a:apache:subversion:1.5.6", "cpe:/a:apache:subversion:1.5.1", "cpe:/a:apache:subversion:1.6.0", "cpe:/a:apache:subversion:1.5.7", "cpe:/a:apache:subversion:1.6.16", "cpe:/a:apache:subversion:1.6.4", "cpe:/a:apache:subversion:1.6.2", "cpe:/a:apache:subversion:1.6.13", "cpe:/a:apache:subversion:1.5.0", "cpe:/a:apache:subversion:1.5.8", "cpe:/a:apache:subversion:1.6.8", "cpe:/a:apache:subversion:1.6.15", "cpe:/a:apache:subversion:1.5.3", "cpe:/a:apache:subversion:1.6.6", "cpe:/a:apache:subversion:1.6.10", "cpe:/a:apache:subversion:1.6.1", "cpe:/a:apache:subversion:1.6.3", "cpe:/a:apache:subversion:1.6.5", "cpe:/a:apache:subversion:1.6.12", "cpe:/a:apache:subversion:1.6.11", "cpe:/a:apache:subversion:1.6.9", "cpe:/a:apache:subversion:1.6.14"], "id": "CVE-2011-1921", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1921", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:apache:subversion:1.6.13:*:*:*:*:*:*:*", "cpe:2.3:a:apache:subversion:1.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:apache:subversion:1.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:apache:subversion:1.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:apache:subversion:1.6.16:*:*:*:*:*:*:*", "cpe:2.3:a:apache:subversion:1.6.12:*:*:*:*:*:*:*", "cpe:2.3:a:apache:subversion:1.6.0:*:*:*:*:*:*:*", "cpe:2.3:a:apache:subversion:1.6.14:*:*:*:*:*:*:*", "cpe:2.3:a:apache:subversion:1.5.8:*:*:*:*:*:*:*", "cpe:2.3:a:apache:subversion:1.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:apache:subversion:1.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:apache:subversion:1.5.4:*:*:*:*:*:*:*", "cpe:2.3:a:apache:subversion:1.6.4:*:*:*:*:*:*:*", "cpe:2.3:a:apache:subversion:1.6.10:*:*:*:*:*:*:*", "cpe:2.3:a:apache:subversion:1.6.6:*:*:*:*:*:*:*", "cpe:2.3:a:apache:subversion:1.5.3:*:*:*:*:*:*:*", "cpe:2.3:a:apache:subversion:1.6.7:*:*:*:*:*:*:*", "cpe:2.3:a:apache:subversion:1.5.5:*:*:*:*:*:*:*", "cpe:2.3:a:apache:subversion:1.5.7:*:*:*:*:*:*:*", "cpe:2.3:a:apache:subversion:1.6.11:*:*:*:*:*:*:*", "cpe:2.3:a:apache:subversion:1.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:apache:subversion:1.6.15:*:*:*:*:*:*:*", "cpe:2.3:a:apache:subversion:1.5.6:*:*:*:*:*:*:*", "cpe:2.3:a:apache:subversion:1.6.8:*:*:*:*:*:*:*", "cpe:2.3:a:apache:subversion:1.6.9:*:*:*:*:*:*:*", "cpe:2.3:a:apache:subversion:1.6.3:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:39:06", "description": "The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.17, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a request for a baselined WebDAV resource, as exploited in the wild in May 2011.", "edition": 6, "cvss3": {}, "published": "2011-06-06T19:55:00", "title": "CVE-2011-1752", "type": "cve", "cwe": ["CWE-476"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-1752"], "modified": "2020-10-05T19:04:00", "cpe": ["cpe:/o:debian:debian_linux:6.0", "cpe:/o:canonical:ubuntu_linux:11.04", "cpe:/o:debian:debian_linux:5.0", "cpe:/o:fedoraproject:fedora:14", "cpe:/o:canonical:ubuntu_linux:10.10", "cpe:/o:canonical:ubuntu_linux:10.04", "cpe:/o:fedoraproject:fedora:15"], "id": "CVE-2011-1752", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1752", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:o:fedoraproject:fedora:14:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:11.04:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:15:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*"]}], "seebug": [{"lastseen": "2017-11-19T18:03:00", "description": "Bugtraq ID: 48091\r\nCVE ID\uff1aCVE-2011-1752,CVE-2011-1783,CVE-2011-1921\r\n\r\nSubversion\u662f\u4e00\u6b3e\u81ea\u7531/\u5f00\u6e90\u7248\u672c\u63a7\u5236\u7cfb\u7edf\u3002\r\nSubversion\u5b58\u5728\u591a\u4e2a\u5b89\u5168\u6f0f\u6d1e\uff0c\u5141\u8bb8\u653b\u51fb\u8005\u8fdb\u884c\u62d2\u7edd\u670d\u52a1\u653b\u51fb\u6216\u6cc4\u9732\u654f\u611f\u4fe1\u606f\u3002\r\n-\u5904\u7406\u57fa\u7ebf\u8d44\u6e90\u8bf7\u6c42\u65f6mod_dav_svn\u6a21\u5757\u5b58\u5728\u7a7a\u6307\u9488\u5f15\u7528\u9519\u8bef\uff0c\u653b\u51fb\u8005\u53ef\u4ee5\u63d0\u4ea4\u6076\u610f\u8bf7\u6c42\u53ef\u5bfc\u81f4\u670d\u52a1\u5d29\u6e83\u3002\r\n\u6b64\u6f0f\u6d1e\u5f71\u54cd1.6.16\u548c\u4e4b\u524d\u7248\u672c\u3002\r\n-\u5904\u7406\u90e8\u5206\u57fa\u4e8e\u8def\u5f84\u7684\u8bbf\u95ee\u63a7\u5236\u89c4\u5219\u65f6mod_dav_svn\u6a21\u5757\u5b58\u5728\u9519\u8bef\uff0c\u53ef\u89e6\u53d1\u6b7b\u5faa\u73af\u5e76\u6d88\u8017\u5927\u91cf\u5185\u5b58\uff0c\u9020\u6210\u62d2\u7edd\u670d\u52a1\u653b\u51fb\u3002\r\n\u6b64\u6f0f\u6d1e\u5f71\u54cd1.5.0\u52301.6.16\u4e4b\u95f4\u7684\u7248\u672c\u3002\r\n\u6ce8\uff1a\u5904\u7406\u57fa\u4e8e\u8def\u5f84\u7684\u8bbf\u95ee\u89c4\u5219\u5b58\u5728\u7f3a\u9677\uff0c\u53ef\u5bfc\u81f4\u90e8\u5206\u4e0d\u53ef\u8bfb\u6587\u4ef6\u548c\u76ee\u5f55\u53d8\u5f97\u53ef\u8bfb\uff0c\u53ef\u6cc4\u9732\u654f\u611f\u4fe1\u606f\n\nApache Subversion 1.x\n\u5382\u5546\u89e3\u51b3\u65b9\u6848\r\nApache Subversion 1.6.17\u5df2\u7ecf\u4fee\u590d\u6b64\u6f0f\u6d1e\uff0c\u5efa\u8bae\u7528\u6237\u4e0b\u8f7d\u4f7f\u7528\uff1a\r\nhttp://subversion.apache.org/", "published": "2011-06-04T00:00:00", "title": "Subversion 'mod_dav_svn'\u62d2\u7edd\u670d\u52a1\u548c\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e", "type": "seebug", "bulletinFamily": "exploit", "cvelist": ["CVE-2011-1752", "CVE-2011-1783", "CVE-2011-1921"], "modified": "2011-06-04T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-20603", "id": "SSV:20603", "sourceData": "", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "sourceHref": ""}, {"lastseen": "2017-11-19T18:07:55", "description": "BUGTRAQ ID: 48091\r\nCVE ID: CVE-2011-1752,CVE-2011-1783,CVE-2011-1921,CVE-2011-1921\r\n\r\nSubversion\u662f\u4e00\u4e2a\u81ea\u7531\uff0c\u5f00\u6e90\u7684\u7248\u672c\u63a7\u5236\u7cfb\u7edf\u3002\r\n\r\nSubversion\u5728mod_dav_svn\u7684\u5b9e\u73b0\u4e0a\u5b58\u5728\u591a\u4e2a\u62d2\u7edd\u670d\u52a1\u548c\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8fd9\u4e9b\u6f0f\u6d1e\u4f7f\u5e94\u7528\u7a0b\u5e8f\u5d29\u6e83\uff0c\u6d88\u8017\u6389\u6240\u6709\u5185\u5b58\u8d44\u6e90\u6216\u83b7\u53d6\u654f\u611f\u4fe1\u606f\u3002\r\n\r\nSubversion\u7684mod_dav_svn Apache HTTPD\u670d\u52a1\u5668\u6a21\u5757\u5728\u67d0\u4e9b\u60c5\u5883\u4e2d\u4f1a\u8fdb\u5165\u4e0d\u5b58\u5728\u7684\u4e14\u6bcf\u6b21\u91cd\u590d\u90fd\u5206\u914d\u5185\u5b58\u7684\u903b\u8f91\u5faa\u73af\uff0c\u6700\u7ec8\u6d88\u8017\u670d\u52a1\u5668\u4e0a\u7684\u6240\u6709\u5185\u5b58\u3002\n\nApache Group Subversion 1.x\r\nApache Group Subversion 0.x\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nApache Group\r\n------------\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\nhttp://httpd.apache.org/", "published": "2011-07-07T00:00:00", "type": "seebug", "title": "Subversion "mod_dav_svn"\u591a\u4e2a\u62d2\u7edd\u670d\u52a1\u548c\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e", "bulletinFamily": "exploit", "cvelist": ["CVE-2011-1752", "CVE-2011-1783", "CVE-2011-1921"], "modified": "2011-07-07T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-20701", "id": "SSV:20701", "sourceData": "", "sourceHref": "", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "debian": [{"lastseen": "2020-11-11T13:20:05", "bulletinFamily": "unix", "cvelist": ["CVE-2011-1783", "CVE-2011-1752", "CVE-2011-1921"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2251-1 security@debian.org\nhttp://www.debian.org/security/ Thijs Kinkhorst\nJune 02, 2011 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : subversion\nVulnerability : several\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2011-1752 CVE-2011-1783 CVE-2011-1921 \n\nSeveral vulnerabilities were discovered in Subversion, the version\ncontrol system. The Common Vulnerabilities and Exposures project\nidentifies the following problems:\n\nCVE-2011-1752\n\n The mod_dav_svn Apache HTTPD server module can be crashed though\n when asked to deliver baselined WebDAV resources.\n\nCVE-2011-1783\n\n The mod_dav_svn Apache HTTPD server module can trigger a loop which\n consumes all available memory on the system.\n\nCVE-2011-1921\n\n The mod_dav_svn Apache HTTPD server module may leak to remote users\n the file contents of files configured to be unreadable by those\n users.\n\nFor the oldstable distribution (lenny), this problem has been fixed in\nversion 1.5.1dfsg1-7.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 1.6.12dfsg-6.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1.6.17dfsg-1.\n\nWe recommend that you upgrade your subversion packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 3, "modified": "2011-06-02T09:49:10", "published": "2011-06-02T09:49:10", "id": "DEBIAN:DSA-2251-1:5380F", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2011/msg00121.html", "title": "[SECURITY] [DSA 2251-1] subversion security update", "type": "debian", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-11-11T13:21:10", "bulletinFamily": "unix", "cvelist": ["CVE-2011-1783", "CVE-2011-1752", "CVE-2011-1921"], "description": "Peter Samuelson uploaded new packages for subversion which fixed the\nfollowing security problems:\n\nCVE-2011-1752\n Subversion's mod_dav_svn Apache HTTPD server module will dereference\n a NULL pointer if asked to deliver baselined WebDAV resources.\n http://subversion.apache.org/security/CVE-2011-1752-advisory.txt\n\nCVE-2011-1783\n Subversion's mod_dav_svn Apache HTTPD server module may in certain\n scenarios enter a logic loop which does not exit and which allocates\n memory in each iteration, ultimately exhausting all the available\n memory on the server.\n http://subversion.apache.org/security/CVE-2011-1783-advisory.txt\n\nCVE-2011-1921\n Subversion's mod_dav_svn Apache HTTPD server module may leak to\n remote users the file contents of files configured to be unreadable\n by those users.\n http://subversion.apache.org/security/CVE-2011-1921-advisory.txt\n\nFor the lenny-backports distribution the problems have been fixed in\nversion 1.6.12dfsg-6~bpo50+1.\n\nFor the stable distribution (squeeze) the problems have been fixed in\nversion 1.6.12dfsg-6 [stable-sec].\n\nIf you don't use pinning (see [1]) you have to update the package\nmanually via "apt-get -t lenny-backports install <packagelist>" with\nthe packagelist of your installed packages affected by this update.\n[1] <http://backports.debian.org/Instructions>\n\nWe recommend to pin (in /etc/apt/preferences) the backports repository to\n200 so that new versions of installed backports will be installed\nautomatically.\n\n Package: *\n Pin: release a=lenny-backports\n Pin-Priority: 200\n\n-- \nMichael Diers, elego Software Solutions GmbH, http://www.elego.de\n", "edition": 3, "modified": "2011-07-14T07:33:31", "published": "2011-07-14T07:33:31", "id": "DEBIAN:BSA-037:4B32C", "href": "https://lists.debian.org/debian-backports-announce/2011/debian-backports-announce-201107/msg00003.html", "title": "[BSA-037] Security Update for subversion", "type": "debian", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "fedora": [{"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2011-1752", "CVE-2011-1783", "CVE-2011-1921"], "description": "Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. Subversion only stores the differences between versions, instead of every complete file. Subversion is intended to be a compelling replacement for CVS. ", "modified": "2011-07-01T19:03:07", "published": "2011-07-01T19:03:07", "id": "FEDORA:ECEAB110A94", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 14 Update: subversion-1.6.17-1.fc14", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2011-1752", "CVE-2011-1783", "CVE-2011-1921"], "description": "Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. Subversion only stores the differences between versions, instead of every complete file. Subversion is intended to be a compelling replacement for CVS. ", "modified": "2011-06-24T03:49:12", "published": "2011-06-24T03:49:12", "id": "FEDORA:933C61101D2", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 15 Update: subversion-1.6.17-1.fc15", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:37:38", "bulletinFamily": "unix", "cvelist": ["CVE-2011-1783", "CVE-2011-1752", "CVE-2011-1921"], "description": "[1.6.11-2.4]\n- add security fixes for CVE-2011-1752, CVE-2011-1783, CVE-2011-1921 (#709220)", "edition": 4, "modified": "2011-06-08T00:00:00", "published": "2011-06-08T00:00:00", "id": "ELSA-2011-0862", "href": "http://linux.oracle.com/errata/ELSA-2011-0862.html", "title": "subversion security update", "type": "oraclelinux", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:37:04", "bulletinFamily": "unix", "cvelist": ["CVE-2011-1752"], "description": "[1.1.4-4.0.1]\n- RHAT logo removed (updated redhat.png in tarball)\n[1.1.4-4]\n- add security fix for CVE-2011-1752 (#709217)", "edition": 4, "modified": "2011-06-08T00:00:00", "published": "2011-06-08T00:00:00", "id": "ELSA-2011-0861", "href": "http://linux.oracle.com/errata/ELSA-2011-0861.html", "title": "subversion security update", "type": "oraclelinux", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "freebsd": [{"lastseen": "2019-05-29T18:33:59", "bulletinFamily": "unix", "cvelist": ["CVE-2011-1783", "CVE-2011-1752", "CVE-2011-1921"], "description": "\nSubversion team reports:\n\nSubversion's mod_dav_svn Apache HTTPD server module will\n\t dereference a NULL pointer if asked to deliver baselined WebDAV\n\t resources.\nThis can lead to a DoS. An exploit has been tested, and tools\n\t or users have been observed triggering this problem in the\n\t wild.\n\n\nSubversion's mod_dav_svn Apache HTTPD server module may in\n\t certain scenarios enter a logic loop which does not exit and\n\t which allocates memory in each iteration, ultimately exhausting\n\t all the available memory on the server.\nThis can lead to a DoS. There are no known instances of this\n\t problem being observed in the wild, but an exploit has been\n\t tested.\n\n\nSubversion's mod_dav_svn Apache HTTPD server module may leak to\n\t remote users the file contents of files configured to be\n\t unreadable by those users.\nThere are no known instances of this problem being observed in\n\t the wild, but an exploit has been tested.\n\n", "edition": 4, "modified": "2011-05-28T00:00:00", "published": "2011-05-28T00:00:00", "id": "E27A1AF3-8D21-11E0-A45D-001E8C75030D", "href": "https://vuxml.freebsd.org/freebsd/e27a1af3-8d21-11e0-a45d-001e8c75030d.html", "title": "Subversion -- multiple vulnerabilities", "type": "freebsd", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "redhat": [{"lastseen": "2019-08-13T18:45:20", "bulletinFamily": "unix", "cvelist": ["CVE-2011-1752", "CVE-2011-1783", "CVE-2011-1921"], "description": "Subversion (SVN) is a concurrent version control system which enables one\nor more users to collaborate in developing and maintaining a hierarchy of\nfiles and directories while keeping a history of all changes. The\nmod_dav_svn module is used with the Apache HTTP Server to allow access to\nSubversion repositories via HTTP.\n\nAn infinite loop flaw was found in the way the mod_dav_svn module processed\ncertain data sets. If the SVNPathAuthz directive was set to\n\"short_circuit\", and path-based access control for files and directories\nwas enabled, a malicious, remote user could use this flaw to cause the\nhttpd process serving the request to consume an excessive amount of system\nmemory. (CVE-2011-1783)\n\nA NULL pointer dereference flaw was found in the way the mod_dav_svn module\nprocessed requests submitted against the URL of a baselined resource. A\nmalicious, remote user could use this flaw to cause the httpd process\nserving the request to crash. (CVE-2011-1752)\n\nAn information disclosure flaw was found in the way the mod_dav_svn\nmodule processed certain URLs when path-based access control for files and\ndirectories was enabled. A malicious, remote user could possibly use this\nflaw to access certain files in a repository that would otherwise not be\naccessible to them. Note: This vulnerability cannot be triggered if the\nSVNPathAuthz directive is set to \"short_circuit\". (CVE-2011-1921)\n\nRed Hat would like to thank the Apache Subversion project for reporting\nthese issues. Upstream acknowledges Joe Schaefer of the Apache Software\nFoundation as the original reporter of CVE-2011-1752; Ivan Zhakov of\nVisualSVN as the original reporter of CVE-2011-1783; and Kamesh\nJayachandran of CollabNet, Inc. as the original reporter of CVE-2011-1921.\n\nAll Subversion users should upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing the\nupdated packages, you must restart the httpd daemon, if you are using\nmod_dav_svn, for the update to take effect.\n", "modified": "2018-06-06T20:24:28", "published": "2011-06-08T04:00:00", "id": "RHSA-2011:0862", "href": "https://access.redhat.com/errata/RHSA-2011:0862", "type": "redhat", "title": "(RHSA-2011:0862) Moderate: subversion security update", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-08-13T18:46:53", "bulletinFamily": "unix", "cvelist": ["CVE-2011-1752"], "description": "Subversion (SVN) is a concurrent version control system which enables one\nor more users to collaborate in developing and maintaining a hierarchy of\nfiles and directories while keeping a history of all changes. The\nmod_dav_svn module is used with the Apache HTTP Server to allow access to\nSubversion repositories via HTTP.\n\nA NULL pointer dereference flaw was found in the way the mod_dav_svn module\nprocessed requests submitted against the URL of a baselined resource. A\nmalicious, remote user could use this flaw to cause the httpd process\nserving the request to crash. (CVE-2011-1752)\n\nRed Hat would like to thank the Apache Subversion project for reporting\nthis issue. Upstream acknowledges Joe Schaefer of the Apache Software\nFoundation as the original reporter.\n\nAll Subversion users should upgrade to these updated packages, which\ncontain a backported patch to correct this issue. After installing the\nupdated packages, you must restart the httpd daemon, if you are using\nmod_dav_svn, for the update to take effect.\n", "modified": "2017-09-08T12:20:30", "published": "2011-06-08T04:00:00", "id": "RHSA-2011:0861", "href": "https://access.redhat.com/errata/RHSA-2011:0861", "type": "redhat", "title": "(RHSA-2011:0861) Moderate: subversion security update", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:40", "bulletinFamily": "software", "cvelist": ["CVE-2011-1783", "CVE-2011-1752", "CVE-2011-1921"], "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n- -------------------------------------------------------------------------\r\nDebian Security Advisory DSA-2251-1 security@debian.org\r\nhttp://www.debian.org/security/ Thijs Kinkhorst\r\nJune 02, 2011 http://www.debian.org/security/faq\r\n- -------------------------------------------------------------------------\r\n\r\nPackage : subversion\r\nVulnerability : several\r\nProblem type : remote\r\nDebian-specific: no\r\nCVE ID : CVE-2011-1752 CVE-2011-1783 CVE-2011-1921 \r\n\r\nSeveral vulnerabilities were discovered in Subversion, the version\r\ncontrol system. The Common Vulnerabilities and Exposures project\r\nidentifies the following problems:\r\n\r\nCVE-2011-1752\r\n\r\n The mod_dav_svn Apache HTTPD server module can be crashed though\r\n when asked to deliver baselined WebDAV resources.\r\n\r\nCVE-2011-1783\r\n\r\n The mod_dav_svn Apache HTTPD server module can trigger a loop which\r\n consumes all available memory on the system.\r\n\r\nCVE-2011-1921\r\n\r\n The mod_dav_svn Apache HTTPD server module may leak to remote users\r\n the file contents of files configured to be unreadable by those\r\n users.\r\n\r\nFor the oldstable distribution (lenny), this problem has been fixed in\r\nversion 1.5.1dfsg1-7.\r\n\r\nFor the stable distribution (squeeze), this problem has been fixed in\r\nversion 1.6.12dfsg-6.\r\n\r\nFor the unstable distribution (sid), this problem has been fixed in\r\nversion 1.6.17dfsg-1.\r\n\r\nWe recommend that you upgrade your subversion packages.\r\n\r\nFurther information about Debian Security Advisories, how to apply\r\nthese updates to your system and frequently asked questions can be\r\nfound at: http://www.debian.org/security/\r\n\r\nMailing list: debian-security-announce@lists.debian.org\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.10 (GNU/Linux)\r\n\r\niQEcBAEBAgAGBQJN51w8AAoJEOxfUAG2iX578DEH/0AnYvKNnyT4C4jLIDfepOKg\r\nebgFmGapsVOm9lk6YNfrpCue2ecxW+mfU+mMVgHRYv2LRiqAJbyAd+Kb/JcgEwtf\r\nNRZX6SQWO9TP91w/LWWxUbFXKqELUA1NbC7oIuGqcS4TWwcdLK/Z+QYTXorVgJgB\r\nLZkuDvZ6heLxQJVtEMaLtHInOFYu5Q/FAFFyM4Raweha0/Q0LGE6MSqsYNThDoqJ\r\nPTF48OVP4BBbhFVfMXiv8N4SXeRwej+qSHIWLfRkYSuyh0JUzaJaRwaQnz5icWGl\r\nkfF6JGn8izrSaBPPZA0voZ6/Bn31JlWK6QLFvDtuY3n6cG+vi422Y9QZOjIlBD8=\r\n=4u2D\r\n-----END PGP SIGNATURE-----\r\n", "edition": 1, "modified": "2011-06-02T00:00:00", "published": "2011-06-02T00:00:00", "id": "SECURITYVULNS:DOC:26457", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:26457", "title": "[SECURITY] [DSA 2251-1] subversion security update", "type": "securityvulns", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:09:42", "bulletinFamily": "software", "cvelist": ["CVE-2011-1954", "CVE-2011-1783", "CVE-2011-1752", "CVE-2011-1921", "CVE-2011-1953", "CVE-2011-1952", "CVE-2011-0446", "CVE-2011-0447"], "description": "PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.", "edition": 1, "modified": "2011-06-02T00:00:00", "published": "2011-06-02T00:00:00", "id": "SECURITYVULNS:VULN:11704", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:11704", "title": "Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)", "type": "securityvulns", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:09:46", "bulletinFamily": "software", "cvelist": ["CVE-2011-3462", "CVE-2011-3448", "CVE-2011-1148", "CVE-2011-3444", "CVE-2011-1783", "CVE-2011-3246", "CVE-2011-3249", "CVE-2011-3189", "CVE-2011-0241", "CVE-2011-1752", "CVE-2011-1938", "CVE-2011-3449", "CVE-2011-3441", "CVE-2011-3453", "CVE-2011-3422", "CVE-2011-3248", "CVE-2011-2483", "CVE-2011-3457", "CVE-2010-2813", "CVE-2011-3463", "CVE-2011-3389", "CVE-2011-2204", "CVE-2011-3256", "CVE-2011-1657", "CVE-2011-1167", "CVE-2011-3252", "CVE-2011-3268", "CVE-2011-3328", "CVE-2011-2023", "CVE-2011-3182", "CVE-2010-4554", "CVE-2011-1921", "CVE-2011-3459", "CVE-2010-4555", "CVE-2011-3250", "CVE-2011-0200", "CVE-2011-3267", "CVE-2011-3458", "CVE-2011-3447", "CVE-2011-3460", "CVE-2011-2202", "CVE-2011-3452", "CVE-2011-3450", "CVE-2011-2895", "CVE-2010-1637", "CVE-2011-2937", "CVE-2011-2192"], "description": "Graphics, Video, Audio and documents parsing vulnerabilities. Information leakage, code execution via DNS resolver. Privilege escalation. Vulnerabilities in 3rd party packages.", "edition": 1, "modified": "2012-02-03T00:00:00", "published": "2012-02-03T00:00:00", "id": "SECURITYVULNS:VULN:12164", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:12164", "title": "Apple OS X multiple security vulnerabilities", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:43", "bulletinFamily": "software", "cvelist": ["CVE-2011-3462", "CVE-2011-3448", "CVE-2011-1148", "CVE-2011-3444", "CVE-2011-1783", "CVE-2011-3246", "CVE-2011-3249", "CVE-2011-3189", "CVE-2011-0241", "CVE-2011-1752", "CVE-2011-1938", "CVE-2011-3449", "CVE-2011-3441", "CVE-2011-3453", "CVE-2011-3422", "CVE-2011-3248", "CVE-2011-2483", "CVE-2011-3457", "CVE-2010-2813", "CVE-2011-3463", "CVE-2011-3389", "CVE-2011-2204", "CVE-2011-3256", "CVE-2011-1657", "CVE-2011-1167", "CVE-2011-3252", "CVE-2011-3268", "CVE-2011-3328", "CVE-2011-2023", "CVE-2011-3182", "CVE-2010-4554", "CVE-2011-1921", "CVE-2011-3459", "CVE-2010-4555", "CVE-2011-3250", "CVE-2011-0200", "CVE-2011-3267", "CVE-2011-3458", "CVE-2011-3447", "CVE-2011-3460", "CVE-2011-3348", "CVE-2011-2202", "CVE-2011-3452", "CVE-2011-3450", "CVE-2011-2895", "CVE-2010-1637", "CVE-2011-2937", "CVE-2011-2192"], "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nAPPLE-SA-2012-02-01-1 OS X Lion v10.7.3 and Security Update 2012-001\r\n\r\nOS X Lion v10.7.3 and Security Update 2012-001 is now available and\r\naddresses the following:\r\n\r\nAddress Book\r\nAvailable for: OS X Lion v10.7 to v10.7.2,\r\nOS X Lion Server v10.7 to v10.7.2\r\nImpact: An attacker in a privileged network position may intercept\r\nCardDAV data\r\nDescription: Address Book supports Secure Sockets Layer (SSL) for\r\naccessing CardDAV. A downgrade issue caused Address Book to attempt\r\nan unencrypted connection if an encrypted connection failed. An\r\nattacker in a privileged network position could abuse this behavior\r\nto intercept CardDAV data. This issue is addressed by not downgrading\r\nto an unencrypted connection without user approval.\r\nCVE-ID\r\nCVE-2011-3444 : Bernard Desruisseaux of Oracle Corporation\r\n\r\nApache\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\r\nOS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2\r\nImpact: Multiple vulnerabilities in Apache\r\nDescription: Apache is updated to version 2.2.21 to address several\r\nvulnerabilities, the most serious of which may lead to a denial of\r\nservice. Further information is available via the Apache web site at\r\nhttp://httpd.apache.org/\r\nCVE-ID\r\nCVE-2011-3348\r\n\r\nApache\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\r\nOS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2\r\nImpact: An attacker may be able to decrypt data protected by SSL\r\nDescription: There are known attacks on the confidentiality of SSL\r\n3.0 and TLS 1.0 when a cipher suite uses a block cipher in CBC mode.\r\nApache disabled the 'empty fragment' countermeasure which prevented\r\nthese attacks. This issue is addressed by providing a configuration\r\nparameter to control the countermeasure and enabling it by default.\r\nCVE-ID\r\nCVE-2011-3389\r\n\r\nCFNetwork\r\nAvailable for: OS X Lion v10.7 to v10.7.2,\r\nOS X Lion Server v10.7 to v10.7.2\r\nImpact: Visiting a maliciously crafted website may lead to the\r\ndisclosure of sensitive information\r\nDescription: An issue existed in CFNetwork's handling of malformed\r\nURLs. When accessing a maliciously crafted URL, CFNetwork could send\r\nthe request to an incorrect origin server. This issue does not affect\r\nsystems prior to OS X Lion.\r\nCVE-ID\r\nCVE-2011-3246 : Erling Ellingsen of Facebook\r\n\r\nCFNetwork\r\nAvailable for: OS X Lion v10.7 to v10.7.2,\r\nOS X Lion Server v10.7 to v10.7.2\r\nImpact: Visiting a maliciously crafted website may lead to the\r\ndisclosure of sensitive information\r\nDescription: An issue existed in CFNetwork's handling of malformed\r\nURLs. When accessing a maliciously crafted URL, CFNetwork could send\r\nunexpected request headers. This issue does not affect systems prior\r\nto OS X Lion.\r\nCVE-ID\r\nCVE-2011-3447 : Erling Ellingsen of Facebook\r\n\r\nColorSync\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\r\nImpact: Viewing a maliciously crafted image with an embedded\r\nColorSync profile may lead to an unexpected application termination\r\nor arbitrary code execution\r\nDescription: An integer overflow existed in the handling of images\r\nwith an embedded ColorSync profile, which may lead to a heap buffer\r\noverflow. This issue does not affect OS X Lion systems.\r\nCVE-ID\r\nCVE-2011-0200 : binaryproof working with TippingPoint's Zero Day\r\nInitiative\r\n\r\nCoreAudio\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\r\nImpact: Playing maliciously crafted audio content may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A buffer overflow existed in the handling of AAC\r\nencoded audio streams. This issue does not affect OS X Lion systems.\r\nCVE-ID\r\nCVE-2011-3252 : Luigi Auriemma working with TippingPoint's Zero Day\r\nInitiative\r\n\r\nCoreMedia\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\r\nOS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2\r\nImpact: Viewing a maliciously crafted movie file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A heap buffer overflow existed in CoreMedia's handling\r\nof H.264 encoded movie files.\r\nCVE-ID\r\nCVE-2011-3448 : Scott Stender of iSEC Partners\r\n\r\nCoreText\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\r\nOS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2\r\nImpact: Viewing or downloading a document containing a maliciously\r\ncrafted embedded font may lead to an unexpected application\r\ntermination or arbitrary code execution\r\nDescription: A use after free issue existed in the handling of font\r\nfiles.\r\nCVE-ID\r\nCVE-2011-3449 : Will Dormann of the CERT/CC\r\n\r\nCoreUI\r\nAvailable for: OS X Lion v10.7 to v10.7.2,\r\nOS X Lion Server v10.7 to v10.7.2\r\nImpact: Visiting a malicious website may lead to an unexpected\r\napplication termination or arbitrary code execution\r\nDescription: An unbounded stack allocation issue existed in the\r\nhandling of long URLs. This issue does not affect systems prior to OS\r\nX Lion.\r\nCVE-ID\r\nCVE-2011-3450 : Ben Syverson\r\n\r\ncurl\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\r\nOS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2\r\nImpact: A remote server may be able to impersonate clients via\r\nGSSAPI requests\r\nDescription: When doing GSSAPI authentication, libcurl\r\nunconditionally performs credential delegation. This issue is\r\naddressed by disabling GSSAPI credential delegation.\r\nCVE-ID\r\nCVE-2011-2192\r\n\r\nData Security\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\r\nOS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2\r\nImpact: An attacker with a privileged network position may intercept\r\nuser credentials or other sensitive information\r\nDescription: Two certificate authorities in the list of trusted root\r\ncertificates have independently issued intermediate certificates to\r\nDigiCert Malaysia. DigiCert Malaysia has issued certificates with\r\nweak keys that it is unable to revoke. An attacker with a privileged\r\nnetwork position could intercept user credentials or other sensitive\r\ninformation intended for a site with a certificate issued by DigiCert\r\nMalaysia. This issue is addressed by configuring default system trust\r\nsettings so that DigiCert Malaysia's certificates are not trusted. We\r\nwould like to acknowledge Bruce Morton of Entrust, Inc. for reporting\r\nthis issue.\r\n\r\ndovecot\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\r\nOS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2\r\nImpact: An attacker may be able to decrypt data protected by SSL\r\nDescription: There are known attacks on the confidentiality of SSL\r\n3.0 and TLS 1.0 when a cipher suite uses a block cipher in CBC mode.\r\nDovecot disabled the 'empty fragment' countermeasure which prevented\r\nthese attacks. This issue is addressed by enabling the\r\ncountermeasure.\r\nCVE-ID\r\nCVE-2011-3389 : Apple\r\n\r\nfilecmds\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\r\nOS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2\r\nImpact: Decompressing a maliciously crafted compressed file may lead\r\nto an unexpected application termination or arbitrary code execution\r\nDescription: A buffer overflow existed in the 'uncompress' command\r\nline tool.\r\nCVE-ID\r\nCVE-2011-2895\r\n\r\nImageIO\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\r\nImpact: Viewing a maliciously crafted TIFF file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A buffer overflow existed in ImageIO's handling of\r\nCCITT Group 4 encoded TIFF files. This issue does not affect OS X\r\nLion systems.\r\nCVE-ID\r\nCVE-2011-0241 : Cyril CATTIAUX of Tessi Technologies\r\n\r\nImageIO\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\r\nOS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2\r\nImpact: Viewing a maliciously crafted TIFF file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A buffer overflow existed in libtiff's handling of\r\nThunderScan encoded TIFF images. This issue is address by updating\r\nlibtiff to version 3.9.5.\r\nCVE-ID\r\nCVE-2011-1167\r\n\r\nImageIO\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\r\nOS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2\r\nImpact: Multiple vulnerabilities in libpng 1.5.4\r\nDescription: libpng is updated to version 1.5.5 to address multiple\r\nvulnerabilities, the most serious of which may lead to arbitrary code\r\nexecution. Further information is available via the libpng website at\r\nhttp://www.libpng.org/pub/png/libpng.html\r\nCVE-ID\r\nCVE-2011-3328\r\n\r\nInternet Sharing\r\nAvailable for: OS X Lion v10.7 to v10.7.2,\r\nOS X Lion Server v10.7 to v10.7.2\r\nImpact: A Wi-Fi network created by Internet Sharing may lose\r\nsecurity settings after a system update\r\nDescription: After updating to a version of OS X Lion prior to\r\n10.7.3, the Wi-Fi configuration used by Internet Sharing may revert\r\nto factory defaults, which disables the WEP password. This issue only\r\naffects systems with Internet Sharing enabled and sharing the\r\nconnection to Wi-Fi. This issue is addressed by preserving the Wi-Fi\r\nconfiguration during a system update.\r\nCVE-ID\r\nCVE-2011-3452 : an anonymous researcher\r\n\r\nLibinfo\r\nAvailable for: OS X Lion v10.7 to v10.7.2,\r\nOS X Lion Server v10.7 to v10.7.2\r\nImpact: Visiting a maliciously crafted website may lead to the\r\ndisclosure of sensitive information\r\nDescription: An issue existed in Libinfo's handling of hostname\r\nlookup requests. Libinfo could return incorrect results for a\r\nmaliciously crafted hostname. This issue does not affect systems\r\nprior to OS X Lion.\r\nCVE-ID\r\nCVE-2011-3441 : Erling Ellingsen of Facebook\r\n\r\nlibresolv\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\r\nOS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2\r\nImpact: Applications that use OS X's libresolv library may be\r\nvulnerable to an unexpected application termination or arbitrary code\r\nexecution\r\nDescription: An integer overflow existed in the parsing of DNS\r\nresource records, which may lead to heap memory corruption.\r\nCVE-ID\r\nCVE-2011-3453 : Ilja van Sprundel of IOActive\r\n\r\nlibsecurity\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\r\nOS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2\r\nImpact: Some EV certificates may be trusted even if the\r\ncorresponding root has been marked as untrusted\r\nDescription: The certificate code trusted a root certificate to sign\r\nEV certificates if it was on the list of known EV issuers, even if\r\nthe user had marked it as 'Never Trust' in Keychain. The root would\r\nnot be trusted to sign non-EV certificates.\r\nCVE-ID\r\nCVE-2011-3422 : Alastair Houghton\r\n\r\nOpenGL\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\r\nOS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2\r\nImpact: Applications that use OS X's OpenGL implementation may be\r\nvulnerable to an unexpected application termination or arbitrary code\r\nexecution\r\nDescription: Multiple memory corruption issues existed in the\r\nhandling of GLSL compilation.\r\nCVE-ID\r\nCVE-2011-3457 : Chris Evans of the Google Chrome Security Team, and\r\nMarc Schoenefeld of the Red Hat Security Response Team\r\n\r\nPHP\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\r\nOS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2\r\nImpact: Multiple vulnerabilities in PHP 5.3.6\r\nDescription: PHP is updated to version 5.3.8 to address several\r\nvulnerabilities, the most serious of which may lead to arbitrary code\r\nexecution. Further information is available via the PHP web site at\r\nhttp://www.php.net\r\nCVE-ID\r\nCVE-2011-1148\r\nCVE-2011-1657\r\nCVE-2011-1938\r\nCVE-2011-2202\r\nCVE-2011-2483\r\nCVE-2011-3182\r\nCVE-2011-3189\r\nCVE-2011-3267\r\nCVE-2011-3268\r\n\r\nPHP\r\nAvailable for: OS X Lion v10.7 to v10.7.2,\r\nOS X Lion Server v10.7 to v10.7.2\r\nImpact: Viewing a maliciously crafted PDF file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A memory corruption issue existed in FreeType's\r\nhandling of Type 1 fonts. This issue is addressed by updating\r\nFreeType to version 2.4.7. Further information is available via the\r\nFreeType site at http://www.freetype.org/\r\nCVE-ID\r\nCVE-2011-3256 : Apple\r\n\r\nPHP\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\r\nOS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2\r\nImpact: Multiple vulnerabilities in libpng 1.5.4\r\nDescription: libpng is updated to version 1.5.5 to address multiple\r\nvulnerabilities, the most serious of which may lead to arbitrary code\r\nexecution. Further information is available via the libpng website at\r\nhttp://www.libpng.org/pub/png/libpng.html\r\nCVE-ID\r\nCVE-2011-3328\r\n\r\nQuickTime\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\r\nOS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2\r\nImpact: Opening a maliciously crafted MP4 encoded file may lead to\r\nan unexpected application termination or arbitrary code execution\r\nDescription: An uninitialized memory access issue existed in the\r\nhandling of MP4 encoded files.\r\nCVE-ID\r\nCVE-2011-3458 : Luigi Auriemma and pa_kt both working with\r\nTippingPoint's Zero Day Initiative\r\n\r\nQuickTime\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\r\nOS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2\r\nImpact: Viewing a maliciously crafted movie file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A signedness issue existed in the handling of font\r\ntables embedded in QuickTime movie files.\r\nCVE-ID\r\nCVE-2011-3248 : Luigi Auriemma working with TippingPoint's Zero Day\r\nInitiative\r\n\r\nQuickTime\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\r\nOS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2\r\nImpact: Viewing a maliciously crafted movie file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: An off by one buffer overflow existed in the handling\r\nof rdrf atoms in QuickTime movie files.\r\nCVE-ID\r\nCVE-2011-3459 : Luigi Auriemma working with TippingPoint's Zero Day\r\nInitiative\r\n\r\nQuickTime\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\r\nOS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2\r\nImpact: Viewing a maliciously crafted JPEG2000 image file may lead\r\nto an unexpected application termination or arbitrary code execution\r\nDescription: A buffer overflow existed in the handling of JPEG2000\r\nfiles.\r\nCVE-ID\r\nCVE-2011-3250 : Luigi Auriemma working with TippingPoint's Zero Day\r\nInitiative\r\n\r\nQuickTime\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\r\nOS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2\r\nImpact: Processing a maliciously crafted PNG image may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A buffer overflow existed in the handling of PNG files.\r\nCVE-ID\r\nCVE-2011-3460 : Luigi Auriemma working with TippingPoint's Zero Day\r\nInitiative\r\n\r\nQuickTime\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\r\nOS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2\r\nImpact: Viewing a maliciously crafted movie file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A buffer overflow existed in the handling of FLC\r\nencoded movie files\r\nCVE-ID\r\nCVE-2011-3249 : Matt 'j00ru' Jurczyk working with TippingPoint's Zero\r\nDay Initiative\r\n\r\nSquirrelMail\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\r\nImpact: Multiple vulnerabilities in SquirrelMail\r\nDescription: SquirrelMail is updated to version 1.4.22 to address\r\nseveral vulnerabilities, the most serious of which is a cross-site\r\nscripting issue. This issue does not affect OS X Lion systems.\r\nFurther information is available via the SquirrelMail web site at\r\nhttp://www.SquirrelMail.org/\r\nCVE-ID\r\nCVE-2010-1637\r\nCVE-2010-2813\r\nCVE-2010-4554\r\nCVE-2010-4555\r\nCVE-2011-2023\r\n\r\nSubversion\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\r\nOS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2\r\nImpact: Accessing a Subversion repository may lead to the disclosure\r\nof sensitive information\r\nDescription: Subversion is updated to version 1.6.17 to address\r\nmultiple vulnerabilities, the most serious of which may lead to the\r\ndisclosure of sensitive information. Further information is available\r\nvia the Subversion web site at http://subversion.tigris.org/\r\nCVE-ID\r\nCVE-2011-1752\r\nCVE-2011-1783\r\nCVE-2011-1921\r\n\r\nTime Machine\r\nAvailable for: OS X Lion v10.7 to v10.7.2,\r\nOS X Lion Server v10.7 to v10.7.2\r\nImpact: A remote attacker may access new backups created by the\r\nuser's system\r\nDescription: The user may designate a remote AFP volume or Time\r\nCapsule to be used for Time Machine backups. Time Machine did not\r\nverify that the same device was being used for subsequent backup\r\noperations. An attacker who is able to spoof the remote volume could\r\ngain access to new backups created by the user's system. This issue\r\nis addressed by verifying the unique identifier associated with a\r\ndisk for backup operations.\r\nCVE-ID\r\nCVE-2011-3462 : Michael Roitzsch of the Technische Universitat\r\nDresden\r\n\r\nTomcat\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\r\nImpact: Multiple vulnerabilities in Tomcat 6.0.32\r\nDescription: Tomcat is updated to version 6.0.33 to address multiple\r\nvulnerabilities, the most serious of which may lead to the disclosure\r\nof sensitive information. Tomcat is only provided on Mac OS X Server\r\nsystems. This issue does not affect OS X Lion systems. Further\r\ninformation is available via the Tomcat site at\r\nhttp://tomcat.apache.org/\r\nCVE-ID\r\nCVE-2011-2204\r\n\r\nWebDAV Sharing\r\nAvailable for: OS X Lion Server v10.7 to v10.7.2\r\nImpact: Local users may obtain system privileges\r\nDescription: An issue existed in WebDAV Sharing's handling of user\r\nauthentication. A user with a valid account on the server or one of\r\nits bound directories could cause the execution of arbitrary code\r\nwith system privileges. This issue does not affect systems prior to\r\nOS X Lion.\r\nCVE-ID\r\nCVE-2011-3463 : Gordon Davisson of Crywolf\r\n\r\nWebmail\r\nAvailable for: OS X Lion v10.7 to v10.7.2,\r\nOS X Lion Server v10.7 to v10.7.2\r\nImpact: Viewing a maliciously crafted e-mail message may lead to the\r\ndisclosure of message content\r\nDescription: A cross-site scripting vulnerability existed in the\r\nhandling of mail messages. This issue is addressed by updating\r\nRoundcube Webmail to version 0.6. This issue does not affect systems\r\nprior to OS X Lion. Further information is available via the\r\nRoundcube site at http://trac.roundcube.net/\r\nCVE-ID\r\nCVE-2011-2937\r\n\r\nX11\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\r\nOS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2\r\nImpact: Viewing a maliciously crafted PDF file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A memory corruption issue existed in FreeType's\r\nhandling of Type 1 fonts. This issue is addressed by updating\r\nFreeType to version 2.4.7. Further information is available via the\r\nFreeType site at http://www.freetype.org/\r\nCVE-ID\r\nCVE-2011-3256 : Apple\r\n\r\nOS X Lion v10.7.3 and Security Update 2012-001 may be obtained from\r\nthe Software Update pane in System Preferences, or Apple's Software\r\nDownloads web site:\r\nhttp://www.apple.com/support/downloads/\r\n\r\nThe Software Update utility will present the update that applies\r\nto your system configuration. Only one is needed, either\r\nSecurity Update 2021-001 or OS X v10.7.3.\r\n\r\nFor OS X Lion v10.7.2\r\nThe download file is named: MacOSXUpd10.7.3.dmg\r\nIts SHA-1 digest is: 7102fe8f9f47286c45dfa35f6e84e7f730493a7c\r\n\r\nFor OS X Lion v10.7 and v10.7.1\r\nThe download file is named: MacOSXUpdCombo10.7.3.dmg\r\nIts SHA-1 digest is: 07dfce300f6801eb63d9ac13e0bec84e1862a16c\r\n\r\nFor OS X Lion Server v10.7.2\r\nThe download file is named: MacOSXServerUpd10.7.3.dmg\r\nIts SHA-1 digest is: 55a9571635d4ec088c142d68132d0d69fcb8867d\r\n\r\nFor OS X Lion Server v10.7 and v10.7.1\r\nThe download file is named: MacOSXServerUpdCombo10.7.3.dmg\r\nIts SHA-1 digest is: 2c87824f09734499ea166ea0617a3ac21ecf832b\r\n\r\nFor Mac OS X v10.6.8\r\nThe download file is named: SecUpd2012-001Snow.dmg\r\nIts SHA-1 digest is: 40875ee8cb609bbaefc8f421a9c34cc353db42b8\r\n\r\nFor Mac OS X Server v10.6.8\r\nThe download file is named: SecUpdSrvr2012-001.dmg\r\nIts SHA-1 digest is: 53b3ca5548001a9920aeabed4a034c6e4657fe20\r\n\r\nInformation will also be posted to the Apple Security Updates\r\nweb site: http://support.apple.com/kb/HT1222\r\n\r\nThis message is signed with Apple's Product Security PGP key,\r\nand details are available at:\r\nhttps://www.apple.com/support/security/pgp/\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG/MacGPG2 v2.0.16 (Darwin)\r\n\r\niQEcBAEBAgAGBQJPKYxNAAoJEGnF2JsdZQeeLiIIAMLhH2ipDFrhCsw/n4VDeF1V\r\nP6jSkGXC9tBBVMvw1Xq4c2ok4SI34bDfMlURAVR+dde/h6nIZR24aLQVoDLjJuIp\r\nRrO2dm1nQeozLJSx2NbxhVh54BucJdKp4xS1GkDNxkqcdh04RE9hRURXdKagnfGy\r\n9P8QQPOQmKAiWos/LYhCPDInMfrpVNvEVwP8MCDP15g6hylN4De/Oyt7ZshPshSf\r\nMnAFObfBTGX5KioVqTyfdlBkKUfdXHJux61QEFHn8eadX6+/6IuKbUvK9B0icc8E\r\npvbjOxQatFRps0KNWeIsKQc5i6iQoJhocAiIy6Y6LCuZQuSXCImY2RWXkVYzbWo=\r\n=c1eU\r\n-----END PGP SIGNATURE-----\r\n", "edition": 1, "modified": "2012-02-03T00:00:00", "published": "2012-02-03T00:00:00", "id": "SECURITYVULNS:DOC:27600", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:27600", "title": "APPLE-SA-2012-02-01-1 OS X Lion v10.7.3 and Security Update 2012-001", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "centos": [{"lastseen": "2019-12-20T18:28:17", "bulletinFamily": "unix", "cvelist": ["CVE-2011-1783", "CVE-2011-1752", "CVE-2011-1921"], "description": "**CentOS Errata and Security Advisory** CESA-2011:0862\n\n\nSubversion (SVN) is a concurrent version control system which enables one\nor more users to collaborate in developing and maintaining a hierarchy of\nfiles and directories while keeping a history of all changes. The\nmod_dav_svn module is used with the Apache HTTP Server to allow access to\nSubversion repositories via HTTP.\n\nAn infinite loop flaw was found in the way the mod_dav_svn module processed\ncertain data sets. If the SVNPathAuthz directive was set to\n\"short_circuit\", and path-based access control for files and directories\nwas enabled, a malicious, remote user could use this flaw to cause the\nhttpd process serving the request to consume an excessive amount of system\nmemory. (CVE-2011-1783)\n\nA NULL pointer dereference flaw was found in the way the mod_dav_svn module\nprocessed requests submitted against the URL of a baselined resource. A\nmalicious, remote user could use this flaw to cause the httpd process\nserving the request to crash. (CVE-2011-1752)\n\nAn information disclosure flaw was found in the way the mod_dav_svn\nmodule processed certain URLs when path-based access control for files and\ndirectories was enabled. A malicious, remote user could possibly use this\nflaw to access certain files in a repository that would otherwise not be\naccessible to them. Note: This vulnerability cannot be triggered if the\nSVNPathAuthz directive is set to \"short_circuit\". (CVE-2011-1921)\n\nRed Hat would like to thank the Apache Subversion project for reporting\nthese issues. Upstream acknowledges Joe Schaefer of the Apache Software\nFoundation as the original reporter of CVE-2011-1752; Ivan Zhakov of\nVisualSVN as the original reporter of CVE-2011-1783; and Kamesh\nJayachandran of CollabNet, Inc. as the original reporter of CVE-2011-1921.\n\nAll Subversion users should upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing the\nupdated packages, you must restart the httpd daemon, if you are using\nmod_dav_svn, for the update to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2011-June/029651.html\nhttp://lists.centos.org/pipermail/centos-announce/2011-June/029652.html\n\n**Affected packages:**\nmod_dav_svn\nsubversion\nsubversion-devel\nsubversion-javahl\nsubversion-perl\nsubversion-ruby\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2011-0862.html", "edition": 3, "modified": "2011-06-08T22:32:53", "published": "2011-06-08T22:32:53", "href": "http://lists.centos.org/pipermail/centos-announce/2011-June/029651.html", "id": "CESA-2011:0862", "title": "mod_dav_svn, subversion security update", "type": "centos", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-12-20T18:25:28", "bulletinFamily": "unix", "cvelist": ["CVE-2011-1752"], "description": "**CentOS Errata and Security Advisory** CESA-2011:0861\n\n\nSubversion (SVN) is a concurrent version control system which enables one\nor more users to collaborate in developing and maintaining a hierarchy of\nfiles and directories while keeping a history of all changes. The\nmod_dav_svn module is used with the Apache HTTP Server to allow access to\nSubversion repositories via HTTP.\n\nA NULL pointer dereference flaw was found in the way the mod_dav_svn module\nprocessed requests submitted against the URL of a baselined resource. A\nmalicious, remote user could use this flaw to cause the httpd process\nserving the request to crash. (CVE-2011-1752)\n\nRed Hat would like to thank the Apache Subversion project for reporting\nthis issue. Upstream acknowledges Joe Schaefer of the Apache Software\nFoundation as the original reporter.\n\nAll Subversion users should upgrade to these updated packages, which\ncontain a backported patch to correct this issue. After installing the\nupdated packages, you must restart the httpd daemon, if you are using\nmod_dav_svn, for the update to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2011-August/029713.html\nhttp://lists.centos.org/pipermail/centos-announce/2011-August/029714.html\n\n**Affected packages:**\nmod_dav_svn\nsubversion\nsubversion-devel\nsubversion-perl\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2011-0861.html", "edition": 3, "modified": "2011-08-14T21:22:10", "published": "2011-08-14T21:21:35", "href": "http://lists.centos.org/pipermail/centos-announce/2011-August/029713.html", "id": "CESA-2011:0861", "title": "mod_dav_svn, subversion security update", "type": "centos", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "ubuntu": [{"lastseen": "2020-07-09T00:28:02", "bulletinFamily": "unix", "cvelist": ["CVE-2011-1783", "CVE-2011-1752", "CVE-2011-1921"], "description": "Joe Schaefer discovered that the Subversion mod_dav_svn module for Apache \ndid not properly handle certain baselined WebDAV resource requests. A \nremote attacker could use this flaw to cause the service to crash, leading \nto a denial of service. (CVE-2011-1752)\n\nIvan Zhakov discovered that the Subversion mod_dav_svn module for Apache \ndid not properly handle certain requests. A remote attacker could use this \nflaw to cause the service to consume all available resources, leading to a \ndenial of service. (CVE-2011-1783)\n\nKamesh Jayachandran discovered that the Subversion mod_dav_svn module for \nApache did not properly handle access control in certain situations. A \nremote user could use this flaw to gain access to files that would \notherwise be unreadable. (CVE-2011-1921)", "edition": 5, "modified": "2011-06-06T00:00:00", "published": "2011-06-06T00:00:00", "id": "USN-1144-1", "href": "https://ubuntu.com/security/notices/USN-1144-1", "title": "Subversion vulnerabilities", "type": "ubuntu", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "suse": [{"lastseen": "2016-09-04T12:03:49", "bulletinFamily": "unix", "cvelist": ["CVE-2011-1783", "CVE-2011-1752", "CVE-2011-1921"], "description": "Subversion was updated to version 1.6.17 to fix several\n security issues:\n\n - CVE-2011-1752: The mod_dav_svn Apache HTTPD server\n module can be crashed though when asked to deliver\n baselined WebDAV resources.\n - CVE-2011-1783: The mod_dav_svn Apache HTTPD server module\n can trigger a loop which consumes all available memory on\n the system.\n - CVE-2011-1921: The mod_dav_svn Apache HTTPD server module\n may leak to remote users the file contents of files\n configured to be unreadable by those users.\n\n", "edition": 1, "modified": "2011-06-24T21:08:24", "published": "2011-06-24T21:08:24", "id": "OPENSUSE-SU-2011:0695-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2011-06/msg00012.html", "title": "subversion: security udpate (important)", "type": "suse", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2016-09-04T12:25:39", "bulletinFamily": "unix", "cvelist": ["CVE-2011-1783", "CVE-2011-1752", "CVE-2011-1921", "CVE-2011-0715"], "description": "Subversion was updated to fix several security issues:\n\n * CVE-2011-1752: The mod_dav_svn Apache HTTPD server\n module can be crashed though when asked to deliver\n baselined WebDAV resources.\n * CVE-2011-1783: The mod_dav_svn Apache HTTPD server\n module can trigger a loop which consumes all available\n memory on the system.\n * CVE-2011-1921: The mod_dav_svn Apache HTTPD server\n module may leak to remote users the file contents of files\n configured to be unreadable by those users.\n * CVE-2011-0715: Remote attackers could crash an svn\n server by causing a NULL deref\n", "edition": 1, "modified": "2011-06-24T20:08:19", "published": "2011-06-24T20:08:19", "id": "SUSE-SU-2011:0691-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2011-06/msg00009.html", "type": "suse", "title": "subversion (important)", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2016-09-04T11:50:20", "bulletinFamily": "unix", "cvelist": ["CVE-2011-1783", "CVE-2011-1752", "CVE-2011-1921", "CVE-2011-0715"], "description": "- CVE-2011-1752: The mod_dav_svn Apache HTTPD server\n module can be crashed though when asked to deliver\n baselined WebDAV resources.\n - CVE-2011-1783: The mod_dav_svn Apache HTTPD server module\n can trigger a loop which consumes all available memory on\n the system.\n - CVE-2011-1921: The mod_dav_svn Apache HTTPD server module\n may leak to remote users the file contents of files\n configured to be unreadable by those users.\n - CVE-2011-0715: Remote attackers could crash an svn server\n by causing a NULL deref\n\n", "edition": 1, "modified": "2011-06-24T21:08:19", "published": "2011-06-24T21:08:19", "id": "OPENSUSE-SU-2011:0693-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2011-06/msg00011.html", "title": "subversion security udpate (important)", "type": "suse", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2016-09-04T11:28:45", "bulletinFamily": "unix", "cvelist": ["CVE-2011-1783", "CVE-2011-1752", "CVE-2011-0715"], "description": "Subversion was updated to fix several security issues:\n\n * CVE-2011-1752: The mod_dav_svn Apache HTTPD server\n module can be crashed though when asked to deliver\n baselined WebDAV resources.\n * CVE-2011-1783: The mod_dav_svn Apache HTTPD server\n module can trigger a loop which consumes all available\n memory on the system.\n * CVE-2011-0715: Remote attackers could crash an svn\n server by causing a NULL deref\n", "edition": 1, "modified": "2011-06-24T21:08:14", "published": "2011-06-24T21:08:14", "href": "http://lists.opensuse.org/opensuse-security-announce/2011-06/msg00010.html", "id": "SUSE-SU-2011:0692-1", "title": "subversion (important)", "type": "suse", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "nessus": [{"lastseen": "2021-01-17T13:09:21", "description": "Updated subversion packages that fix three security issues are now\navailable for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nSubversion (SVN) is a concurrent version control system which enables\none or more users to collaborate in developing and maintaining a\nhierarchy of files and directories while keeping a history of all\nchanges. The mod_dav_svn module is used with the Apache HTTP Server to\nallow access to Subversion repositories via HTTP.\n\nAn infinite loop flaw was found in the way the mod_dav_svn module\nprocessed certain data sets. If the SVNPathAuthz directive was set to\n'short_circuit', and path-based access control for files and\ndirectories was enabled, a malicious, remote user could use this flaw\nto cause the httpd process serving the request to consume an excessive\namount of system memory. (CVE-2011-1783)\n\nA NULL pointer dereference flaw was found in the way the mod_dav_svn\nmodule processed requests submitted against the URL of a baselined\nresource. A malicious, remote user could use this flaw to cause the\nhttpd process serving the request to crash. (CVE-2011-1752)\n\nAn information disclosure flaw was found in the way the mod_dav_svn\nmodule processed certain URLs when path-based access control for files\nand directories was enabled. A malicious, remote user could possibly\nuse this flaw to access certain files in a repository that would\notherwise not be accessible to them. Note: This vulnerability cannot\nbe triggered if the SVNPathAuthz directive is set to 'short_circuit'.\n(CVE-2011-1921)\n\nRed Hat would like to thank the Apache Subversion project for\nreporting these issues. Upstream acknowledges Joe Schaefer of the\nApache Software Foundation as the original reporter of CVE-2011-1752;\nIvan Zhakov of VisualSVN as the original reporter of CVE-2011-1783;\nand Kamesh Jayachandran of CollabNet, Inc. as the original reporter of\nCVE-2011-1921.\n\nAll Subversion users should upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing\nthe updated packages, you must restart the httpd daemon, if you are\nusing mod_dav_svn, for the update to take effect.", "edition": 28, "published": "2011-06-09T00:00:00", "title": "RHEL 5 / 6 : subversion (RHSA-2011:0862)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1783", "CVE-2011-1752", "CVE-2011-1921"], "modified": "2011-06-09T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:subversion-ruby", "cpe:/o:redhat:enterprise_linux:5", "p-cpe:/a:redhat:enterprise_linux:subversion", "p-cpe:/a:redhat:enterprise_linux:mod_dav_svn", "p-cpe:/a:redhat:enterprise_linux:subversion-perl", "cpe:/o:redhat:enterprise_linux:6.1", "p-cpe:/a:redhat:enterprise_linux:subversion-gnome", "p-cpe:/a:redhat:enterprise_linux:subversion-javahl", "p-cpe:/a:redhat:enterprise_linux:subversion-debuginfo", "p-cpe:/a:redhat:enterprise_linux:subversion-devel", "cpe:/o:redhat:enterprise_linux:5.6", "p-cpe:/a:redhat:enterprise_linux:subversion-kde", "p-cpe:/a:redhat:enterprise_linux:subversion-svn2cl", "cpe:/o:redhat:enterprise_linux:6"], "id": "REDHAT-RHSA-2011-0862.NASL", "href": "https://www.tenable.com/plugins/nessus/55016", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2011:0862. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(55016);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-1752\", \"CVE-2011-1783\", \"CVE-2011-1921\");\n script_bugtraq_id(48091);\n script_xref(name:\"RHSA\", value:\"2011:0862\");\n\n script_name(english:\"RHEL 5 / 6 : subversion (RHSA-2011:0862)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated subversion packages that fix three security issues are now\navailable for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nSubversion (SVN) is a concurrent version control system which enables\none or more users to collaborate in developing and maintaining a\nhierarchy of files and directories while keeping a history of all\nchanges. The mod_dav_svn module is used with the Apache HTTP Server to\nallow access to Subversion repositories via HTTP.\n\nAn infinite loop flaw was found in the way the mod_dav_svn module\nprocessed certain data sets. If the SVNPathAuthz directive was set to\n'short_circuit', and path-based access control for files and\ndirectories was enabled, a malicious, remote user could use this flaw\nto cause the httpd process serving the request to consume an excessive\namount of system memory. (CVE-2011-1783)\n\nA NULL pointer dereference flaw was found in the way the mod_dav_svn\nmodule processed requests submitted against the URL of a baselined\nresource. A malicious, remote user could use this flaw to cause the\nhttpd process serving the request to crash. (CVE-2011-1752)\n\nAn information disclosure flaw was found in the way the mod_dav_svn\nmodule processed certain URLs when path-based access control for files\nand directories was enabled. A malicious, remote user could possibly\nuse this flaw to access certain files in a repository that would\notherwise not be accessible to them. Note: This vulnerability cannot\nbe triggered if the SVNPathAuthz directive is set to 'short_circuit'.\n(CVE-2011-1921)\n\nRed Hat would like to thank the Apache Subversion project for\nreporting these issues. Upstream acknowledges Joe Schaefer of the\nApache Software Foundation as the original reporter of CVE-2011-1752;\nIvan Zhakov of VisualSVN as the original reporter of CVE-2011-1783;\nand Kamesh Jayachandran of CollabNet, Inc. as the original reporter of\nCVE-2011-1921.\n\nAll Subversion users should upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing\nthe updated packages, you must restart the httpd daemon, if you are\nusing mod_dav_svn, for the update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-1752\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-1783\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-1921\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://subversion.apache.org/security/CVE-2011-1783-advisory.txt\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://subversion.apache.org/security/CVE-2011-1752-advisory.txt\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://subversion.apache.org/security/CVE-2011-1921-advisory.txt\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2011:0862\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mod_dav_svn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:subversion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:subversion-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:subversion-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:subversion-gnome\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:subversion-javahl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:subversion-kde\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:subversion-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:subversion-ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:subversion-svn2cl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/06/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/06/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/06/09\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x / 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2011:0862\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"mod_dav_svn-1.6.11-7.el5_6.4\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"mod_dav_svn-1.6.11-7.el5_6.4\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"mod_dav_svn-1.6.11-7.el5_6.4\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"subversion-1.6.11-7.el5_6.4\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"subversion-devel-1.6.11-7.el5_6.4\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"subversion-javahl-1.6.11-7.el5_6.4\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"subversion-javahl-1.6.11-7.el5_6.4\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"subversion-javahl-1.6.11-7.el5_6.4\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"subversion-perl-1.6.11-7.el5_6.4\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"subversion-perl-1.6.11-7.el5_6.4\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"subversion-perl-1.6.11-7.el5_6.4\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"subversion-ruby-1.6.11-7.el5_6.4\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"subversion-ruby-1.6.11-7.el5_6.4\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"subversion-ruby-1.6.11-7.el5_6.4\")) flag++;\n\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"mod_dav_svn-1.6.11-2.el6_1.4\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"mod_dav_svn-1.6.11-2.el6_1.4\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"mod_dav_svn-1.6.11-2.el6_1.4\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"subversion-1.6.11-2.el6_1.4\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"subversion-debuginfo-1.6.11-2.el6_1.4\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"subversion-devel-1.6.11-2.el6_1.4\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"subversion-gnome-1.6.11-2.el6_1.4\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"subversion-javahl-1.6.11-2.el6_1.4\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"subversion-kde-1.6.11-2.el6_1.4\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"subversion-perl-1.6.11-2.el6_1.4\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"subversion-ruby-1.6.11-2.el6_1.4\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"subversion-svn2cl-1.6.11-2.el6_1.4\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mod_dav_svn / subversion / subversion-debuginfo / subversion-devel / etc\");\n }\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-12T10:09:44", "description": "This update includes the latest release of Subversion, fixing three\nsecurity issues :\n\nAn infinite loop flaw was found in the way the mod_dav_svn module\nprocessed certain data sets. If the SVNPathAuthz directive was set to\n'short_circuit', and path-based access control for files and\ndirectories was enabled, a malicious, remote user could use this flaw\nto cause the httpd process serving the request to consume an excessive\namount of system memory. (CVE-2011-1783)\n\nA NULL pointer dereference flaw was found in the way the mod_dav_svn\nmodule processed requests submitted against the URL of a baselined\nresource. A malicious, remote user could use this flaw to cause the\nhttpd process serving the request to crash. (CVE-2011-1752)\n\nAn information disclosure flaw was found in the way the mod_dav_svn\nmodule processed certain URLs when path-based access control for files\nand directories was enabled. A malicious, remote user could possibly\nuse this flaw to access certain files in a repository that would\notherwise not be accessible to them. Note: This vulnerability cannot\nbe triggered if the SVNPathAuthz directive is set to 'short_circuit'.\n(CVE-2011-1921)\n\nThe Fedora Project would like to thank the Apache Subversion project\nfor reporting these issues. Upstream acknowledges Joe Schaefer of the\nApache Software Foundation as the original reporter of CVE-2011-1752;\nIvan Zhakov of VisualSVN as the original reporter of CVE-2011-1783;\nand Kamesh Jayachandran of CollabNet, Inc. as the original reporter of\nCVE-2011-1921.\n\nThe following bugs are also fixed in this release :\n\n - make 'blame -g' more efficient on with large mergeinfo\n\n - preserve log message with a non-zero editor exit\n\n - fix FSFS cache performance on 64-bit platforms\n\n - make svn cleanup tolerate obstructed directories\n\n - fix deadlock in multithreaded servers serving FSFS\n repositories\n\n - detect very occasional corruption and abort commit\n\n - fixed: file externals cause non-inheritable mergeinfo\n\n - fixed: file externals cause mixed-revision working\n copies\n\n - fixed: write-through proxy could direcly commit to\n slave\n\n - detect a particular corruption condition in FSFS\n\n - improve error message when clients refer to unkown\n revisions\n\n - bugfixes and optimizations to the DAV mirroring code\n\n - fixed: locked and deleted file causes tree conflict\n\n - fixed: update touches locked file with svn:keywords\n property\n\n - fix svnsync handling of directory copyfrom\n\n - fix 'log -g' excessive duplicate output\n\n - fix svnsync copyfrom handling bug with BDB\n\n - server-side validation of svn:mergeinfo syntax during\n commit\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 25, "published": "2011-06-24T00:00:00", "title": "Fedora 15 : subversion-1.6.17-1.fc15 (2011-8352)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1783", "CVE-2011-1752", "CVE-2011-1921"], "modified": "2011-06-24T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:subversion", "cpe:/o:fedoraproject:fedora:15"], "id": "FEDORA_2011-8352.NASL", "href": "https://www.tenable.com/plugins/nessus/55412", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2011-8352.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(55412);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2011-1752\", \"CVE-2011-1783\", \"CVE-2011-1921\");\n script_bugtraq_id(48091);\n script_xref(name:\"FEDORA\", value:\"2011-8352\");\n\n script_name(english:\"Fedora 15 : subversion-1.6.17-1.fc15 (2011-8352)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update includes the latest release of Subversion, fixing three\nsecurity issues :\n\nAn infinite loop flaw was found in the way the mod_dav_svn module\nprocessed certain data sets. If the SVNPathAuthz directive was set to\n'short_circuit', and path-based access control for files and\ndirectories was enabled, a malicious, remote user could use this flaw\nto cause the httpd process serving the request to consume an excessive\namount of system memory. (CVE-2011-1783)\n\nA NULL pointer dereference flaw was found in the way the mod_dav_svn\nmodule processed requests submitted against the URL of a baselined\nresource. A malicious, remote user could use this flaw to cause the\nhttpd process serving the request to crash. (CVE-2011-1752)\n\nAn information disclosure flaw was found in the way the mod_dav_svn\nmodule processed certain URLs when path-based access control for files\nand directories was enabled. A malicious, remote user could possibly\nuse this flaw to access certain files in a repository that would\notherwise not be accessible to them. Note: This vulnerability cannot\nbe triggered if the SVNPathAuthz directive is set to 'short_circuit'.\n(CVE-2011-1921)\n\nThe Fedora Project would like to thank the Apache Subversion project\nfor reporting these issues. Upstream acknowledges Joe Schaefer of the\nApache Software Foundation as the original reporter of CVE-2011-1752;\nIvan Zhakov of VisualSVN as the original reporter of CVE-2011-1783;\nand Kamesh Jayachandran of CollabNet, Inc. as the original reporter of\nCVE-2011-1921.\n\nThe following bugs are also fixed in this release :\n\n - make 'blame -g' more efficient on with large mergeinfo\n\n - preserve log message with a non-zero editor exit\n\n - fix FSFS cache performance on 64-bit platforms\n\n - make svn cleanup tolerate obstructed directories\n\n - fix deadlock in multithreaded servers serving FSFS\n repositories\n\n - detect very occasional corruption and abort commit\n\n - fixed: file externals cause non-inheritable mergeinfo\n\n - fixed: file externals cause mixed-revision working\n copies\n\n - fixed: write-through proxy could direcly commit to\n slave\n\n - detect a particular corruption condition in FSFS\n\n - improve error message when clients refer to unkown\n revisions\n\n - bugfixes and optimizations to the DAV mirroring code\n\n - fixed: locked and deleted file causes tree conflict\n\n - fixed: update touches locked file with svn:keywords\n property\n\n - fix svnsync handling of directory copyfrom\n\n - fix 'log -g' excessive duplicate output\n\n - fix svnsync copyfrom handling bug with BDB\n\n - server-side validation of svn:mergeinfo syntax during\n commit\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=709952\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-June/061913.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?150bde97\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected subversion package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:subversion\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:15\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/06/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/06/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/06/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^15([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 15.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC15\", reference:\"subversion-1.6.17-1.fc15\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"subversion\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-17T13:45:45", "description": "Subversion (SVN) is a concurrent version control system which enables\none or more users to collaborate in developing and maintaining a\nhierarchy of files and directories while keeping a history of all\nchanges. The mod_dav_svn module is used with the Apache HTTP Server to\nallow access to Subversion repositories via HTTP.\n\nAn infinite loop flaw was found in the way the mod_dav_svn module\nprocessed certain data sets. If the SVNPathAuthz directive was set to\n'short_circuit', and path-based access control for files and\ndirectories was enabled, a malicious, remote user could use this flaw\nto cause the httpd process serving the request to consume an excessive\namount of system memory. (CVE-2011-1783)\n\nA NULL pointer dereference flaw was found in the way the mod_dav_svn\nmodule processed requests submitted against the URL of a baselined\nresource. A malicious, remote user could use this flaw to cause the\nhttpd process serving the request to crash. (CVE-2011-1752)\n\nAn information disclosure flaw was found in the way the mod_dav_svn\nmodule processed certain URLs when path-based access control for files\nand directories was enabled. A malicious, remote user could possibly\nuse this flaw to access certain files in a repository that would\notherwise not be accessible to them. Note: This vulnerability cannot\nbe triggered if the SVNPathAuthz directive is set to 'short_circuit'.\n(CVE-2011-1921)\n\nAll Subversion users should upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing\nthe updated packages, you must restart the httpd daemon, if you are\nusing mod_dav_svn, for the update to take effect.", "edition": 25, "published": "2012-08-01T00:00:00", "title": "Scientific Linux Security Update : subversion on SL5.x, SL6.x i386/x86_64", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1783", "CVE-2011-1752", "CVE-2011-1921"], "modified": "2012-08-01T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20110608_SUBVERSION_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/nessus/61067", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(61067);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-1752\", \"CVE-2011-1783\", \"CVE-2011-1921\");\n\n script_name(english:\"Scientific Linux Security Update : subversion on SL5.x, SL6.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Subversion (SVN) is a concurrent version control system which enables\none or more users to collaborate in developing and maintaining a\nhierarchy of files and directories while keeping a history of all\nchanges. The mod_dav_svn module is used with the Apache HTTP Server to\nallow access to Subversion repositories via HTTP.\n\nAn infinite loop flaw was found in the way the mod_dav_svn module\nprocessed certain data sets. If the SVNPathAuthz directive was set to\n'short_circuit', and path-based access control for files and\ndirectories was enabled, a malicious, remote user could use this flaw\nto cause the httpd process serving the request to consume an excessive\namount of system memory. (CVE-2011-1783)\n\nA NULL pointer dereference flaw was found in the way the mod_dav_svn\nmodule processed requests submitted against the URL of a baselined\nresource. A malicious, remote user could use this flaw to cause the\nhttpd process serving the request to crash. (CVE-2011-1752)\n\nAn information disclosure flaw was found in the way the mod_dav_svn\nmodule processed certain URLs when path-based access control for files\nand directories was enabled. A malicious, remote user could possibly\nuse this flaw to access certain files in a repository that would\notherwise not be accessible to them. Note: This vulnerability cannot\nbe triggered if the SVNPathAuthz directive is set to 'short_circuit'.\n(CVE-2011-1921)\n\nAll Subversion users should upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing\nthe updated packages, you must restart the httpd daemon, if you are\nusing mod_dav_svn, for the update to take effect.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1106&L=scientific-linux-errata&T=0&P=3110\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4fdd5b2d\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/06/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"mod_dav_svn-1.6.11-7.el5_6.4\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"subversion-1.6.11-7.el5_6.4\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"subversion-debuginfo-1.6.11-7.el5_6.4\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"subversion-devel-1.6.11-7.el5_6.4\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"subversion-javahl-1.6.11-7.el5_6.4\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"subversion-perl-1.6.11-7.el5_6.4\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"subversion-ruby-1.6.11-7.el5_6.4\")) flag++;\n\nif (rpm_check(release:\"SL6\", reference:\"mod_dav_svn-1.6.11-2.el6_1.4\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"subversion-1.6.11-2.el6_1.4\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"subversion-debuginfo-1.6.11-2.el6_1.4\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"subversion-devel-1.6.11-2.el6_1.4\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"subversion-gnome-1.6.11-2.el6_1.4\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"subversion-javahl-1.6.11-2.el6_1.4\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"subversion-kde-1.6.11-2.el6_1.4\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"subversion-perl-1.6.11-2.el6_1.4\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"subversion-ruby-1.6.11-2.el6_1.4\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-07T10:50:53", "description": "Subversion team reports :\n\nSubversion's mod_dav_svn Apache HTTPD server module will dereference a\nNULL pointer if asked to deliver baselined WebDAV resources.\n\nThis can lead to a DoS. An exploit has been tested, and tools or users\nhave been observed triggering this problem in the wild.\n\nSubversion's mod_dav_svn Apache HTTPD server module may in certain\nscenarios enter a logic loop which does not exit and which allocates\nmemory in each iteration, ultimately exhausting all the available\nmemory on the server.\n\nThis can lead to a DoS. There are no known instances of this problem\nbeing observed in the wild, but an exploit has been tested.\n\nSubversion's mod_dav_svn Apache HTTPD server module may leak to remote\nusers the file contents of files configured to be unreadable by those\nusers.\n\nThere are no known instances of this problem being observed in the\nwild, but an exploit has been tested.", "edition": 25, "published": "2011-06-03T00:00:00", "title": "FreeBSD : Subversion -- multiple vulnerabilities (e27a1af3-8d21-11e0-a45d-001e8c75030d)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1783", "CVE-2011-1752", "CVE-2011-1921"], "modified": "2011-06-03T00:00:00", "cpe": ["cpe:/o:freebsd:freebsd", "p-cpe:/a:freebsd:freebsd:subversion", "p-cpe:/a:freebsd:freebsd:subversion-freebsd"], "id": "FREEBSD_PKG_E27A1AF38D2111E0A45D001E8C75030D.NASL", "href": "https://www.tenable.com/plugins/nessus/54952", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(54952);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2011-1752\", \"CVE-2011-1783\", \"CVE-2011-1921\");\n\n script_name(english:\"FreeBSD : Subversion -- multiple vulnerabilities (e27a1af3-8d21-11e0-a45d-001e8c75030d)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Subversion team reports :\n\nSubversion's mod_dav_svn Apache HTTPD server module will dereference a\nNULL pointer if asked to deliver baselined WebDAV resources.\n\nThis can lead to a DoS. An exploit has been tested, and tools or users\nhave been observed triggering this problem in the wild.\n\nSubversion's mod_dav_svn Apache HTTPD server module may in certain\nscenarios enter a logic loop which does not exit and which allocates\nmemory in each iteration, ultimately exhausting all the available\nmemory on the server.\n\nThis can lead to a DoS. There are no known instances of this problem\nbeing observed in the wild, but an exploit has been tested.\n\nSubversion's mod_dav_svn Apache HTTPD server module may leak to remote\nusers the file contents of files configured to be unreadable by those\nusers.\n\nThere are no known instances of this problem being observed in the\nwild, but an exploit has been tested.\"\n );\n # https://vuxml.freebsd.org/freebsd/e27a1af3-8d21-11e0-a45d-001e8c75030d.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?92960a5d\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:subversion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:subversion-freebsd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/05/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/06/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/06/03\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"subversion<1.6.17\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"subversion-freebsd<1.6.17\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-07T11:53:19", "description": "Multiple vulnerabilities were discovered and corrected in subversion :\n\nThe mod_dav_svn Apache HTTPD server module will dereference a NULL\npointer if asked to deliver baselined WebDAV resources which can lead\nto a DoS (Denial Of Service) (CVE-2011-1752).\n\nThe mod_dav_svn Apache HTTPD server module may in certain cenarios\nenter a logic loop which does not exit and which allocates emory in\neach iteration, ultimately exhausting all the available emory on the\nserver which can lead to a DoS (Denial Of Service) (CVE-2011-1783).\n\nThe mod_dav_svn Apache HTTPD server module may leak to remote users\nthe file contents of files configured to be unreadable by those users\n(CVE-2011-1921).\n\nPackages for 2009.0 are provided as of the Extended Maintenance\nProgram. Please visit this link to learn more:\nhttp://store.mandriva.com/product_info.php?cPath=149 products_id=490\n\nThe updated packages have been upgraded to the 1.6.17 version which is\nnot vulnerable to these issues.", "edition": 25, "published": "2011-06-06T00:00:00", "title": "Mandriva Linux Security Advisory : subversion (MDVSA-2011:106)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1783", "CVE-2011-1752", "CVE-2011-1921"], "modified": "2011-06-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:subversion", "cpe:/o:mandriva:linux:2009.0", "p-cpe:/a:mandriva:linux:ruby-svn", "p-cpe:/a:mandriva:linux:apache-mod_dav_svn", "p-cpe:/a:mandriva:linux:subversion-doc", "p-cpe:/a:mandriva:linux:lib64svnjavahl1", "p-cpe:/a:mandriva:linux:subversion-devel", "p-cpe:/a:mandriva:linux:libsvnjavahl1", "p-cpe:/a:mandriva:linux:lib64svn-gnome-keyring0", "p-cpe:/a:mandriva:linux:lib64svn-kwallet0", "p-cpe:/a:mandriva:linux:subversion-tools", "p-cpe:/a:mandriva:linux:svn-javahl", "p-cpe:/a:mandriva:linux:libsvn-kwallet0", "p-cpe:/a:mandriva:linux:libsvn0", "cpe:/o:mandriva:linux:2010.1", "p-cpe:/a:mandriva:linux:python-svn", "p-cpe:/a:mandriva:linux:libsvn-gnome-keyring0", "p-cpe:/a:mandriva:linux:perl-SVN", "p-cpe:/a:mandriva:linux:lib64svn0", "p-cpe:/a:mandriva:linux:apache-mod_dontdothat", "p-cpe:/a:mandriva:linux:subversion-server"], "id": "MANDRIVA_MDVSA-2011-106.NASL", "href": "https://www.tenable.com/plugins/nessus/54964", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2011:106. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(54964);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2011-1752\", \"CVE-2011-1783\", \"CVE-2011-1921\");\n script_bugtraq_id(48091);\n script_xref(name:\"MDVSA\", value:\"2011:106\");\n\n script_name(english:\"Mandriva Linux Security Advisory : subversion (MDVSA-2011:106)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple vulnerabilities were discovered and corrected in subversion :\n\nThe mod_dav_svn Apache HTTPD server module will dereference a NULL\npointer if asked to deliver baselined WebDAV resources which can lead\nto a DoS (Denial Of Service) (CVE-2011-1752).\n\nThe mod_dav_svn Apache HTTPD server module may in certain cenarios\nenter a logic loop which does not exit and which allocates emory in\neach iteration, ultimately exhausting all the available emory on the\nserver which can lead to a DoS (Denial Of Service) (CVE-2011-1783).\n\nThe mod_dav_svn Apache HTTPD server module may leak to remote users\nthe file contents of files configured to be unreadable by those users\n(CVE-2011-1921).\n\nPackages for 2009.0 are provided as of the Extended Maintenance\nProgram. Please visit this link to learn more:\nhttp://store.mandriva.com/product_info.php?cPath=149 products_id=490\n\nThe updated packages have been upgraded to the 1.6.17 version which is\nnot vulnerable to these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://svn.apache.org/repos/asf/subversion/tags/1.6.17/CHANGES\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_dav_svn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_dontdothat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64svn-gnome-keyring0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64svn-kwallet0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64svn0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64svnjavahl1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libsvn-gnome-keyring0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libsvn-kwallet0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libsvn0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libsvnjavahl1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:perl-SVN\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:python-svn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ruby-svn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:subversion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:subversion-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:subversion-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:subversion-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:subversion-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:svn-javahl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2009.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2010.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/06/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/06/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2009.0\", reference:\"apache-mod_dav_svn-1.6.17-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"apache-mod_dontdothat-1.6.17-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64svn0-1.6.17-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64svnjavahl1-1.6.17-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libsvn0-1.6.17-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libsvnjavahl1-1.6.17-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"perl-SVN-1.6.17-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"python-svn-1.6.17-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"ruby-svn-1.6.17-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"subversion-1.6.17-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"subversion-devel-1.6.17-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"subversion-doc-1.6.17-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"subversion-server-1.6.17-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"subversion-tools-1.6.17-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"svn-javahl-1.6.17-0.1mdv2009.0\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2010.1\", reference:\"apache-mod_dav_svn-1.6.17-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"apache-mod_dontdothat-1.6.17-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"x86_64\", reference:\"lib64svn-gnome-keyring0-1.6.17-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"x86_64\", reference:\"lib64svn-kwallet0-1.6.17-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"x86_64\", reference:\"lib64svn0-1.6.17-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"x86_64\", reference:\"lib64svnjavahl1-1.6.17-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"i386\", reference:\"libsvn-gnome-keyring0-1.6.17-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"i386\", reference:\"libsvn-kwallet0-1.6.17-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"i386\", reference:\"libsvn0-1.6.17-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"i386\", reference:\"libsvnjavahl1-1.6.17-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"perl-SVN-1.6.17-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"python-svn-1.6.17-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"ruby-svn-1.6.17-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"subversion-1.6.17-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"subversion-devel-1.6.17-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"subversion-doc-1.6.17-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"subversion-server-1.6.17-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"subversion-tools-1.6.17-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"svn-javahl-1.6.17-0.1mdv2010.2\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-01T06:35:05", "description": "Joe Schaefer discovered that the Subversion mod_dav_svn module for\nApache did not properly handle certain baselined WebDAV resource\nrequests. A remote attacker could use this flaw to cause the service\nto crash, leading to a denial of service. (CVE-2011-1752)\n\nIvan Zhakov discovered that the Subversion mod_dav_svn module for\nApache did not properly handle certain requests. A remote attacker\ncould use this flaw to cause the service to consume all available\nresources, leading to a denial of service. (CVE-2011-1783)\n\nKamesh Jayachandran discovered that the Subversion mod_dav_svn module\nfor Apache did not properly handle access control in certain\nsituations. A remote user could use this flaw to gain access to files\nthat would otherwise be unreadable. (CVE-2011-1921).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 24, "published": "2011-06-13T00:00:00", "title": "Ubuntu 10.04 LTS / 10.10 / 11.04 : subversion vulnerabilities (USN-1144-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1783", "CVE-2011-1752", "CVE-2011-1921"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libapache2-svn", "cpe:/o:canonical:ubuntu_linux:11.04", "cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "cpe:/o:canonical:ubuntu_linux:10.10"], "id": "UBUNTU_USN-1144-1.NASL", "href": "https://www.tenable.com/plugins/nessus/55107", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1144-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(55107);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2019/09/19 12:54:27\");\n\n script_cve_id(\"CVE-2011-1752\", \"CVE-2011-1783\", \"CVE-2011-1921\");\n script_bugtraq_id(48091);\n script_xref(name:\"USN\", value:\"1144-1\");\n\n script_name(english:\"Ubuntu 10.04 LTS / 10.10 / 11.04 : subversion vulnerabilities (USN-1144-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Joe Schaefer discovered that the Subversion mod_dav_svn module for\nApache did not properly handle certain baselined WebDAV resource\nrequests. A remote attacker could use this flaw to cause the service\nto crash, leading to a denial of service. (CVE-2011-1752)\n\nIvan Zhakov discovered that the Subversion mod_dav_svn module for\nApache did not properly handle certain requests. A remote attacker\ncould use this flaw to cause the service to consume all available\nresources, leading to a denial of service. (CVE-2011-1783)\n\nKamesh Jayachandran discovered that the Subversion mod_dav_svn module\nfor Apache did not properly handle access control in certain\nsituations. A remote user could use this flaw to gain access to files\nthat would otherwise be unreadable. (CVE-2011-1921).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1144-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libapache2-svn package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libapache2-svn\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/06/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/06/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/06/13\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2011-2019 Canonical, Inc. / NASL script (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(10\\.04|10\\.10|11\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 10.04 / 10.10 / 11.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"10.04\", pkgname:\"libapache2-svn\", pkgver:\"1.6.6dfsg-2ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"libapache2-svn\", pkgver:\"1.6.12dfsg-1ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"11.04\", pkgname:\"libapache2-svn\", pkgver:\"1.6.12dfsg-4ubuntu2.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libapache2-svn\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-17T12:46:01", "description": "From Red Hat Security Advisory 2011:0862 :\n\nUpdated subversion packages that fix three security issues are now\navailable for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nSubversion (SVN) is a concurrent version control system which enables\none or more users to collaborate in developing and maintaining a\nhierarchy of files and directories while keeping a history of all\nchanges. The mod_dav_svn module is used with the Apache HTTP Server to\nallow access to Subversion repositories via HTTP.\n\nAn infinite loop flaw was found in the way the mod_dav_svn module\nprocessed certain data sets. If the SVNPathAuthz directive was set to\n'short_circuit', and path-based access control for files and\ndirectories was enabled, a malicious, remote user could use this flaw\nto cause the httpd process serving the request to consume an excessive\namount of system memory. (CVE-2011-1783)\n\nA NULL pointer dereference flaw was found in the way the mod_dav_svn\nmodule processed requests submitted against the URL of a baselined\nresource. A malicious, remote user could use this flaw to cause the\nhttpd process serving the request to crash. (CVE-2011-1752)\n\nAn information disclosure flaw was found in the way the mod_dav_svn\nmodule processed certain URLs when path-based access control for files\nand directories was enabled. A malicious, remote user could possibly\nuse this flaw to access certain files in a repository that would\notherwise not be accessible to them. Note: This vulnerability cannot\nbe triggered if the SVNPathAuthz directive is set to 'short_circuit'.\n(CVE-2011-1921)\n\nRed Hat would like to thank the Apache Subversion project for\nreporting these issues. Upstream acknowledges Joe Schaefer of the\nApache Software Foundation as the original reporter of CVE-2011-1752;\nIvan Zhakov of VisualSVN as the original reporter of CVE-2011-1783;\nand Kamesh Jayachandran of CollabNet, Inc. as the original reporter of\nCVE-2011-1921.\n\nAll Subversion users should upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing\nthe updated packages, you must restart the httpd daemon, if you are\nusing mod_dav_svn, for the update to take effect.", "edition": 25, "published": "2013-07-12T00:00:00", "title": "Oracle Linux 5 / 6 : subversion (ELSA-2011-0862)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1783", "CVE-2011-1752", "CVE-2011-1921"], "modified": "2013-07-12T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:subversion-kde", "cpe:/o:oracle:linux:6", "p-cpe:/a:oracle:linux:subversion-javahl", "p-cpe:/a:oracle:linux:subversion-ruby", "cpe:/o:oracle:linux:5", "p-cpe:/a:oracle:linux:subversion-perl", "p-cpe:/a:oracle:linux:subversion", "p-cpe:/a:oracle:linux:mod_dav_svn", "p-cpe:/a:oracle:linux:subversion-devel", "p-cpe:/a:oracle:linux:subversion-svn2cl", "p-cpe:/a:oracle:linux:subversion-gnome"], "id": "ORACLELINUX_ELSA-2011-0862.NASL", "href": "https://www.tenable.com/plugins/nessus/68291", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2011:0862 and \n# Oracle Linux Security Advisory ELSA-2011-0862 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68291);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-1752\", \"CVE-2011-1783\", \"CVE-2011-1921\");\n script_bugtraq_id(48091);\n script_xref(name:\"RHSA\", value:\"2011:0862\");\n\n script_name(english:\"Oracle Linux 5 / 6 : subversion (ELSA-2011-0862)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2011:0862 :\n\nUpdated subversion packages that fix three security issues are now\navailable for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nSubversion (SVN) is a concurrent version control system which enables\none or more users to collaborate in developing and maintaining a\nhierarchy of files and directories while keeping a history of all\nchanges. The mod_dav_svn module is used with the Apache HTTP Server to\nallow access to Subversion repositories via HTTP.\n\nAn infinite loop flaw was found in the way the mod_dav_svn module\nprocessed certain data sets. If the SVNPathAuthz directive was set to\n'short_circuit', and path-based access control for files and\ndirectories was enabled, a malicious, remote user could use this flaw\nto cause the httpd process serving the request to consume an excessive\namount of system memory. (CVE-2011-1783)\n\nA NULL pointer dereference flaw was found in the way the mod_dav_svn\nmodule processed requests submitted against the URL of a baselined\nresource. A malicious, remote user could use this flaw to cause the\nhttpd process serving the request to crash. (CVE-2011-1752)\n\nAn information disclosure flaw was found in the way the mod_dav_svn\nmodule processed certain URLs when path-based access control for files\nand directories was enabled. A malicious, remote user could possibly\nuse this flaw to access certain files in a repository that would\notherwise not be accessible to them. Note: This vulnerability cannot\nbe triggered if the SVNPathAuthz directive is set to 'short_circuit'.\n(CVE-2011-1921)\n\nRed Hat would like to thank the Apache Subversion project for\nreporting these issues. Upstream acknowledges Joe Schaefer of the\nApache Software Foundation as the original reporter of CVE-2011-1752;\nIvan Zhakov of VisualSVN as the original reporter of CVE-2011-1783;\nand Kamesh Jayachandran of CollabNet, Inc. as the original reporter of\nCVE-2011-1921.\n\nAll Subversion users should upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing\nthe updated packages, you must restart the httpd daemon, if you are\nusing mod_dav_svn, for the update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2011-June/002180.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2011-June/002181.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected subversion packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mod_dav_svn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:subversion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:subversion-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:subversion-gnome\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:subversion-javahl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:subversion-kde\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:subversion-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:subversion-ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:subversion-svn2cl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/06/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/06/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5 / 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL5\", reference:\"mod_dav_svn-1.6.11-7.el5_6.4\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"subversion-1.6.11-7.el5_6.4\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"subversion-devel-1.6.11-7.el5_6.4\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"subversion-javahl-1.6.11-7.el5_6.4\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"subversion-perl-1.6.11-7.el5_6.4\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"subversion-ruby-1.6.11-7.el5_6.4\")) flag++;\n\nif (rpm_check(release:\"EL6\", reference:\"mod_dav_svn-1.6.11-2.el6_1.4\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"subversion-1.6.11-2.el6_1.4\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"subversion-devel-1.6.11-2.el6_1.4\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"subversion-gnome-1.6.11-2.el6_1.4\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"subversion-javahl-1.6.11-2.el6_1.4\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"subversion-kde-1.6.11-2.el6_1.4\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"subversion-perl-1.6.11-2.el6_1.4\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"subversion-ruby-1.6.11-2.el6_1.4\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"subversion-svn2cl-1.6.11-2.el6_1.4\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mod_dav_svn / subversion / subversion-devel / subversion-gnome / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-06T09:27:03", "description": "Updated subversion packages that fix three security issues are now\navailable for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nSubversion (SVN) is a concurrent version control system which enables\none or more users to collaborate in developing and maintaining a\nhierarchy of files and directories while keeping a history of all\nchanges. The mod_dav_svn module is used with the Apache HTTP Server to\nallow access to Subversion repositories via HTTP.\n\nAn infinite loop flaw was found in the way the mod_dav_svn module\nprocessed certain data sets. If the SVNPathAuthz directive was set to\n'short_circuit', and path-based access control for files and\ndirectories was enabled, a malicious, remote user could use this flaw\nto cause the httpd process serving the request to consume an excessive\namount of system memory. (CVE-2011-1783)\n\nA NULL pointer dereference flaw was found in the way the mod_dav_svn\nmodule processed requests submitted against the URL of a baselined\nresource. A malicious, remote user could use this flaw to cause the\nhttpd process serving the request to crash. (CVE-2011-1752)\n\nAn information disclosure flaw was found in the way the mod_dav_svn\nmodule processed certain URLs when path-based access control for files\nand directories was enabled. A malicious, remote user could possibly\nuse this flaw to access certain files in a repository that would\notherwise not be accessible to them. Note: This vulnerability cannot\nbe triggered if the SVNPathAuthz directive is set to 'short_circuit'.\n(CVE-2011-1921)\n\nRed Hat would like to thank the Apache Subversion project for\nreporting these issues. Upstream acknowledges Joe Schaefer of the\nApache Software Foundation as the original reporter of CVE-2011-1752;\nIvan Zhakov of VisualSVN as the original reporter of CVE-2011-1783;\nand Kamesh Jayachandran of CollabNet, Inc. as the original reporter of\nCVE-2011-1921.\n\nAll Subversion users should upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing\nthe updated packages, you must restart the httpd daemon, if you are\nusing mod_dav_svn, for the update to take effect.", "edition": 27, "published": "2011-06-09T00:00:00", "title": "CentOS 5 : subversion (CESA-2011:0862)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1783", "CVE-2011-1752", "CVE-2011-1921"], "modified": "2011-06-09T00:00:00", "cpe": ["p-cpe:/a:centos:centos:subversion-devel", "p-cpe:/a:centos:centos:subversion-javahl", "p-cpe:/a:centos:centos:subversion-ruby", "cpe:/o:centos:centos:5", "p-cpe:/a:centos:centos:mod_dav_svn", "p-cpe:/a:centos:centos:subversion", "p-cpe:/a:centos:centos:subversion-perl"], "id": "CENTOS_RHSA-2011-0862.NASL", "href": "https://www.tenable.com/plugins/nessus/55001", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2011:0862 and \n# CentOS Errata and Security Advisory 2011:0862 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(55001);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2011-1752\", \"CVE-2011-1783\", \"CVE-2011-1921\");\n script_bugtraq_id(48091);\n script_xref(name:\"RHSA\", value:\"2011:0862\");\n\n script_name(english:\"CentOS 5 : subversion (CESA-2011:0862)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated subversion packages that fix three security issues are now\navailable for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nSubversion (SVN) is a concurrent version control system which enables\none or more users to collaborate in developing and maintaining a\nhierarchy of files and directories while keeping a history of all\nchanges. The mod_dav_svn module is used with the Apache HTTP Server to\nallow access to Subversion repositories via HTTP.\n\nAn infinite loop flaw was found in the way the mod_dav_svn module\nprocessed certain data sets. If the SVNPathAuthz directive was set to\n'short_circuit', and path-based access control for files and\ndirectories was enabled, a malicious, remote user could use this flaw\nto cause the httpd process serving the request to consume an excessive\namount of system memory. (CVE-2011-1783)\n\nA NULL pointer dereference flaw was found in the way the mod_dav_svn\nmodule processed requests submitted against the URL of a baselined\nresource. A malicious, remote user could use this flaw to cause the\nhttpd process serving the request to crash. (CVE-2011-1752)\n\nAn information disclosure flaw was found in the way the mod_dav_svn\nmodule processed certain URLs when path-based access control for files\nand directories was enabled. A malicious, remote user could possibly\nuse this flaw to access certain files in a repository that would\notherwise not be accessible to them. Note: This vulnerability cannot\nbe triggered if the SVNPathAuthz directive is set to 'short_circuit'.\n(CVE-2011-1921)\n\nRed Hat would like to thank the Apache Subversion project for\nreporting these issues. Upstream acknowledges Joe Schaefer of the\nApache Software Foundation as the original reporter of CVE-2011-1752;\nIvan Zhakov of VisualSVN as the original reporter of CVE-2011-1783;\nand Kamesh Jayachandran of CollabNet, Inc. as the original reporter of\nCVE-2011-1921.\n\nAll Subversion users should upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing\nthe updated packages, you must restart the httpd daemon, if you are\nusing mod_dav_svn, for the update to take effect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2011-June/017613.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6cb5731e\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2011-June/017614.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?af164cf0\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected subversion packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:mod_dav_svn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:subversion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:subversion-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:subversion-javahl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:subversion-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:subversion-ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/06/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/06/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/06/09\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"mod_dav_svn-1.6.11-7.el5_6.4\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"subversion-1.6.11-7.el5_6.4\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"subversion-devel-1.6.11-7.el5_6.4\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"subversion-javahl-1.6.11-7.el5_6.4\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"subversion-perl-1.6.11-7.el5_6.4\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"subversion-ruby-1.6.11-7.el5_6.4\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mod_dav_svn / subversion / subversion-devel / subversion-javahl / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-12T10:09:44", "description": "This update includes the latest release of Subversion, fixing three\nsecurity issues :\n\nAn infinite loop flaw was found in the way the mod_dav_svn module\nprocessed certain data sets. If the SVNPathAuthz directive was set to\n'short_circuit', and path-based access control for files and\ndirectories was enabled, a malicious, remote user could use this flaw\nto cause the httpd process serving the request to consume an excessive\namount of system memory. (CVE-2011-1783)\n\nA NULL pointer dereference flaw was found in the way the mod_dav_svn\nmodule processed requests submitted against the URL of a baselined\nresource. A malicious, remote user could use this flaw to cause the\nhttpd process serving the request to crash. (CVE-2011-1752)\n\nAn information disclosure flaw was found in the way the mod_dav_svn\nmodule processed certain URLs when path-based access control for files\nand directories was enabled. A malicious, remote user could possibly\nuse this flaw to access certain files in a repository that would\notherwise not be accessible to them. Note: This vulnerability cannot\nbe triggered if the SVNPathAuthz directive is set to 'short_circuit'.\n(CVE-2011-1921)\n\nThe Fedora Project would like to thank the Apache Subversion project\nfor reporting these issues. Upstream acknowledges Joe Schaefer of the\nApache Software Foundation as the original reporter of CVE-2011-1752;\nIvan Zhakov of VisualSVN as the original reporter of CVE-2011-1783;\nand Kamesh Jayachandran of CollabNet, Inc. as the original reporter of\nCVE-2011-1921.\n\nThe following bugs are also fixed in this release :\n\n - make 'blame -g' more efficient on with large mergeinfo\n\n - preserve log message with a non-zero editor exit\n\n - fix FSFS cache performance on 64-bit platforms\n\n - make svn cleanup tolerate obstructed directories\n\n - fix deadlock in multithreaded servers serving FSFS\n repositories\n\n - detect very occasional corruption and abort commit\n\n - fixed: file externals cause non-inheritable mergeinfo\n\n - fixed: file externals cause mixed-revision working\n copies\n\n - fixed: write-through proxy could direcly commit to\n slave\n\n - detect a particular corruption condition in FSFS\n\n - improve error message when clients refer to unkown\n revisions\n\n - bugfixes and optimizations to the DAV mirroring code\n\n - fixed: locked and deleted file causes tree conflict\n\n - fixed: update touches locked file with svn:keywords\n property\n\n - fix svnsync handling of directory copyfrom\n\n - fix 'log -g' excessive duplicate output\n\n - fix svnsync copyfrom handling bug with BDB\n\n - server-side validation of svn:mergeinfo syntax during\n commit\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 26, "published": "2011-07-05T00:00:00", "title": "Fedora 14 : subversion-1.6.17-1.fc14 (2011-8341)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1783", "CVE-2011-1752", "CVE-2011-1921"], "modified": "2011-07-05T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:14", "p-cpe:/a:fedoraproject:fedora:subversion"], "id": "FEDORA_2011-8341.NASL", "href": "https://www.tenable.com/plugins/nessus/55496", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2011-8341.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(55496);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2011-1752\", \"CVE-2011-1783\", \"CVE-2011-1921\");\n script_bugtraq_id(48091);\n script_xref(name:\"FEDORA\", value:\"2011-8341\");\n\n script_name(english:\"Fedora 14 : subversion-1.6.17-1.fc14 (2011-8341)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update includes the latest release of Subversion, fixing three\nsecurity issues :\n\nAn infinite loop flaw was found in the way the mod_dav_svn module\nprocessed certain data sets. If the SVNPathAuthz directive was set to\n'short_circuit', and path-based access control for files and\ndirectories was enabled, a malicious, remote user could use this flaw\nto cause the httpd process serving the request to consume an excessive\namount of system memory. (CVE-2011-1783)\n\nA NULL pointer dereference flaw was found in the way the mod_dav_svn\nmodule processed requests submitted against the URL of a baselined\nresource. A malicious, remote user could use this flaw to cause the\nhttpd process serving the request to crash. (CVE-2011-1752)\n\nAn information disclosure flaw was found in the way the mod_dav_svn\nmodule processed certain URLs when path-based access control for files\nand directories was enabled. A malicious, remote user could possibly\nuse this flaw to access certain files in a repository that would\notherwise not be accessible to them. Note: This vulnerability cannot\nbe triggered if the SVNPathAuthz directive is set to 'short_circuit'.\n(CVE-2011-1921)\n\nThe Fedora Project would like to thank the Apache Subversion project\nfor reporting these issues. Upstream acknowledges Joe Schaefer of the\nApache Software Foundation as the original reporter of CVE-2011-1752;\nIvan Zhakov of VisualSVN as the original reporter of CVE-2011-1783;\nand Kamesh Jayachandran of CollabNet, Inc. as the original reporter of\nCVE-2011-1921.\n\nThe following bugs are also fixed in this release :\n\n - make 'blame -g' more efficient on with large mergeinfo\n\n - preserve log message with a non-zero editor exit\n\n - fix FSFS cache performance on 64-bit platforms\n\n - make svn cleanup tolerate obstructed directories\n\n - fix deadlock in multithreaded servers serving FSFS\n repositories\n\n - detect very occasional corruption and abort commit\n\n - fixed: file externals cause non-inheritable mergeinfo\n\n - fixed: file externals cause mixed-revision working\n copies\n\n - fixed: write-through proxy could direcly commit to\n slave\n\n - detect a particular corruption condition in FSFS\n\n - improve error message when clients refer to unkown\n revisions\n\n - bugfixes and optimizations to the DAV mirroring code\n\n - fixed: locked and deleted file causes tree conflict\n\n - fixed: update touches locked file with svn:keywords\n property\n\n - fix svnsync handling of directory copyfrom\n\n - fix 'log -g' excessive duplicate output\n\n - fix svnsync copyfrom handling bug with BDB\n\n - server-side validation of svn:mergeinfo syntax during\n commit\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=709952\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-July/062211.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b397d08e\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected subversion package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:subversion\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:14\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/06/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/06/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/07/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^14([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 14.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC14\", reference:\"subversion-1.6.17-1.fc14\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"subversion\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-17T14:08:56", "description": "Subversion was updated to version 1.6.17 to fix several security\nissues :\n\n - CVE-2011-1752: The mod_dav_svn Apache HTTPD server\n module can be crashed though when asked to deliver\n baselined WebDAV resources.\n\n - CVE-2011-1783: The mod_dav_svn Apache HTTPD server\n module can trigger a loop which consumes all available\n memory on the system.\n\n - CVE-2011-1921: The mod_dav_svn Apache HTTPD server\n module may leak to remote users the file contents of\n files configured to be unreadable by those users.", "edition": 24, "published": "2014-06-13T00:00:00", "title": "openSUSE Security Update : libsvn_auth_gnome_keyring-1-0 (openSUSE-SU-2011:0695-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1783", "CVE-2011-1752", "CVE-2011-1921"], "modified": "2014-06-13T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:subversion-python", "p-cpe:/a:novell:opensuse:libsvn_auth_gnome_keyring-1-0", "p-cpe:/a:novell:opensuse:subversion-tools-debuginfo", "p-cpe:/a:novell:opensuse:subversion-debugsource", "p-cpe:/a:novell:opensuse:subversion-tools", "p-cpe:/a:novell:opensuse:subversion", "cpe:/o:novell:opensuse:11.4", "p-cpe:/a:novell:opensuse:libsvn_auth_kwallet-1-0", "p-cpe:/a:novell:opensuse:subversion-ruby", "p-cpe:/a:novell:opensuse:subversion-devel", "p-cpe:/a:novell:opensuse:subversion-server-debuginfo", "p-cpe:/a:novell:opensuse:subversion-perl", "p-cpe:/a:novell:opensuse:subversion-server", "p-cpe:/a:novell:opensuse:subversion-ruby-debuginfo", "p-cpe:/a:novell:opensuse:subversion-python-debuginfo", "p-cpe:/a:novell:opensuse:subversion-perl-debuginfo", "p-cpe:/a:novell:opensuse:libsvn_auth_kwallet-1-0-debuginfo", "p-cpe:/a:novell:opensuse:libsvn_auth_gnome_keyring-1-0-debuginfo", "p-cpe:/a:novell:opensuse:subversion-debuginfo"], "id": "SUSE_11_4_LIBSVN_AUTH_GNOME_KEYRING-1-0-110607.NASL", "href": "https://www.tenable.com/plugins/nessus/75923", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update libsvn_auth_gnome_keyring-1-0-4688.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(75923);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-1752\", \"CVE-2011-1783\", \"CVE-2011-1921\");\n\n script_name(english:\"openSUSE Security Update : libsvn_auth_gnome_keyring-1-0 (openSUSE-SU-2011:0695-1)\");\n script_summary(english:\"Check for the libsvn_auth_gnome_keyring-1-0-4688 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Subversion was updated to version 1.6.17 to fix several security\nissues :\n\n - CVE-2011-1752: The mod_dav_svn Apache HTTPD server\n module can be crashed though when asked to deliver\n baselined WebDAV resources.\n\n - CVE-2011-1783: The mod_dav_svn Apache HTTPD server\n module can trigger a loop which consumes all available\n memory on the system.\n\n - CVE-2011-1921: The mod_dav_svn Apache HTTPD server\n module may leak to remote users the file contents of\n files configured to be unreadable by those users.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=698205\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2011-06/msg00042.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libsvn_auth_gnome_keyring-1-0 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsvn_auth_gnome_keyring-1-0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsvn_auth_gnome_keyring-1-0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsvn_auth_kwallet-1-0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsvn_auth_kwallet-1-0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-perl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-python-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-ruby-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-server-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.4\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/06/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.4)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.4\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.4\", reference:\"libsvn_auth_gnome_keyring-1-0-1.6.17-1.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"libsvn_auth_gnome_keyring-1-0-debuginfo-1.6.17-1.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"libsvn_auth_kwallet-1-0-1.6.17-1.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"libsvn_auth_kwallet-1-0-debuginfo-1.6.17-1.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"subversion-1.6.17-1.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"subversion-debuginfo-1.6.17-1.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"subversion-debugsource-1.6.17-1.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"subversion-devel-1.6.17-1.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"subversion-perl-1.6.17-1.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"subversion-perl-debuginfo-1.6.17-1.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"subversion-python-1.6.17-1.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"subversion-python-debuginfo-1.6.17-1.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"subversion-ruby-1.6.17-1.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"subversion-ruby-debuginfo-1.6.17-1.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"subversion-server-1.6.17-1.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"subversion-server-debuginfo-1.6.17-1.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"subversion-tools-1.6.17-1.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"subversion-tools-debuginfo-1.6.17-1.2.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"subversion\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "openvas": [{"lastseen": "2018-01-03T10:58:08", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1783", "CVE-2011-1752", "CVE-2011-1921"], "description": "Check for the Version of mod_dav_svn", "modified": "2018-01-03T00:00:00", "published": "2012-07-30T00:00:00", "id": "OPENVAS:881360", "href": "http://plugins.openvas.org/nasl.php?oid=881360", "type": "openvas", "title": "CentOS Update for mod_dav_svn CESA-2011:0862 centos5 x86_64", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for mod_dav_svn CESA-2011:0862 centos5 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Subversion (SVN) is a concurrent version control system which enables one\n or more users to collaborate in developing and maintaining a hierarchy of\n files and directories while keeping a history of all changes. The\n mod_dav_svn module is used with the Apache HTTP Server to allow access to\n Subversion repositories via HTTP.\n\n An infinite loop flaw was found in the way the mod_dav_svn module processed\n certain data sets. If the SVNPathAuthz directive was set to\n "short_circuit", and path-based access control for files and directories\n was enabled, a malicious, remote user could use this flaw to cause the\n httpd process serving the request to consume an excessive amount of system\n memory. (CVE-2011-1783)\n \n A NULL pointer dereference flaw was found in the way the mod_dav_svn module\n processed requests submitted against the URL of a baselined resource. A\n malicious, remote user could use this flaw to cause the httpd process\n serving the request to crash. (CVE-2011-1752)\n \n An information disclosure flaw was found in the way the mod_dav_svn\n module processed certain URLs when path-based access control for files and\n directories was enabled. A malicious, remote user could possibly use this\n flaw to access certain files in a repository that would otherwise not be\n accessible to them. Note: This vulnerability cannot be triggered if the\n SVNPathAuthz directive is set to "short_circuit". (CVE-2011-1921)\n \n Red Hat would like to thank the Apache Subversion project for reporting\n these issues. Upstream acknowledges Joe Schaefer of the Apache Software\n Foundation as the original reporter of CVE-2011-1752; Ivan Zhakov of\n VisualSVN as the original reporter of CVE-2011-1783; and Kamesh\n Jayachandran of CollabNet, Inc. as the original reporter of CVE-2011-1921.\n \n All Subversion users should upgrade to these updated packages, which\n contain backported patches to correct these issues. After installing the\n updated packages, you must restart the httpd daemon, if you are using\n mod_dav_svn, for the update to take effect.\";\n\ntag_affected = \"mod_dav_svn on CentOS 5\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2011-June/017613.html\");\n script_id(881360);\n script_version(\"$Revision: 8273 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-03 07:29:19 +0100 (Wed, 03 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 17:35:26 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2011-1752\", \"CVE-2011-1783\", \"CVE-2011-1921\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"CESA\", value: \"2011:0862\");\n script_name(\"CentOS Update for mod_dav_svn CESA-2011:0862 centos5 x86_64\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of mod_dav_svn\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"mod_dav_svn\", rpm:\"mod_dav_svn~1.6.11~7.el5_6.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"subversion\", rpm:\"subversion~1.6.11~7.el5_6.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"subversion-devel\", rpm:\"subversion-devel~1.6.11~7.el5_6.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"subversion-javahl\", rpm:\"subversion-javahl~1.6.11~7.el5_6.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"subversion-perl\", rpm:\"subversion-perl~1.6.11~7.el5_6.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"subversion-ruby\", rpm:\"subversion-ruby~1.6.11~7.el5_6.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-27T10:55:31", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1783", "CVE-2011-1752", "CVE-2011-1921"], "description": "Check for the Version of subversion", "modified": "2017-07-12T00:00:00", "published": "2011-06-10T00:00:00", "id": "OPENVAS:870442", "href": "http://plugins.openvas.org/nasl.php?oid=870442", "type": "openvas", "title": "RedHat Update for subversion RHSA-2011:0862-01", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for subversion RHSA-2011:0862-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Subversion (SVN) is a concurrent version control system which enables one\n or more users to collaborate in developing and maintaining a hierarchy of\n files and directories while keeping a history of all changes. The\n mod_dav_svn module is used with the Apache HTTP Server to allow access to\n Subversion repositories via HTTP.\n\n An infinite loop flaw was found in the way the mod_dav_svn module processed\n certain data sets. If the SVNPathAuthz directive was set to\n "short_circuit", and path-based access control for files and directories\n was enabled, a malicious, remote user could use this flaw to cause the\n httpd process serving the request to consume an excessive amount of system\n memory. (CVE-2011-1783)\n \n A NULL pointer dereference flaw was found in the way the mod_dav_svn module\n processed requests submitted against the URL of a baselined resource. A\n malicious, remote user could use this flaw to cause the httpd process\n serving the request to crash. (CVE-2011-1752)\n \n An information disclosure flaw was found in the way the mod_dav_svn\n module processed certain URLs when path-based access control for files and\n directories was enabled. A malicious, remote user could possibly use this\n flaw to access certain files in a repository that would otherwise not be\n accessible to them. Note: This vulnerability cannot be triggered if the\n SVNPathAuthz directive is set to "short_circuit". (CVE-2011-1921)\n \n Red Hat would like to thank the Apache Subversion project for reporting\n these issues. Upstream acknowledges Joe Schaefer of the Apache Software\n Foundation as the original reporter of CVE-2011-1752; Ivan Zhakov of\n VisualSVN as the original reporter of CVE-2011-1783; and Kamesh\n Jayachandran of CollabNet, Inc. as the original reporter of CVE-2011-1921.\n \n All Subversion users should upgrade to these updated packages, which\n contain backported patches to correct these issues. After installing the\n updated packages, you must restart the httpd daemon, if you are using\n mod_dav_svn, for the update to take effect.\";\n\ntag_affected = \"subversion on Red Hat Enterprise Linux (v. 5 server)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2011-June/msg00008.html\");\n script_id(870442);\n script_version(\"$Revision: 6685 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:44:46 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-06-10 16:29:51 +0200 (Fri, 10 Jun 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"RHSA\", value: \"2011:0862-01\");\n script_cve_id(\"CVE-2011-1752\", \"CVE-2011-1783\", \"CVE-2011-1921\");\n script_name(\"RedHat Update for subversion RHSA-2011:0862-01\");\n\n script_summary(\"Check for the Version of subversion\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"mod_dav_svn\", rpm:\"mod_dav_svn~1.6.11~7.el5_6.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"subversion\", rpm:\"subversion~1.6.11~7.el5_6.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"subversion-debuginfo\", rpm:\"subversion-debuginfo~1.6.11~7.el5_6.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"subversion-devel\", rpm:\"subversion-devel~1.6.11~7.el5_6.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"subversion-javahl\", rpm:\"subversion-javahl~1.6.11~7.el5_6.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"subversion-perl\", rpm:\"subversion-perl~1.6.11~7.el5_6.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"subversion-ruby\", rpm:\"subversion-ruby~1.6.11~7.el5_6.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:55", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1783", "CVE-2011-1752", "CVE-2011-1921"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2011-07-12T00:00:00", "id": "OPENVAS:1361412562310863295", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863295", "type": "openvas", "title": "Fedora Update for subversion FEDORA-2011-8352", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for subversion FEDORA-2011-8352\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061913.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863295\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-07-12 08:00:26 +0200 (Tue, 12 Jul 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"FEDORA\", value:\"2011-8352\");\n script_cve_id(\"CVE-2011-1783\", \"CVE-2011-1752\", \"CVE-2011-1921\");\n script_name(\"Fedora Update for subversion FEDORA-2011-8352\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'subversion'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC15\");\n script_tag(name:\"affected\", value:\"subversion on Fedora 15\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"subversion\", rpm:\"subversion~1.6.17~1.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:39:40", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1783", "CVE-2011-1752", "CVE-2011-1921"], "description": "The remote host is missing an update for the ", "modified": "2019-03-12T00:00:00", "published": "2011-06-10T00:00:00", "id": "OPENVAS:1361412562310870442", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870442", "type": "openvas", "title": "RedHat Update for subversion RHSA-2011:0862-01", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for subversion RHSA-2011:0862-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2011-June/msg00008.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870442\");\n script_version(\"$Revision: 14114 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-12 12:48:52 +0100 (Tue, 12 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-06-10 16:29:51 +0200 (Fri, 10 Jun 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"RHSA\", value:\"2011:0862-01\");\n script_cve_id(\"CVE-2011-1752\", \"CVE-2011-1783\", \"CVE-2011-1921\");\n script_name(\"RedHat Update for subversion RHSA-2011:0862-01\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'subversion'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_5\");\n script_tag(name:\"affected\", value:\"subversion on Red Hat Enterprise Linux (v. 5 server)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Subversion (SVN) is a concurrent version control system which enables one\n or more users to collaborate in developing and maintaining a hierarchy of\n files and directories while keeping a history of all changes. The\n mod_dav_svn module is used with the Apache HTTP Server to allow access to\n Subversion repositories via HTTP.\n\n An infinite loop flaw was found in the way the mod_dav_svn module processed\n certain data sets. If the SVNPathAuthz directive was set to\n 'short_circuit', and path-based access control for files and directories\n was enabled, a malicious, remote user could use this flaw to cause the\n httpd process serving the request to consume an excessive amount of system\n memory. (CVE-2011-1783)\n\n A NULL pointer dereference flaw was found in the way the mod_dav_svn module\n processed requests submitted against the URL of a baselined resource. A\n malicious, remote user could use this flaw to cause the httpd process\n serving the request to crash. (CVE-2011-1752)\n\n An information disclosure flaw was found in the way the mod_dav_svn\n module processed certain URLs when path-based access control for files and\n directories was enabled. A malicious, remote user could possibly use this\n flaw to access certain files in a repository that would otherwise not be\n accessible to them. Note: This vulnerability cannot be triggered if the\n SVNPathAuthz directive is set to 'short_circuit'. (CVE-2011-1921)\n\n Red Hat would like to thank the Apache Subversion project for reporting\n these issues. Upstream acknowledges Joe Schaefer of the Apache Software\n Foundation as the original reporter of CVE-2011-1752, Ivan Zhakov of\n VisualSVN as the original reporter of CVE-2011-1783, and Kamesh\n Jayachandran of CollabNet, Inc. as the original reporter of CVE-2011-1921.\n\n All Subversion users should upgrade to these updated packages, which\n contain backported patches to correct these issues. After installing the\n updated packages, you must restart the httpd daemon, if you are using\n mod_dav_svn, for the update to take effect.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"mod_dav_svn\", rpm:\"mod_dav_svn~1.6.11~7.el5_6.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"subversion\", rpm:\"subversion~1.6.11~7.el5_6.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"subversion-debuginfo\", rpm:\"subversion-debuginfo~1.6.11~7.el5_6.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"subversion-devel\", rpm:\"subversion-devel~1.6.11~7.el5_6.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"subversion-javahl\", rpm:\"subversion-javahl~1.6.11~7.el5_6.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"subversion-perl\", rpm:\"subversion-perl~1.6.11~7.el5_6.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"subversion-ruby\", rpm:\"subversion-ruby~1.6.11~7.el5_6.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2017-12-04T11:27:08", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1783", "CVE-2011-1752", "CVE-2011-1921"], "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1144-1", "modified": "2017-12-01T00:00:00", "published": "2011-06-10T00:00:00", "id": "OPENVAS:840674", "href": "http://plugins.openvas.org/nasl.php?oid=840674", "type": "openvas", "title": "Ubuntu Update for subversion USN-1144-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1144_1.nasl 7964 2017-12-01 07:32:11Z santu $\n#\n# Ubuntu Update for subversion USN-1144-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Joe Schaefer discovered that the Subversion mod_dav_svn module for Apache\n did not properly handle certain baselined WebDAV resource requests. A\n remote attacker could use this flaw to cause the service to crash, leading\n to a denial of service. (CVE-2011-1752)\n\n Ivan Zhakov discovered that the Subversion mod_dav_svn module for Apache\n did not properly handle certain requests. A remote attacker could use this\n flaw to cause the service to consume all available resources, leading to a\n denial of service. (CVE-2011-1783)\n \n Kamesh Jayachandran discovered that the Subversion mod_dav_svn module for\n Apache did not properly handle access control in certain situations. A\n remote user could use this flaw to gain access to files that would\n otherwise be unreadable. (CVE-2011-1921)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1144-1\";\ntag_affected = \"subversion on Ubuntu 11.04 ,\n Ubuntu 10.10 ,\n Ubuntu 10.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1144-1/\");\n script_id(840674);\n script_version(\"$Revision: 7964 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 08:32:11 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-06-10 16:29:51 +0200 (Fri, 10 Jun 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"USN\", value: \"1144-1\");\n script_cve_id(\"CVE-2011-1752\", \"CVE-2011-1783\", \"CVE-2011-1921\");\n script_name(\"Ubuntu Update for subversion USN-1144-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU10.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-svn\", ver:\"1.6.12dfsg-1ubuntu1.3\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-svn\", ver:\"1.6.6dfsg-2ubuntu1.3\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-svn\", ver:\"1.6.12dfsg-4ubuntu2.1\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:27", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1783", "CVE-2011-1752", "CVE-2011-1921"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2011-08-09T00:00:00", "id": "OPENVAS:1361412562310880528", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880528", "type": "openvas", "title": "CentOS Update for mod_dav_svn CESA-2011:0862 centos5 i386", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for mod_dav_svn CESA-2011:0862 centos5 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2011-June/017614.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880528\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"CESA\", value:\"2011:0862\");\n script_cve_id(\"CVE-2011-1752\", \"CVE-2011-1783\", \"CVE-2011-1921\");\n script_name(\"CentOS Update for mod_dav_svn CESA-2011:0862 centos5 i386\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'mod_dav_svn'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n script_tag(name:\"affected\", value:\"mod_dav_svn on CentOS 5\");\n script_tag(name:\"insight\", value:\"Subversion (SVN) is a concurrent version control system which enables one\n or more users to collaborate in developing and maintaining a hierarchy of\n files and directories while keeping a history of all changes. The\n mod_dav_svn module is used with the Apache HTTP Server to allow access to\n Subversion repositories via HTTP.\n\n An infinite loop flaw was found in the way the mod_dav_svn module processed\n certain data sets. If the SVNPathAuthz directive was set to\n 'short_circuit', and path-based access control for files and directories\n was enabled, a malicious, remote user could use this flaw to cause the\n httpd process serving the request to consume an excessive amount of system\n memory. (CVE-2011-1783)\n\n A NULL pointer dereference flaw was found in the way the mod_dav_svn module\n processed requests submitted against the URL of a baselined resource. A\n malicious, remote user could use this flaw to cause the httpd process\n serving the request to crash. (CVE-2011-1752)\n\n An information disclosure flaw was found in the way the mod_dav_svn\n module processed certain URLs when path-based access control for files and\n directories was enabled. A malicious, remote user could possibly use this\n flaw to access certain files in a repository that would otherwise not be\n accessible to them. Note: This vulnerability cannot be triggered if the\n SVNPathAuthz directive is set to 'short_circuit'. (CVE-2011-1921)\n\n Red Hat would like to thank the Apache Subversion project for reporting\n these issues. Upstream acknowledges Joe Schaefer of the Apache Software\n Foundation as the original reporter of CVE-2011-1752, Ivan Zhakov of\n VisualSVN as the original reporter of CVE-2011-1783, and Kamesh\n Jayachandran of CollabNet, Inc. as the original reporter of CVE-2011-1921.\n\n All Subversion users should upgrade to these updated packages, which\n contain backported patches to correct these issues. After installing the\n updated packages, you must restart the httpd daemon, if you are using\n mod_dav_svn, for the update to take effect.\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"mod_dav_svn\", rpm:\"mod_dav_svn~1.6.11~7.el5_6.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"subversion\", rpm:\"subversion~1.6.11~7.el5_6.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"subversion-devel\", rpm:\"subversion-devel~1.6.11~7.el5_6.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"subversion-javahl\", rpm:\"subversion-javahl~1.6.11~7.el5_6.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"subversion-perl\", rpm:\"subversion-perl~1.6.11~7.el5_6.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"subversion-ruby\", rpm:\"subversion-ruby~1.6.11~7.el5_6.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:36:03", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1783", "CVE-2011-1752", "CVE-2011-1921"], "description": "Oracle Linux Local Security Checks ELSA-2011-0862", "modified": "2018-09-28T00:00:00", "published": "2015-10-06T00:00:00", "id": "OPENVAS:1361412562310122150", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122150", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2011-0862", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2011-0862.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122150\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:13:54 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2011-0862\");\n script_tag(name:\"insight\", value:\"ELSA-2011-0862 - subversion security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2011-0862\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2011-0862.html\");\n script_cve_id(\"CVE-2011-1752\", \"CVE-2011-1783\", \"CVE-2011-1921\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux(5|6)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"mod_dav_svn\", rpm:\"mod_dav_svn~1.6.11~7.el5_6.4\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"subversion\", rpm:\"subversion~1.6.11~7.el5_6.4\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"subversion-devel\", rpm:\"subversion-devel~1.6.11~7.el5_6.4\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"subversion-javahl\", rpm:\"subversion-javahl~1.6.11~7.el5_6.4\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"subversion-perl\", rpm:\"subversion-perl~1.6.11~7.el5_6.4\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"subversion-ruby\", rpm:\"subversion-ruby~1.6.11~7.el5_6.4\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"mod_dav_svn\", rpm:\"mod_dav_svn~1.6.11~2.el6_1.4\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"subversion\", rpm:\"subversion~1.6.11~2.el6_1.4\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"subversion-devel\", rpm:\"subversion-devel~1.6.11~2.el6_1.4\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"subversion-gnome\", rpm:\"subversion-gnome~1.6.11~2.el6_1.4\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"subversion-javahl\", rpm:\"subversion-javahl~1.6.11~2.el6_1.4\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"subversion-kde\", rpm:\"subversion-kde~1.6.11~2.el6_1.4\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"subversion-perl\", rpm:\"subversion-perl~1.6.11~2.el6_1.4\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"subversion-ruby\", rpm:\"subversion-ruby~1.6.11~2.el6_1.4\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"subversion-svn2cl\", rpm:\"subversion-svn2cl~1.6.11~2.el6_1.4\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:39:40", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1783", "CVE-2011-1752", "CVE-2011-1921"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2011-07-08T00:00:00", "id": "OPENVAS:1361412562310863323", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863323", "type": "openvas", "title": "Fedora Update for subversion FEDORA-2011-8341", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for subversion FEDORA-2011-8341\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062211.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863323\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-07-08 16:31:28 +0200 (Fri, 08 Jul 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"FEDORA\", value:\"2011-8341\");\n script_cve_id(\"CVE-2011-1783\", \"CVE-2011-1752\", \"CVE-2011-1921\");\n script_name(\"Fedora Update for subversion FEDORA-2011-8341\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'subversion'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC14\");\n script_tag(name:\"affected\", value:\"subversion on Fedora 14\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"subversion\", rpm:\"subversion~1.6.17~1.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:39:35", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1783", "CVE-2011-1752", "CVE-2011-1921"], "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1144-1", "modified": "2019-03-13T00:00:00", "published": "2011-06-10T00:00:00", "id": "OPENVAS:1361412562310840674", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310840674", "type": "openvas", "title": "Ubuntu Update for subversion USN-1144-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1144_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for subversion USN-1144-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1144-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.840674\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-06-10 16:29:51 +0200 (Fri, 10 Jun 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"USN\", value:\"1144-1\");\n script_cve_id(\"CVE-2011-1752\", \"CVE-2011-1783\", \"CVE-2011-1921\");\n script_name(\"Ubuntu Update for subversion USN-1144-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(10\\.10|10\\.04 LTS|11\\.04)\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1144-1\");\n script_tag(name:\"affected\", value:\"subversion on Ubuntu 11.04,\n Ubuntu 10.10,\n Ubuntu 10.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Joe Schaefer discovered that the Subversion mod_dav_svn module for Apache\n did not properly handle certain baselined WebDAV resource requests. A\n remote attacker could use this flaw to cause the service to crash, leading\n to a denial of service. (CVE-2011-1752)\n\n Ivan Zhakov discovered that the Subversion mod_dav_svn module for Apache\n did not properly handle certain requests. A remote attacker could use this\n flaw to cause the service to consume all available resources, leading to a\n denial of service. (CVE-2011-1783)\n\n Kamesh Jayachandran discovered that the Subversion mod_dav_svn module for\n Apache did not properly handle access control in certain situations. A\n remote user could use this flaw to gain access to files that would\n otherwise be unreadable. (CVE-2011-1921)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU10.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-svn\", ver:\"1.6.12dfsg-1ubuntu1.3\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-svn\", ver:\"1.6.6dfsg-2ubuntu1.3\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-svn\", ver:\"1.6.12dfsg-4ubuntu2.1\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-06-11T17:53:59", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1783", "CVE-2011-1752", "CVE-2011-1921"], "description": "The remote host is missing an update for the ", "modified": "2020-06-09T00:00:00", "published": "2011-06-06T00:00:00", "id": "OPENVAS:1361412562310831415", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310831415", "type": "openvas", "title": "Mandriva Update for subversion MDVSA-2011:106 (subversion)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for subversion MDVSA-2011:106 (subversion)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.mandriva.com/security-announce/2011-06/msg00002.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.831415\");\n script_version(\"2020-06-09T14:44:58+0000\");\n script_tag(name:\"last_modification\", value:\"2020-06-09 14:44:58 +0000 (Tue, 09 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2011-06-06 16:56:27 +0200 (Mon, 06 Jun 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"MDVSA\", value:\"2011:106\");\n script_cve_id(\"CVE-2011-1752\", \"CVE-2011-1783\", \"CVE-2011-1921\");\n script_name(\"Mandriva Update for subversion MDVSA-2011:106 (subversion)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'subversion'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2011 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\", re:\"ssh/login/release=MNDK_(mes5|2010\\.1|2009\\.0)\");\n script_tag(name:\"affected\", value:\"subversion on Mandriva Linux 2009.0,\n Mandriva Linux 2009.0/X86_64,\n Mandriva Linux 2010.1,\n Mandriva Linux 2010.1/X86_64,\n Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities were discovered and corrected in subversion:\n\n The mod_dav_svn Apache HTTPD server module will dereference a NULL\n pointer if asked to deliver baselined WebDAV resources which can lead\n to a DoS (Denial Of Service) (CVE-2011-1752).\n\n The mod_dav_svn Apache HTTPD server module may in certain scenarios\n enter a logic loop which does not exit and which allocates emory in\n each iteration, ultimately exhausting all the available emory on the\n server which can lead to a DoS (Denial Of Service) (CVE-2011-1783).\n\n The mod_dav_svn Apache HTTPD server module may leak to remote users\n the file contents of files configured to be unreadable by those users\n (CVE-2011-1921).\n\n Packages for 2009.0 are provided as of the Extended Maintenance\n Program. The updated packages have been upgraded to the 1.6.17 version which\n is not vulnerable to these issues.\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"http://store.mandriva.com/product_info.php?cPath=149&amp;products_id=490\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"apache-mod_dav_svn\", rpm:\"apache-mod_dav_svn~1.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_dontdothat\", rpm:\"apache-mod_dontdothat~1.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsvn0\", rpm:\"libsvn0~1.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsvnjavahl1\", rpm:\"libsvnjavahl1~1.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perl-SVN\", rpm:\"perl-SVN~1.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-svn\", rpm:\"python-svn~1.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-svn\", rpm:\"ruby-svn~1.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"subversion\", rpm:\"subversion~1.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"subversion-devel\", rpm:\"subversion-devel~1.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"subversion-doc\", rpm:\"subversion-doc~1.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"subversion-server\", rpm:\"subversion-server~1.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"subversion-tools\", rpm:\"subversion-tools~1.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"svn-javahl\", rpm:\"svn-javahl~1.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64svn0\", rpm:\"lib64svn0~1.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64svnjavahl1\", rpm:\"lib64svnjavahl1~1.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"apache-mod_dav_svn\", rpm:\"apache-mod_dav_svn~1.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_dontdothat\", rpm:\"apache-mod_dontdothat~1.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsvn0\", rpm:\"libsvn0~1.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsvn-gnome-keyring0\", rpm:\"libsvn-gnome-keyring0~1.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsvnjavahl1\", rpm:\"libsvnjavahl1~1.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsvn-kwallet0\", rpm:\"libsvn-kwallet0~1.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perl-SVN\", rpm:\"perl-SVN~1.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-svn\", rpm:\"python-svn~1.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-svn\", rpm:\"ruby-svn~1.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"subversion\", rpm:\"subversion~1.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"subversion-devel\", rpm:\"subversion-devel~1.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"subversion-doc\", rpm:\"subversion-doc~1.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"subversion-server\", rpm:\"subversion-server~1.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"subversion-tools\", rpm:\"subversion-tools~1.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"svn-javahl\", rpm:\"svn-javahl~1.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64svn0\", rpm:\"lib64svn0~1.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64svn-gnome-keyring0\", rpm:\"lib64svn-gnome-keyring0~1.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64svnjavahl1\", rpm:\"lib64svnjavahl1~1.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64svn-kwallet0\", rpm:\"lib64svn-kwallet0~1.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"apache-mod_dav_svn\", rpm:\"apache-mod_dav_svn~1.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_dontdothat\", rpm:\"apache-mod_dontdothat~1.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsvn0\", rpm:\"libsvn0~1.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsvnjavahl1\", rpm:\"libsvnjavahl1~1.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perl-SVN\", rpm:\"perl-SVN~1.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-svn\", rpm:\"python-svn~1.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-svn\", rpm:\"ruby-svn~1.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"subversion\", rpm:\"subversion~1.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"subversion-devel\", rpm:\"subversion-devel~1.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"subversion-doc\", rpm:\"subversion-doc~1.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"subversion-server\", rpm:\"subversion-server~1.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"subversion-tools\", rpm:\"subversion-tools~1.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"svn-javahl\", rpm:\"svn-javahl~1.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64svn0\", rpm:\"lib64svn0~1.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64svnjavahl1\", rpm:\"lib64svnjavahl1~1.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:07", "bulletinFamily": "unix", "cvelist": ["CVE-2010-4644", "CVE-2010-4539", "CVE-2011-1783", "CVE-2013-4277", "CVE-2013-1884", "CVE-2011-1752", "CVE-2013-1849", "CVE-2013-1845", "CVE-2013-1846", "CVE-2011-1921", "CVE-2011-0715", "CVE-2013-1847", "CVE-2013-2088", "CVE-2013-4131", "CVE-2013-1968", "CVE-2013-2112"], "description": "### Background\n\nSubversion is a versioning system designed to be a replacement for CVS. \n\n### Description\n\nMultiple vulnerabilities have been discovered in Subversion. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA remote attacker could cause a Denial of Service condition or obtain sensitive information. A local attacker could escalate his privileges to the user running svnserve. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Subversion users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-vcs/subversion-1.7.13\"", "edition": 1, "modified": "2013-09-23T00:00:00", "published": "2013-09-23T00:00:00", "id": "GLSA-201309-11", "href": "https://security.gentoo.org/glsa/201309-11", "type": "gentoo", "title": "Subversion: Multiple vulnerabilities", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}]}