CentOS Update for mod_dav_svn CESA-2011:0862 centos5 i386. Subversion (SVN) mod_dav_svn module security update
Reporter | Title | Published | Views | Family All 97 |
---|---|---|---|---|
![]() | [BSA-037] Security Update for subversion | 14 Jul 201100:02 | β | debian |
![]() | [SECURITY] [DSA 2251-1] subversion security update | 2 Jun 201109:48 | β | debian |
![]() | Fedora 15 : subversion-1.6.17-1.fc15 (2011-8352) | 24 Jun 201100:00 | β | nessus |
![]() | openSUSE Security Update : libsvn_auth_gnome_keyring-1-0 (openSUSE-SU-2011:0695-1) | 13 Jun 201400:00 | β | nessus |
![]() | Debian DSA-2251-1 : subversion - several vulnerabilities | 10 Jun 201100:00 | β | nessus |
![]() | Mandriva Linux Security Advisory : subversion (MDVSA-2011:106) | 6 Jun 201100:00 | β | nessus |
![]() | Fedora 14 : subversion-1.6.17-1.fc14 (2011-8341) | 5 Jul 201100:00 | β | nessus |
![]() | Oracle Linux 5 / 6 : subversion (ELSA-2011-0862) | 12 Jul 201300:00 | β | nessus |
![]() | Scientific Linux Security Update : subversion on SL5.x, SL6.x i386/x86_64 | 1 Aug 201200:00 | β | nessus |
![]() | Ubuntu 10.04 LTS / 10.10 / 11.04 : subversion vulnerabilities (USN-1144-1) | 13 Jun 201100:00 | β | nessus |
###############################################################################
# OpenVAS Vulnerability Test
#
# CentOS Update for mod_dav_svn CESA-2011:0862 centos5 i386
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################
include("revisions-lib.inc");
tag_insight = "Subversion (SVN) is a concurrent version control system which enables one
or more users to collaborate in developing and maintaining a hierarchy of
files and directories while keeping a history of all changes. The
mod_dav_svn module is used with the Apache HTTP Server to allow access to
Subversion repositories via HTTP.
An infinite loop flaw was found in the way the mod_dav_svn module processed
certain data sets. If the SVNPathAuthz directive was set to
"short_circuit", and path-based access control for files and directories
was enabled, a malicious, remote user could use this flaw to cause the
httpd process serving the request to consume an excessive amount of system
memory. (CVE-2011-1783)
A NULL pointer dereference flaw was found in the way the mod_dav_svn module
processed requests submitted against the URL of a baselined resource. A
malicious, remote user could use this flaw to cause the httpd process
serving the request to crash. (CVE-2011-1752)
An information disclosure flaw was found in the way the mod_dav_svn
module processed certain URLs when path-based access control for files and
directories was enabled. A malicious, remote user could possibly use this
flaw to access certain files in a repository that would otherwise not be
accessible to them. Note: This vulnerability cannot be triggered if the
SVNPathAuthz directive is set to "short_circuit". (CVE-2011-1921)
Red Hat would like to thank the Apache Subversion project for reporting
these issues. Upstream acknowledges Joe Schaefer of the Apache Software
Foundation as the original reporter of CVE-2011-1752; Ivan Zhakov of
VisualSVN as the original reporter of CVE-2011-1783; and Kamesh
Jayachandran of CollabNet, Inc. as the original reporter of CVE-2011-1921.
All Subversion users should upgrade to these updated packages, which
contain backported patches to correct these issues. After installing the
updated packages, you must restart the httpd daemon, if you are using
mod_dav_svn, for the update to take effect.";
tag_solution = "Please Install the Updated Packages.";
tag_affected = "mod_dav_svn on CentOS 5";
if(description)
{
script_xref(name : "URL" , value : "http://lists.centos.org/pipermail/centos-announce/2011-June/017614.html");
script_id(880528);
script_version("$Revision: 6653 $");
script_tag(name:"last_modification", value:"$Date: 2017-07-10 13:46:53 +0200 (Mon, 10 Jul 2017) $");
script_tag(name:"creation_date", value:"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)");
script_tag(name:"cvss_base", value:"5.0");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:P");
script_xref(name: "CESA", value: "2011:0862");
script_cve_id("CVE-2011-1752", "CVE-2011-1783", "CVE-2011-1921");
script_name("CentOS Update for mod_dav_svn CESA-2011:0862 centos5 i386");
script_summary("Check for the Version of mod_dav_svn");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
script_family("CentOS Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/centos", "ssh/login/rpms");
script_tag(name : "affected" , value : tag_affected);
script_tag(name : "insight" , value : tag_insight);
script_tag(name : "solution" , value : tag_solution);
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("pkg-lib-rpm.inc");
release = get_kb_item("ssh/login/release");
res = "";
if(release == NULL){
exit(0);
}
if(release == "CentOS5")
{
if ((res = isrpmvuln(pkg:"mod_dav_svn", rpm:"mod_dav_svn~1.6.11~7.el5_6.4", rls:"CentOS5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"subversion", rpm:"subversion~1.6.11~7.el5_6.4", rls:"CentOS5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"subversion-devel", rpm:"subversion-devel~1.6.11~7.el5_6.4", rls:"CentOS5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"subversion-javahl", rpm:"subversion-javahl~1.6.11~7.el5_6.4", rls:"CentOS5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"subversion-perl", rpm:"subversion-perl~1.6.11~7.el5_6.4", rls:"CentOS5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"subversion-ruby", rpm:"subversion-ruby~1.6.11~7.el5_6.4", rls:"CentOS5")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. ContactΒ us for a demo andΒ discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo