Vulners
Lucene search
CentOS Update for mod_dav_svn CESA-2011:0861 centos4 i386
🗓️ 18 Aug 2011 00:00:00Reported by Copyright (c) 2011 Greenbone Networks GmbHType 
openvas🔗 plugins.openvas.org👁 25 Views
| Reporter | Title | Published | Views | Family All 93 |
|---|---|---|---|---|
 | Security fix for the ALT Linux 5 package subversion version 1.6.17-alt1 | 20 Jul 201100:00 | – | altlinux |
| Security fix for the ALT Linux 5 package subversion version 1.6.17-alt0.M50P.1 | 25 Jul 201100:00 | – | altlinux |
 | Mac OS X 10.7 < 10.7.3 Multiple Vulnerabilities | 6 Feb 201200:00 | – | nessus |
| CentOS 4 : subversion (CESA-2011:0861) | 15 Aug 201100:00 | – | nessus |
| CentOS 5 : subversion (CESA-2011:0862) | 9 Jun 201100:00 | – | nessus |
| Debian DSA-2251-1 : subversion - several vulnerabilities | 10 Jun 201100:00 | – | nessus |
| Fedora 14 : subversion-1.6.17-1.fc14 (2011-8341) | 5 Jul 201100:00 | – | nessus |
| Fedora 15 : subversion-1.6.17-1.fc15 (2011-8352) | 24 Jun 201100:00 | – | nessus |
| FreeBSD : Subversion -- multiple vulnerabilities (e27a1af3-8d21-11e0-a45d-001e8c75030d) | 3 Jun 201100:00 | – | nessus |
| GLSA-201309-11 : Subversion: Multiple vulnerabilities | 24 Sep 201300:00 | – | nessus |
10
###############################################################################
# OpenVAS Vulnerability Test
#
# CentOS Update for mod_dav_svn CESA-2011:0861 centos4 i386
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################
include("revisions-lib.inc");
tag_insight = "Subversion (SVN) is a concurrent version control system which enables one
or more users to collaborate in developing and maintaining a hierarchy of
files and directories while keeping a history of all changes. The
mod_dav_svn module is used with the Apache HTTP Server to allow access to
Subversion repositories via HTTP.
A NULL pointer dereference flaw was found in the way the mod_dav_svn module
processed requests submitted against the URL of a baselined resource. A
malicious, remote user could use this flaw to cause the httpd process
serving the request to crash. (CVE-2011-1752)
Red Hat would like to thank the Apache Subversion project for reporting
this issue. Upstream acknowledges Joe Schaefer of the Apache Software
Foundation as the original reporter.
All Subversion users should upgrade to these updated packages, which
contain a backported patch to correct this issue. After installing the
updated packages, you must restart the httpd daemon, if you are using
mod_dav_svn, for the update to take effect.";
tag_solution = "Please Install the Updated Packages.";
tag_affected = "mod_dav_svn on CentOS 4";
if(description)
{
script_xref(name : "URL" , value : "http://lists.centos.org/pipermail/centos-announce/2011-August/017675.html");
script_id(880961);
script_version("$Revision: 6653 $");
script_tag(name:"last_modification", value:"$Date: 2017-07-10 13:46:53 +0200 (Mon, 10 Jul 2017) $");
script_tag(name:"creation_date", value:"2011-08-18 14:57:45 +0200 (Thu, 18 Aug 2011)");
script_tag(name:"cvss_base", value:"5.0");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:P");
script_xref(name: "CESA", value: "2011:0861");
script_cve_id("CVE-2011-1752");
script_name("CentOS Update for mod_dav_svn CESA-2011:0861 centos4 i386");
script_summary("Check for the Version of mod_dav_svn");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
script_family("CentOS Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/centos", "ssh/login/rpms");
script_tag(name : "affected" , value : tag_affected);
script_tag(name : "insight" , value : tag_insight);
script_tag(name : "solution" , value : tag_solution);
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("pkg-lib-rpm.inc");
release = get_kb_item("ssh/login/release");
res = "";
if(release == NULL){
exit(0);
}
if(release == "CentOS4")
{
if ((res = isrpmvuln(pkg:"mod_dav_svn", rpm:"mod_dav_svn~1.1.4~4.el4_8", rls:"CentOS4")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"subversion", rpm:"subversion~1.1.4~4.el4_8", rls:"CentOS4")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"subversion-devel", rpm:"subversion-devel~1.1.4~4.el4_8", rls:"CentOS4")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"subversion-perl", rpm:"subversion-perl~1.1.4~4.el4_8", rls:"CentOS4")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
10 Jul 2017 00:00Current
6.9Medium risk
Vulners AI Score6.9
EPSS0.22709