Software: subversion 1.7.14
OS: Cobalt 7.9
CVE-ID: CVE-2014-3504
CVE-Crit: HIGH
CVE-DESC: The functions (1) serf_ssl_cert_issuer, (2) serf_ssl_cert_subject, and (3) serf_ssl_cert_certificate in Serf 0.2.0 - 1.3.x through 1.3.7 incorrectly handle the NUL byte in the domain name in the subject common name. (CN) in the X.509 certificate, which allows intermediary attackers to spoof arbitrary SSL servers using a crafted certificate issued by a legitimate certificate authority.
CVE-STATUS: Default
CVE-REV: Default
CVE-ID: CVE-2014-3522
CVE-Crit: MEDIUM
CVE-DESC: Serf RA layer in Apache Subversion 1.4.0 to 1.7.x to 1.7.18 and 1.8.x to 1.8.10 does not properly handle wildcards in the Common Name (CN) or subjectAltName field in X.509. certificate that allows "attacker-in-the-middle" attackers to spoof servers using a crafted certificate.
CVE-STATUS: default
CVE-REV: default
CVE-ID: CVE-2015-5343
CVE-Crit: HIGH
CVE-DESC: Integer overflow in util.c in mod_dav_svn in Apache Subversion 1.7.x, 1.8.x before 1.8.15 and 1.9.x before 1.9.3 allows remote authenticated users to cause a denial of service (Subversion server failure or memory consumption) and possibly execute arbitrary code via a skel-encoded request body that causes an out-of-range read and a heap-based buffer overflow.
CVE-STATUS: default
CVE-REV: default
CVE-ID: CVE-2016-2167
CVE-Crit: MEDIUM
CVE-DESC: The canonicalize_username function in svnserve / cyrus_auth.c in Apache Subversion before 1.8.16 and 1.9.x before 1.9.4, when Cyrus SASL authentication is used, allows remote attackers to authenticate and bypass expected access restrictions using the area string is the prefix of the expected repository area string.
CVE-STATUS: default
CVE-REV: default
CVE-ID: CVE-2016-2168
CVE-Crit: MEDIUM
CVE-DESC: The req_check_access function in the mod_authz_svn module in the httpd server in Apache Subversion before 1.8.16 and 1.9.x before 1.9.4 allows remote authenticated users to cause a denial of service (null pointer dereferencing and failure) via a crafted header in a (1) MOVE or (2) COPY request, including authorization checking.
CVE-STATUS: default
CVE-REV: default
CVE-ID: CVE-2016-8734
CVE-Crit: MEDIUM
CVE-DESC: mod_dontdothat Apache Subversion module and HTTP clients 1.4.0 through 1.8.16 and 1.9.0 through 1.9.4 are vulnerable to a denial-of-service attack caused by exponential expansion of an XML object. The attack can cause the target process to consume an excessive amount of CPU or memory resources.
CVE-STATUS: default
CVE-REV: default
CVE-ID: CVE-2017-1000085
CVE-Crit: MEDIUM
CVE-DESC: The Subversion plugin connects to a user-specified Subversion repository as part of a form validation (e.g., to retrieve a list of tags). This feature improperly checked permissions, allowing any user with Item / Build permission (but not Item / Configure) to connect to any web or Subversion server and send credentials with a known ID, thereby possibly intercepting them. In addition, this feature did not require the use of POST requests, allowing the above to be done without directly accessing Jenkins via cross-site request forgery attacks.
CVE-STATUS: default
CVE-REV: default
CVE-ID: CVE-2018-1000111
CVE-Crit: MEDIUM
CVE-DESC: A misauthorization vulnerability exists in the Jenkins Subversion plugin version 2.10.2 and earlier in SubversionStatus.java and SubversionRepositoryStatus.java that allows an attacker with network access to obtain a list of hosts and users.
CVE-STATUS: default
CVE-REV: default
CVE-ID: CVE-2019-0203
CVE-Crit: HIGH
CVE-DESC: In Apache Subversion versions up to and including 1.9.10, 1.10.4, 1.12.0, the Subversion svnserve server process may terminate when the client sends certain protocol command sequences. This can cause server users to crash.
CVE-STATUS: default
CVE-REV: default
CVE-ID: CVE-2020-2111
CVE-Crit: MEDIUM
CVE-DESC: The Jenkins Subversion 2.13.0 and earlier plugin does not display an error message to validate the form of the project repository base URL field, resulting in a persistent cross-site scripting vulnerability.
CVE-STATUS: default
CVE-REV: default
CVE-ID: CVE-2020-2304
CVE-Crit: MEDIUM
CVE-DESC: Jenkins Subversion 2.13.1 plug-in Jenkins Subversion 2.13.1 and earlier versions do not configure their XML parser to prevent attacks against XML External Objects (XXE).
CVE-STATUS: Default
CVE-REV: default
{"id": "ROSA-SA-2021-1979", "vendorId": null, "type": "rosalinux", "bulletinFamily": "unix", "title": "Advisory ROSA-SA-2021-1979", "description": "Software: subversion 1.7.14\nOS: Cobalt 7.9\n\nCVE-ID: CVE-2014-3504\nCVE-Crit: HIGH\nCVE-DESC: The functions (1) serf_ssl_cert_issuer, (2) serf_ssl_cert_subject, and (3) serf_ssl_cert_certificate in Serf 0.2.0 - 1.3.x through 1.3.7 incorrectly handle the NUL byte in the domain name in the subject common name. (CN) in the X.509 certificate, which allows intermediary attackers to spoof arbitrary SSL servers using a crafted certificate issued by a legitimate certificate authority. \nCVE-STATUS: Default\nCVE-REV: Default\n\nCVE-ID: CVE-2014-3522\nCVE-Crit: MEDIUM\nCVE-DESC: Serf RA layer in Apache Subversion 1.4.0 to 1.7.x to 1.7.18 and 1.8.x to 1.8.10 does not properly handle wildcards in the Common Name (CN) or subjectAltName field in X.509. certificate that allows \"attacker-in-the-middle\" attackers to spoof servers using a crafted certificate. \nCVE-STATUS: default\nCVE-REV: default\n\nCVE-ID: CVE-2015-5343\nCVE-Crit: HIGH\nCVE-DESC: Integer overflow in util.c in mod_dav_svn in Apache Subversion 1.7.x, 1.8.x before 1.8.15 and 1.9.x before 1.9.3 allows remote authenticated users to cause a denial of service (Subversion server failure or memory consumption) and possibly execute arbitrary code via a skel-encoded request body that causes an out-of-range read and a heap-based buffer overflow. \nCVE-STATUS: default\nCVE-REV: default\n\nCVE-ID: CVE-2016-2167\nCVE-Crit: MEDIUM\nCVE-DESC: The canonicalize_username function in svnserve / cyrus_auth.c in Apache Subversion before 1.8.16 and 1.9.x before 1.9.4, when Cyrus SASL authentication is used, allows remote attackers to authenticate and bypass expected access restrictions using the area string is the prefix of the expected repository area string. \nCVE-STATUS: default\nCVE-REV: default\n\nCVE-ID: CVE-2016-2168\nCVE-Crit: MEDIUM\nCVE-DESC: The req_check_access function in the mod_authz_svn module in the httpd server in Apache Subversion before 1.8.16 and 1.9.x before 1.9.4 allows remote authenticated users to cause a denial of service (null pointer dereferencing and failure) via a crafted header in a (1) MOVE or (2) COPY request, including authorization checking. \nCVE-STATUS: default\nCVE-REV: default\n\nCVE-ID: CVE-2016-8734\nCVE-Crit: MEDIUM\nCVE-DESC: mod_dontdothat Apache Subversion module and HTTP clients 1.4.0 through 1.8.16 and 1.9.0 through 1.9.4 are vulnerable to a denial-of-service attack caused by exponential expansion of an XML object. The attack can cause the target process to consume an excessive amount of CPU or memory resources. \nCVE-STATUS: default\nCVE-REV: default\n\nCVE-ID: CVE-2017-1000085\nCVE-Crit: MEDIUM\nCVE-DESC: The Subversion plugin connects to a user-specified Subversion repository as part of a form validation (e.g., to retrieve a list of tags). This feature improperly checked permissions, allowing any user with Item / Build permission (but not Item / Configure) to connect to any web or Subversion server and send credentials with a known ID, thereby possibly intercepting them. In addition, this feature did not require the use of POST requests, allowing the above to be done without directly accessing Jenkins via cross-site request forgery attacks. \nCVE-STATUS: default\nCVE-REV: default\n\nCVE-ID: CVE-2018-1000111\nCVE-Crit: MEDIUM\nCVE-DESC: A misauthorization vulnerability exists in the Jenkins Subversion plugin version 2.10.2 and earlier in SubversionStatus.java and SubversionRepositoryStatus.java that allows an attacker with network access to obtain a list of hosts and users. \nCVE-STATUS: default\nCVE-REV: default\n\nCVE-ID: CVE-2019-0203\nCVE-Crit: HIGH\nCVE-DESC: In Apache Subversion versions up to and including 1.9.10, 1.10.4, 1.12.0, the Subversion svnserve server process may terminate when the client sends certain protocol command sequences. This can cause server users to crash. \nCVE-STATUS: default\nCVE-REV: default\n\nCVE-ID: CVE-2020-2111\nCVE-Crit: MEDIUM\nCVE-DESC: The Jenkins Subversion 2.13.0 and earlier plugin does not display an error message to validate the form of the project repository base URL field, resulting in a persistent cross-site scripting vulnerability. \nCVE-STATUS: default\nCVE-REV: default\n\nCVE-ID: CVE-2020-2304\nCVE-Crit: MEDIUM\nCVE-DESC: Jenkins Subversion 2.13.1 plug-in Jenkins Subversion 2.13.1 and earlier versions do not configure their XML parser to prevent attacks against XML External Objects (XXE). \nCVE-STATUS: Default\nCVE-REV: default\n", "published": "2021-07-02T18:11:52", "modified": "2021-07-02T18:11:52", "epss": [{"cve": "CVE-2014-3504", "epss": 0.00072, "percentile": 0.29671, "modified": "2023-09-06"}, {"cve": "CVE-2014-3522", "epss": 0.00171, "percentile": 0.53565, "modified": "2023-09-06"}, {"cve": "CVE-2015-5343", "epss": 0.94964, "percentile": 0.98991, "modified": "2023-08-30"}, {"cve": "CVE-2016-2167", "epss": 0.00134, "percentile": 0.47267, "modified": "2023-06-03"}, {"cve": "CVE-2016-2168", "epss": 0.08986, "percentile": 0.93695, "modified": "2023-06-03"}, {"cve": "CVE-2016-8734", "epss": 0.00452, "percentile": 0.71536, "modified": "2023-06-03"}, {"cve": "CVE-2017-1000085", "epss": 0.00064, "percentile": 0.2617, "modified": "2023-09-08"}, {"cve": "CVE-2018-1000111", "epss": 0.00084, "percentile": 0.34353, "modified": "2023-06-19"}, {"cve": "CVE-2019-0203", "epss": 0.00126, "percentile": 0.46334, "modified": "2023-07-15"}, {"cve": "CVE-2020-2111", "epss": 0.00054, "percentile": 0.19931, "modified": "2023-06-06"}, {"cve": "CVE-2020-2304", "epss": 0.00065, "percentile": 0.26629, "modified": "2023-06-06"}], "cvss": {"score": 8.0, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:C"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:C", "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "SINGLE", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "availabilityImpact": "COMPLETE", "baseScore": 8.0}, "severity": "HIGH", "exploitabilityScore": 8.0, "impactScore": 8.5, "acInsufInfo": true, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {"cvssV3": {"version": "3.0", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "HIGH", "baseScore": 7.6, "baseSeverity": "HIGH"}, "exploitabilityScore": 2.8, "impactScore": 4.7}, "href": "https://abf.rosalinux.ru/advisories/ROSA-SA-2021-1979", "reporter": "ROSA LAB", "references": [], "cvelist": ["CVE-2014-3504", "CVE-2014-3522", "CVE-2015-5343", "CVE-2016-2167", "CVE-2016-2168", "CVE-2016-8734", "CVE-2017-1000085", "CVE-2018-1000111", "CVE-2019-0203", "CVE-2020-2111", "CVE-2020-2304"], "immutableFields": [], "lastseen": "2023-09-08T23:11:56", "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "almalinux", "idList": ["ALSA-2019:2512"]}, {"type": "alpinelinux", "idList": ["ALPINE:CVE-2019-0203"]}, {"type": "amazon", "idList": ["ALAS-2014-397", "ALAS-2014-413", "ALAS-2016-676", "ALAS-2016-709", "ALAS-2016-710", "ALAS-2017-794", "ALAS-2019-1317"]}, {"type": "archlinux", "idList": ["ASA-201606-6", "ASA-201908-10"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2016-0204"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:D21D51A50EB896BB75DB194B9CF9D65F", "CFOUNDRY:E8A73D202360CCE4A590BCA04560450A"]}, {"type": "cve", "idList": ["CVE-2014-3504", "CVE-2014-3522", "CVE-2015-5343", "CVE-2016-2167", "CVE-2016-2168", "CVE-2016-8734", "CVE-2017-1000085", "CVE-2018-1000111", "CVE-2019-0203", "CVE-2020-2111", "CVE-2020-2304"]}, {"type": "debian", "idList": ["DEBIAN:DLA-1903-1:C00A6", "DEBIAN:DLA-448-1:46817", "DEBIAN:DSA-3424-1:19C68", "DEBIAN:DSA-3561-1:A2BC9", "DEBIAN:DSA-3561-1:D3809", "DEBIAN:DSA-3932-1:2FDE9", "DEBIAN:DSA-3932-1:A3186", "DEBIAN:DSA-4490-1:715F8", "DEBIAN:DSA-4490-1:D05C2"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2014-3504", "DEBIANCVE:CVE-2014-3522", "DEBIANCVE:CVE-2015-5343", "DEBIANCVE:CVE-2016-2167", "DEBIANCVE:CVE-2016-2168", "DEBIANCVE:CVE-2016-8734", "DEBIANCVE:CVE-2019-0203"]}, {"type": "fedora", "idList": ["FEDORA:1A4CA237F1", "FEDORA:2F69A604D2C9", "FEDORA:4499A605712E", "FEDORA:612B46093936", "FEDORA:6162D6076968", "FEDORA:89A8F601CFB9", "FEDORA:C829623572", "FEDORA:F2C4A6133CC5"]}, {"type": "freebsd", "idList": ["69048656-2187-11E4-802C-20CF30E32F6D", "83A418CC-2182-11E4-802C-20CF30E32F6D", "AC256985-B6A9-11E6-A3BF-206A8A720317", "C8174B63-0D3A-11E6-B06E-D43D7EED0CE2", "DAADEF86-A366-11E5-8B40-20CF30E32F6D"]}, {"type": "gentoo", "idList": ["GLSA-201610-05"]}, {"type": "github", "idList": ["GHSA-HRWC-PQFM-G6QF", "GHSA-VP5F-8JGW-J53C", "GHSA-W9GQ-8Q35-3JCC", "GHSA-X3PR-FCGM-WJGC"]}, {"type": "ics", "idList": ["ICSA-22-123-01"]}, {"type": "kaspersky", "idList": ["KLA10792", "KLA10808"]}, {"type": "mageia", "idList": ["MGASA-2014-0339", "MGASA-2014-0353", "MGASA-2015-0490", "MGASA-2016-0161", "MGASA-2017-0009", "MGASA-2019-0243"]}, {"type": "nessus", "idList": ["9068.PRM", "9395.PRM", "ALA_ALAS-2014-397.NASL", "ALA_ALAS-2014-413.NASL", "ALA_ALAS-2016-676.NASL", "ALA_ALAS-2016-709.NASL", "ALA_ALAS-2016-710.NASL", "ALA_ALAS-2017-794.NASL", "ALA_ALAS-2019-1317.NASL", "DEBIAN_DLA-1903.NASL", "DEBIAN_DLA-448.NASL", "DEBIAN_DSA-3424.NASL", "DEBIAN_DSA-3561.NASL", "DEBIAN_DSA-3932.NASL", "DEBIAN_DSA-4490.NASL", "EULEROS_SA-2019-2504.NASL", "EULEROS_SA-2019-2550.NASL", "EULEROS_SA-2019-2669.NASL", "EULEROS_SA-2020-1513.NASL", "FEDORA_2014-9367.NASL", "FEDORA_2014-9636.NASL", "FEDORA_2015-6EFA349A85.NASL", "FEDORA_2015-AFDB0E8AAA.NASL", "FEDORA_2016-20CC04AC50.NASL", "FEDORA_2016-E024B3E02B.NASL", "FEDORA_2017-C629F16F6C.NASL", "FEDORA_2019-F6BC68E455.NASL", "FREEBSD_PKG_69048656218711E4802C20CF30E32F6D.NASL", "FREEBSD_PKG_83A418CC218211E4802C20CF30E32F6D.NASL", "FREEBSD_PKG_AC256985B6A911E6A3BF206A8A720317.NASL", "FREEBSD_PKG_C8174B630D3A11E6B06ED43D7EED0CE2.NASL", "FREEBSD_PKG_DAADEF86A36611E58B4020CF30E32F6D.NASL", "GENTOO_GLSA-201610-05.NASL", "MACOSX_XCODE_6_2.NASL", "MANDRIVA_MDVSA-2014-166.NASL", "MANDRIVA_MDVSA-2015-085.NASL", "MANDRIVA_MDVSA-2015-127.NASL", "OPENSUSE-2014-511.NASL", "OPENSUSE-2015-948.NASL", "OPENSUSE-2015-949.NASL", "OPENSUSE-2016-1435.NASL", "OPENSUSE-2016-570.NASL", "OPENSUSE-2016-571.NASL", "OPENSUSE-2019-1910.NASL", "ORACLELINUX_ELSA-2019-2512.NASL", "PHOTONOS_PHSA-2016-0013.NASL", "PHOTONOS_PHSA-2016-0013_SUBVERSION.NASL", "PHOTONOS_PHSA-2017-1_0-0093.NASL", "PHOTONOS_PHSA-2017-1_0-0093_SUBVERSION.NASL", "PHOTONOS_PHSA-2019-2_0-0182_SUBVERSION.NASL", "PHOTONOS_PHSA-2019-3_0-0035_SUBVERSION.NASL", "REDHAT-RHSA-2019-2512.NASL", "REDHAT-RHSA-2020-2478.NASL", "REDHAT-RHSA-2020-2737.NASL", "REDHAT-RHSA-2020-3616.NASL", "REDHAT-RHSA-2021-0034.NASL", "REDHAT-RHSA-2021-0038.NASL", "REDHAT-RHSA-2021-0282.NASL", "REDHAT-RHSA-2021-0637.NASL", "SLACKWARE_SSA_2016-097-01.NASL", "SLACKWARE_SSA_2016-121-01.NASL", "SUBVERSION_1_12_1.NASL", "SUBVERSION_1_8_10.NASL", "SUSE_SU-2019-2031-1.NASL", "UBUNTU_USN-2315-1.NASL", "UBUNTU_USN-2316-1.NASL", "UBUNTU_USN-3388-1.NASL", "UBUNTU_USN-4082-1.NASL", "UBUNTU_USN-5445-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310120082", "OPENVAS:1361412562310120243", "OPENVAS:1361412562310120666", "OPENVAS:1361412562310120698", "OPENVAS:1361412562310120699", "OPENVAS:1361412562310131291", "OPENVAS:1361412562310703424", "OPENVAS:1361412562310703561", "OPENVAS:1361412562310703932", "OPENVAS:1361412562310704490", "OPENVAS:1361412562310806858", "OPENVAS:1361412562310807425", "OPENVAS:1361412562310807684", "OPENVAS:1361412562310808025", "OPENVAS:1361412562310808106", "OPENVAS:1361412562310808373", "OPENVAS:1361412562310841931", "OPENVAS:1361412562310841932", "OPENVAS:1361412562310843282", "OPENVAS:1361412562310844117", "OPENVAS:1361412562310852658", "OPENVAS:1361412562310868118", "OPENVAS:1361412562310868142", "OPENVAS:1361412562310872237", "OPENVAS:1361412562310876636", "OPENVAS:1361412562310891903", "OPENVAS:1361412562311220192504", "OPENVAS:1361412562311220192550", "OPENVAS:1361412562311220192669", "OPENVAS:1361412562311220201513", "OPENVAS:703424", "OPENVAS:703561"]}, {"type": "oracle", "idList": ["ORACLE:CPUOCT2020"]}, {"type": "oraclelinux", "idList": ["ELSA-2019-2512"]}, {"type": "osv", "idList": ["OSV:DLA-1903-1", "OSV:DLA-448-1", "OSV:DSA-3424-1", "OSV:DSA-3561-1", "OSV:DSA-3932-1", "OSV:DSA-4490-1", "OSV:GHSA-HRWC-PQFM-G6QF", "OSV:GHSA-VP5F-8JGW-J53C", "OSV:GHSA-W9GQ-8Q35-3JCC", "OSV:GHSA-X3PR-FCGM-WJGC"]}, {"type": "photon", "idList": ["PHSA-2016-0013", "PHSA-2017-0093", "PHSA-2017-1.0-0093", "PHSA-2019-0035", "PHSA-2019-0182", "PHSA-2019-0254", "PHSA-2019-1.0-0254", "PHSA-2019-2.0-0182", "PHSA-2019-3.0-0035"]}, {"type": "redhat", "idList": ["RHSA-2019:2512", "RHSA-2020:2478", "RHSA-2020:2737", "RHSA-2020:3616", "RHSA-2021:0034", "RHSA-2021:0037", "RHSA-2021:0038", "RHSA-2021:0039", "RHSA-2021:0281", "RHSA-2021:0282", "RHSA-2021:0637", "RHSA-2021:0719"]}, {"type": "redhatcve", "idList": ["RH:CVE-2016-8734", "RH:CVE-2017-1000085", "RH:CVE-2018-1000111", "RH:CVE-2019-0203", "RH:CVE-2020-2111", "RH:CVE-2020-2304"]}, {"type": "rocky", "idList": ["RLSA-2019:2512"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:31046", "SECURITYVULNS:DOC:31047", "SECURITYVULNS:VULN:13937", "SECURITYVULNS:VULN:13938", "SECURITYVULNS:VULN:14026"]}, {"type": "slackware", "idList": ["SSA-2016-097-01", "SSA-2016-121-01"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2019:1910-1", "SUSE-SU-2017:2163-1", "SUSE-SU-2017:2200-1"]}, {"type": "ubuntu", "idList": ["USN-2315-1", "USN-2316-1", "USN-3388-1", "USN-3388-2", "USN-4082-1", "USN-4082-2", "USN-5445-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2014-3504", "UB:CVE-2014-3522", "UB:CVE-2015-5343", "UB:CVE-2016-2167", "UB:CVE-2016-2168", "UB:CVE-2016-8734", "UB:CVE-2019-0203"]}, {"type": "veracode", "idList": ["VERACODE:17682", "VERACODE:25714", "VERACODE:26877", "VERACODE:28231", "VERACODE:29080", "VERACODE:5912"]}]}, "epss": [{"cve": "CVE-2014-3504", "epss": 0.00072, "percentile": 0.29272, "modified": "2023-04-21"}, {"cve": "CVE-2014-3522", "epss": 0.00171, "percentile": 0.52679, "modified": "2023-04-21"}, {"cve": "CVE-2015-5343", "epss": 0.95494, "percentile": 0.98991, "modified": "2023-04-21"}, {"cve": "CVE-2016-2167", "epss": 0.00134, "percentile": 0.47065, "modified": "2023-04-21"}, {"cve": "CVE-2016-2168", "epss": 0.06456, "percentile": 0.9261, "modified": "2023-04-21"}, {"cve": "CVE-2016-8734", "epss": 0.00452, "percentile": 0.71405, "modified": "2023-04-21"}, {"cve": "CVE-2017-1000085", "epss": 0.00064, "percentile": 0.25964, "modified": "2023-04-21"}, {"cve": "CVE-2018-1000111", "epss": 0.00084, "percentile": 0.34159, "modified": "2023-04-21"}, {"cve": "CVE-2019-0203", "epss": 0.00126, "percentile": 0.45751, "modified": "2023-04-21"}, {"cve": "CVE-2020-2111", "epss": 0.00054, "percentile": 0.19958, "modified": "2023-04-21"}, {"cve": "CVE-2020-2304", "epss": 0.00065, "percentile": 0.26521, "modified": "2023-04-21"}], "score": {"value": 8.3, "vector": "NONE"}, "vulnersScore": 8.3}, "_state": {"dependencies": 1694215160, "score": 1694215447, "epss": 0}, "_internal": {"score_hash": "2d2b1b9d7bfe3b0253df6eb9f48b7147"}, "affectedPackage": [{"OS": "Cobalt", "OSVersion": "any", "arch": "noarch", "packageVersion": "1.7.14", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "subversion"}]}
{"openvas": [{"lastseen": "2020-01-27T18:37:05", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for subversion (EulerOS-SA-2019-2550)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2168", "CVE-2016-2167", "CVE-2015-5343", "CVE-2016-8734"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220192550", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220192550", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.2550\");\n script_version(\"2020-01-23T13:05:11+0000\");\n script_cve_id(\"CVE-2015-5343\", \"CVE-2016-2167\", \"CVE-2016-2168\", \"CVE-2016-8734\");\n script_tag(name:\"cvss_base\", value:\"8.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:P/I:P/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 13:05:11 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 13:05:11 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for subversion (EulerOS-SA-2019-2550)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP5\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-2550\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2550\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'subversion' package(s) announced via the EulerOS-SA-2019-2550 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Integer overflow in util.c in mod_dav_svn in Apache Subversion 1.7.x, 1.8.x before 1.8.15, and 1.9.x before 1.9.3 allows remote authenticated users to cause a denial of service (subversion server crash or memory consumption) and possibly execute arbitrary code via a skel-encoded request body, which triggers an out-of-bounds read and heap-based buffer overflow.(CVE-2015-5343)\n\nThe canonicalize_username function in svnserve/cyrus_auth.c in Apache Subversion before 1.8.16 and 1.9.x before 1.9.4, when Cyrus SASL authentication is used, allows remote attackers to authenticate and bypass intended access restrictions via a realm string that is a prefix of an expected repository realm string.(CVE-2016-2167)\n\nThe req_check_access function in the mod_authz_svn module in the httpd server in Apache Subversion before 1.8.16 and 1.9.x before 1.9.4 allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) via a crafted header in a (1) MOVE or (2) COPY request, involving an authorization check.(CVE-2016-2168)\n\nApache Subversion's mod_dontdothat module and HTTP clients 1.4.0 through 1.8.16, and 1.9.0 through 1.9.4 are vulnerable to a denial-of-service attack caused by exponential XML entity expansion. The attack can cause the targeted process to consume an excessive amount of CPU resources or memory.(CVE-2016-8734)\");\n\n script_tag(name:\"affected\", value:\"'subversion' package(s) on Huawei EulerOS V2.0SP5.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP5\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"mod_dav_svn\", rpm:\"mod_dav_svn~1.7.14~14.h1.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"subversion\", rpm:\"subversion~1.7.14~14.h1.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"subversion-libs\", rpm:\"subversion-libs~1.7.14~14.h1.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 8.0, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:C"}}, {"lastseen": "2020-01-27T18:39:55", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for subversion (EulerOS-SA-2019-2669)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2168", "CVE-2016-2167", "CVE-2015-5343", "CVE-2016-8734"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220192669", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220192669", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.2669\");\n script_version(\"2020-01-23T13:13:16+0000\");\n script_cve_id(\"CVE-2015-5343\", \"CVE-2016-2167\", \"CVE-2016-2168\", \"CVE-2016-8734\");\n script_tag(name:\"cvss_base\", value:\"8.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:P/I:P/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 13:13:16 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 13:13:16 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for subversion (EulerOS-SA-2019-2669)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP3\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-2669\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2669\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'subversion' package(s) announced via the EulerOS-SA-2019-2669 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Apache Subversion's mod_dontdothat module and HTTP clients 1.4.0 through 1.8.16, and 1.9.0 through 1.9.4 are vulnerable to a denial-of-service attack caused by exponential XML entity expansion. The attack can cause the targeted process to consume an excessive amount of CPU resources or memory.(CVE-2016-8734)\n\nInteger overflow in util.c in mod_dav_svn in Apache Subversion 1.7.x, 1.8.x before 1.8.15, and 1.9.x before 1.9.3 allows remote authenticated users to cause a denial of service (subversion server crash or memory consumption) and possibly execute arbitrary code via a skel-encoded request body, which triggers an out-of-bounds read and heap-based buffer overflow.(CVE-2015-5343)\n\nThe canonicalize_username function in svnserve/cyrus_auth.c in Apache Subversion before 1.8.16 and 1.9.x before 1.9.4, when Cyrus SASL authentication is used, allows remote attackers to authenticate and bypass intended access restrictions via a realm string that is a prefix of an expected repository realm string.(CVE-2016-2167)\n\nThe req_check_access function in the mod_authz_svn module in the httpd server in Apache Subversion before 1.8.16 and 1.9.x before 1.9.4 allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) via a crafted header in a (1) MOVE or (2) COPY request, involving an authorization check.(CVE-2016-2168)\");\n\n script_tag(name:\"affected\", value:\"'subversion' package(s) on Huawei EulerOS V2.0SP3.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP3\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"mod_dav_svn\", rpm:\"mod_dav_svn~1.7.14~11.h2\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"subversion\", rpm:\"subversion~1.7.14~11.h2\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"subversion-libs\", rpm:\"subversion-libs~1.7.14~11.h2\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 8.0, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:C"}}, {"lastseen": "2020-01-27T18:37:27", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for subversion (EulerOS-SA-2019-2504)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2168", "CVE-2016-2167", "CVE-2015-5343", "CVE-2016-8734"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220192504", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220192504", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.2504\");\n script_version(\"2020-01-23T13:01:56+0000\");\n script_cve_id(\"CVE-2015-5343\", \"CVE-2016-2167\", \"CVE-2016-2168\", \"CVE-2016-8734\");\n script_tag(name:\"cvss_base\", value:\"8.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:P/I:P/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 13:01:56 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 13:01:56 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for subversion (EulerOS-SA-2019-2504)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP2\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-2504\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2504\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'subversion' package(s) announced via the EulerOS-SA-2019-2504 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Apache Subversion's mod_dontdothat module and HTTP clients 1.4.0 through 1.8.16, and 1.9.0 through 1.9.4 are vulnerable to a denial-of-service attack caused by exponential XML entity expansion. The attack can cause the targeted process to consume an excessive amount of CPU resources or memory.(CVE-2016-8734)\n\nInteger overflow in util.c in mod_dav_svn in Apache Subversion 1.7.x, 1.8.x before 1.8.15, and 1.9.x before 1.9.3 allows remote authenticated users to cause a denial of service (subversion server crash or memory consumption) and possibly execute arbitrary code via a skel-encoded request body, which triggers an out-of-bounds read and heap-based buffer overflow.(CVE-2015-5343)\n\nThe canonicalize_username function in svnserve/cyrus_auth.c in Apache Subversion before 1.8.16 and 1.9.x before 1.9.4, when Cyrus SASL authentication is used, allows remote attackers to authenticate and bypass intended access restrictions via a realm string that is a prefix of an expected repository realm string.(CVE-2016-2167)\n\nThe req_check_access function in the mod_authz_svn module in the httpd server in Apache Subversion before 1.8.16 and 1.9.x before 1.9.4 allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) via a crafted header in a (1) MOVE or (2) COPY request, involving an authorization check.(CVE-2016-2168)\");\n\n script_tag(name:\"affected\", value:\"'subversion' package(s) on Huawei EulerOS V2.0SP2.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP2\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"mod_dav_svn\", rpm:\"mod_dav_svn~1.7.14~11.h2\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"subversion\", rpm:\"subversion~1.7.14~11.h2\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"subversion-libs\", rpm:\"subversion-libs~1.7.14~11.h2\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 8.0, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:C"}}, {"lastseen": "2019-05-29T18:35:28", "description": "Mageia Linux Local Security Checks mgasa-2016-0161", "cvss3": {}, "published": "2016-05-09T00:00:00", "type": "openvas", "title": "Mageia Linux Local Check: mgasa-2016-0161", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2168", "CVE-2016-2167"], "modified": "2019-03-14T00:00:00", "id": "OPENVAS:1361412562310131291", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310131291", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: mgasa-2016-0161.nasl 14180 2019-03-14 12:29:16Z cfischer $\n#\n# Mageia Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2016 Eero Volotinen, http://www.solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.131291\");\n script_version(\"$Revision: 14180 $\");\n script_tag(name:\"creation_date\", value:\"2016-05-09 14:17:54 +0300 (Mon, 09 May 2016)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-14 13:29:16 +0100 (Thu, 14 Mar 2019) $\");\n script_name(\"Mageia Linux Local Check: mgasa-2016-0161\");\n script_tag(name:\"insight\", value:\"Updated subversion packages fix security vulnerabilities: Daniel Shahaf and James McCoy discovered that an implementation error in the authentication against the Cyrus SASL library would permit a remote user to specify a realm string which is a prefix of the expected realm string and potentially allowing a user to authenticate using the wrong realm (CVE-2016-2167). Ivan Zhakov of VisualSVN discovered a remotely triggerable denial of service vulnerability in the mod_authz_svn module during COPY or MOVE authorization check. An authenticated remote attacker could take advantage of this flaw to cause a denial of service (Subversion server crash) via COPY or MOVE requests with specially crafted header (CVE-2016-2168).\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://advisories.mageia.org/MGASA-2016-0161.html\");\n script_cve_id(\"CVE-2016-2167\", \"CVE-2016-2168\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:S/C:P/I:P/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mageia_linux\", \"ssh/login/release\", re:\"ssh/login/release=MAGEIA5\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Mageia Linux Local Security Checks mgasa-2016-0161\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Mageia Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"MAGEIA5\")\n{\nif ((res = isrpmvuln(pkg:\"subversion\", rpm:\"subversion~1.8.16~1.mga5\", rls:\"MAGEIA5\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.9, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:N"}}, {"lastseen": "2019-05-29T18:35:15", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-05-11T00:00:00", "type": "openvas", "title": "Fedora Update for subversion FEDORA-2016-20", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2168", "CVE-2016-2167"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310808025", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310808025", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for subversion FEDORA-2016-20\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.808025\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-05-11 05:22:45 +0200 (Wed, 11 May 2016)\");\n script_cve_id(\"CVE-2016-2167\", \"CVE-2016-2168\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:S/C:P/I:P/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for subversion FEDORA-2016-20\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'subversion'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"subversion on Fedora 24\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-20\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2016-May/184545.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC24\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC24\")\n{\n\n if ((res = isrpmvuln(pkg:\"subversion\", rpm:\"subversion~1.9.4~1.fc24\", rls:\"FC24\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.9, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:N"}}, {"lastseen": "2017-07-24T12:55:17", "description": "Several vulnerabilities were discovered\nin Subversion, a version control system. The Common Vulnerabilities and Exposures\nproject identifies the following problems:\n\nCVE-2016-2167 \nDaniel Shahaf and James McCoy discovered that an implementation\nerror in the authentication against the Cyrus SASL library would\npermit a remote user to specify a realm string which is a prefix of\nthe expected realm string and potentially allowing a user to\nauthenticate using the wrong realm.\n\nCVE-2016-2168 \nIvan Zhakov of VisualSVN discovered a remotely triggerable denial\nof service vulnerability in the mod_authz_svn module during COPY or\nMOVE authorization check. An authenticated remote attacker could\ntake advantage of this flaw to cause a denial of service\n(Subversion server crash) via COPY or MOVE requests with specially\ncrafted header.", "cvss3": {}, "published": "2016-04-29T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3561-1 (subversion - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2168", "CVE-2016-2167"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:703561", "href": "http://plugins.openvas.org/nasl.php?oid=703561", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3561.nasl 6608 2017-07-07 12:05:05Z cfischer $\n# Auto-generated from advisory DSA 3561-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_id(703561);\n script_version(\"$Revision: 6608 $\");\n script_cve_id(\"CVE-2016-2167\", \"CVE-2016-2168\");\n script_name(\"Debian Security Advisory DSA 3561-1 (subversion - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2017-07-07 14:05:05 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name: \"creation_date\", value: \"2016-04-29 00:00:00 +0200 (Fri, 29 Apr 2016)\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:S/C:P/I:P/A:N\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n script_tag(name: \"qod_type\", value: \"package\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2016/dsa-3561.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"subversion on Debian Linux\");\n script_tag(name: \"insight\", value: \"Apache Subversion, also known as svn,\nis a centralised version control system. Version control systems allow many\nindividuals (who may be distributed geographically) to collaborate on a set of\nfiles (source code, websites, etc). Subversion began with a CVS paradigm and\nsupports all the major features of CVS, but has evolved to support\nmany features that CVS users often wish they had.\");\n script_tag(name: \"solution\", value: \"For the stable distribution (jessie),\nthese problems have been fixed in version 1.8.10-6+deb8u4.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 1.9.4-1.\n\nWe recommend that you upgrade your subversion packages.\");\n script_tag(name: \"summary\", value: \"Several vulnerabilities were discovered\nin Subversion, a version control system. The Common Vulnerabilities and Exposures\nproject identifies the following problems:\n\nCVE-2016-2167 \nDaniel Shahaf and James McCoy discovered that an implementation\nerror in the authentication against the Cyrus SASL library would\npermit a remote user to specify a realm string which is a prefix of\nthe expected realm string and potentially allowing a user to\nauthenticate using the wrong realm.\n\nCVE-2016-2168 \nIvan Zhakov of VisualSVN discovered a remotely triggerable denial\nof service vulnerability in the mod_authz_svn module during COPY or\nMOVE authorization check. An authenticated remote attacker could\ntake advantage of this flaw to cause a denial of service\n(Subversion server crash) via COPY or MOVE requests with specially\ncrafted header.\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software\nversion using the apt package manager.\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libapache2-mod-svn\", ver:\"1.8.10-6+deb8u4\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libapache2-svn\", ver:\"1.8.10-6+deb8u4\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsvn-dev\", ver:\"1.8.10-6+deb8u4\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsvn-doc\", ver:\"1.8.10-6+deb8u4\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsvn-java\", ver:\"1.8.10-6+deb8u4\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsvn-perl\", ver:\"1.8.10-6+deb8u4\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsvn-ruby1.8\", ver:\"1.8.10-6+deb8u4\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsvn1:amd64\", ver:\"1.8.10-6+deb8u4\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsvn1:i386\", ver:\"1.8.10-6+deb8u4\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python-subversion\", ver:\"1.8.10-6+deb8u4\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ruby-svn:amd64\", ver:\"1.8.10-6+deb8u4\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ruby-svn:i386\", ver:\"1.8.10-6+deb8u4\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif ((res = isdpkgvuln(pkg:\"subversion\", ver:\"1.8.10-6+deb8u4\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"subversion-dbg\", ver:\"1.8.10-6+deb8u4\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"subversion-tools\", ver:\"1.8.10-6+deb8u4\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.9, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:NONE/"}}, {"lastseen": "2020-03-17T22:56:51", "description": "The remote host is missing an update announced via the referenced Security Advisory.", "cvss3": {}, "published": "2016-10-26T00:00:00", "type": "openvas", "title": "Amazon Linux: Security Advisory (ALAS-2016-709)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2168", "CVE-2016-2167"], "modified": "2020-03-13T00:00:00", "id": "OPENVAS:1361412562310120698", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120698", "sourceData": "# Copyright (C) 2016 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120698\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2016-10-26 15:38:11 +0300 (Wed, 26 Oct 2016)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 13:19:50 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2016-709)\");\n script_tag(name:\"insight\", value:\"The canonicalize_username function in svnserve/cyrus_auth.c in Apache Subversion before 1.8.16 and 1.9.x before 1.9.4, when Cyrus SASL authentication is used, allows remote attackers to authenticate and bypass intended access restrictions via a realm string that is a prefix of an expected repository realm string. (CVE-2016-2167 )The req_check_access function in the mod_authz_svn module in the httpd server in Apache Subversion before 1.8.16 and 1.9.x before 1.9.4 allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) via a crafted header in a (1) MOVE or (2) COPY request, involving an authorization check. (CVE-2016-2168 )\");\n script_tag(name:\"solution\", value:\"Run yum update subversion to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2016-709.html\");\n script_cve_id(\"CVE-2016-2167\", \"CVE-2016-2168\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:S/C:P/I:P/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"subversion-perl\", rpm:\"subversion-perl~1.9.4~2.54.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"subversion\", rpm:\"subversion~1.9.4~2.54.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"subversion-javahl\", rpm:\"subversion-javahl~1.9.4~2.54.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"subversion-devel\", rpm:\"subversion-devel~1.9.4~2.54.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"subversion-python26\", rpm:\"subversion-python26~1.9.4~2.54.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"subversion-tools\", rpm:\"subversion-tools~1.9.4~2.54.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"subversion-ruby\", rpm:\"subversion-ruby~1.9.4~2.54.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"subversion-debuginfo\", rpm:\"subversion-debuginfo~1.9.4~2.54.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"svn\", rpm:\"svn~1.9.4~2.54.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"subversion-python27\", rpm:\"subversion-python27~1.9.4~2.54.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"subversion-libs\", rpm:\"subversion-libs~1.9.4~2.54.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 4.9, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:N"}}, {"lastseen": "2020-03-17T22:56:33", "description": "The remote host is missing an update announced via the referenced Security Advisory.", "cvss3": {}, "published": "2016-10-26T00:00:00", "type": "openvas", "title": "Amazon Linux: Security Advisory (ALAS-2016-710)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2168", "CVE-2016-2167"], "modified": "2020-03-13T00:00:00", "id": "OPENVAS:1361412562310120699", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120699", "sourceData": "# Copyright (C) 2016 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120699\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2016-10-26 15:38:11 +0300 (Wed, 26 Oct 2016)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 13:19:50 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2016-710)\");\n script_tag(name:\"insight\", value:\"The canonicalize_username function in svnserve/cyrus_auth.c in Apache Subversion before 1.8.16 and 1.9.x before 1.9.4, when Cyrus SASL authentication is used, allows remote attackers to authenticate and bypass intended access restrictions via a realm string that is a prefix of an expected repository realm string. (CVE-2016-2167 )The req_check_access function in the mod_authz_svn module in the httpd server in Apache Subversion before 1.8.16 and 1.9.x before 1.9.4 allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) via a crafted header in a (1) MOVE or (2) COPY request, involving an authorization check. (CVE-2016-2168 )\");\n script_tag(name:\"solution\", value:\"Run yum update mod_dav_svn to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2016-710.html\");\n script_cve_id(\"CVE-2016-2167\", \"CVE-2016-2168\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:S/C:P/I:P/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"svn-debuginfo\", rpm:\"svn-debuginfo~1.9.4~2.52.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"svn\", rpm:\"svn~1.9.4~2.52.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 4.9, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:N"}}, {"lastseen": "2019-05-29T18:35:28", "description": "This host is installed with Apache Subversion\n and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2016-05-18T00:00:00", "type": "openvas", "title": "Apache Subversion Multiple Vulnerabilities-02 May16", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2168", "CVE-2016-2167"], "modified": "2018-10-18T00:00:00", "id": "OPENVAS:1361412562310808106", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310808106", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_apache_subversion_mult_vuln02_may16.nasl 11969 2018-10-18 14:53:42Z asteins $\n#\n# Apache Subversion Multiple Vulnerabilities-02 May16\n#\n# Authors:\n# Kashinath T <tkashinath@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:apache:subversion\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.808106\");\n script_version(\"$Revision: 11969 $\");\n script_cve_id(\"CVE-2016-2167\", \"CVE-2016-2168\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:S/C:P/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-18 16:53:42 +0200 (Thu, 18 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2016-05-18 09:39:48 +0530 (Wed, 18 May 2016)\");\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n script_name(\"Apache Subversion Multiple Vulnerabilities-02 May16\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Apache Subversion\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The multiple flaws exist due to\n\n - A flaw that will cause a null pointer dereference and a segmentation fault\n with certain invalid request headers in server module 'mod_authz_svn'.\n\n - An error in the canonicalize_username function in svnserve/cyrus_auth.c,\n when Cyrus SASL authentication is used.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attacker to cause a denial of service and to authenticate and bypass intended\n access restrictions.\");\n\n script_tag(name:\"affected\", value:\"Apache subversion version before 1.8.16 and\n 1.9.x before 1.9.4.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Apache subversion version 1.8.16,\n or 1.9.4, or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://subversion.apache.org/security/CVE-2016-2167-advisory.txt\");\n script_xref(name:\"URL\", value:\"http://subversion.apache.org/security/CVE-2016-2168-advisory.txt\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_subversion_remote_detect.nasl\");\n script_mandatory_keys(\"Subversion/installed\");\n script_require_ports(\"Services/www\", 3690);\n script_xref(name:\"URL\", value:\"https://subversion.apache.org\");\n exit(0);\n}\n\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!sub_port = get_app_port(cpe:CPE)){\n exit(0);\n}\n\nif(!subver = get_app_version(cpe:CPE, port:sub_port)){\n exit(0);\n}\n\nif(version_in_range(version:subver, test_version:\"1.9.0\", test_version2:\"1.9.3\"))\n{\n fix = \"1.9.4\";\n VULN = TRUE;\n}\n\nelse if(version_in_range(version:subver, test_version:\"1.0.0\", test_version2:\"1.8.15\"))\n{\n fix = \"1.8.16\";\n VULN = TRUE;\n}\n\nif(VULN)\n{\n report = report_fixed_ver(installed_version:subver, fixed_version:fix);\n security_message(data:report, port:sub_port);\n exit(0);\n}\n", "cvss": {"score": 4.9, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:N"}}, {"lastseen": "2019-05-29T18:35:03", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-06-08T00:00:00", "type": "openvas", "title": "Fedora Update for subversion FEDORA-2016-e024b3e02b", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2168", "CVE-2016-2167"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310808373", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310808373", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for subversion FEDORA-2016-e024b3e02b\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.808373\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-06-08 15:47:02 +0200 (Wed, 08 Jun 2016)\");\n script_cve_id(\"CVE-2016-2167\", \"CVE-2016-2168\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:S/C:P/I:P/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for subversion FEDORA-2016-e024b3e02b\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'subversion'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"subversion on Fedora 23\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-e024b3e02b\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KU6GUCBJZFZBNPS32NSO2WQIDNCHGC56\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC23\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC23\")\n{\n\n if ((res = isrpmvuln(pkg:\"subversion\", rpm:\"subversion~1.9.4~1.fc23\", rls:\"FC23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.9, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:N"}}, {"lastseen": "2019-05-29T18:35:05", "description": "Several vulnerabilities were discovered\nin Subversion, a version control system. The Common Vulnerabilities and Exposures\nproject identifies the following problems:\n\nCVE-2016-2167\nDaniel Shahaf and James McCoy discovered that an implementation\nerror in the authentication against the Cyrus SASL library would\npermit a remote user to specify a realm string which is a prefix of\nthe expected realm string and potentially allowing a user to\nauthenticate using the wrong realm.\n\nCVE-2016-2168\nIvan Zhakov of VisualSVN discovered a remotely triggerable denial\nof service vulnerability in the mod_authz_svn module during COPY or\nMOVE authorization check. An authenticated remote attacker could\ntake advantage of this flaw to cause a denial of service\n(Subversion server crash) via COPY or MOVE requests with specially\ncrafted header.", "cvss3": {}, "published": "2016-04-29T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3561-1 (subversion - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2168", "CVE-2016-2167"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:1361412562310703561", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703561", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3561.nasl 14279 2019-03-18 14:48:34Z cfischer $\n# Auto-generated from advisory DSA 3561-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703561\");\n script_version(\"$Revision: 14279 $\");\n script_cve_id(\"CVE-2016-2167\", \"CVE-2016-2168\");\n script_name(\"Debian Security Advisory DSA 3561-1 (subversion - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:48:34 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-04-29 00:00:00 +0200 (Fri, 29 Apr 2016)\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:S/C:P/I:P/A:N\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2016/dsa-3561.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n script_tag(name:\"affected\", value:\"subversion on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (jessie),\nthese problems have been fixed in version 1.8.10-6+deb8u4.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 1.9.4-1.\n\nWe recommend that you upgrade your subversion packages.\");\n script_tag(name:\"summary\", value:\"Several vulnerabilities were discovered\nin Subversion, a version control system. The Common Vulnerabilities and Exposures\nproject identifies the following problems:\n\nCVE-2016-2167\nDaniel Shahaf and James McCoy discovered that an implementation\nerror in the authentication against the Cyrus SASL library would\npermit a remote user to specify a realm string which is a prefix of\nthe expected realm string and potentially allowing a user to\nauthenticate using the wrong realm.\n\nCVE-2016-2168\nIvan Zhakov of VisualSVN discovered a remotely triggerable denial\nof service vulnerability in the mod_authz_svn module during COPY or\nMOVE authorization check. An authenticated remote attacker could\ntake advantage of this flaw to cause a denial of service\n(Subversion server crash) via COPY or MOVE requests with specially\ncrafted header.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software\nversion using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"libapache2-mod-svn\", ver:\"1.8.10-6+deb8u4\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libapache2-svn\", ver:\"1.8.10-6+deb8u4\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libsvn-dev\", ver:\"1.8.10-6+deb8u4\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libsvn-doc\", ver:\"1.8.10-6+deb8u4\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libsvn-java\", ver:\"1.8.10-6+deb8u4\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libsvn-perl\", ver:\"1.8.10-6+deb8u4\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libsvn-ruby1.8\", ver:\"1.8.10-6+deb8u4\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libsvn1:amd64\", ver:\"1.8.10-6+deb8u4\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libsvn1:i386\", ver:\"1.8.10-6+deb8u4\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"python-subversion\", ver:\"1.8.10-6+deb8u4\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"ruby-svn:amd64\", ver:\"1.8.10-6+deb8u4\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"ruby-svn:i386\", ver:\"1.8.10-6+deb8u4\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\n\nif((res = isdpkgvuln(pkg:\"subversion\", ver:\"1.8.10-6+deb8u4\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"subversion-dbg\", ver:\"1.8.10-6+deb8u4\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"subversion-tools\", ver:\"1.8.10-6+deb8u4\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 4.9, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:N"}}, {"lastseen": "2019-05-29T18:34:04", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2017-08-12T00:00:00", "type": "openvas", "title": "Ubuntu Update for subversion USN-3388-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2167", "CVE-2016-8734", "CVE-2017-9800"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310843282", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310843282", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_3388_1.nasl 14140 2019-03-13 12:26:09Z cfischer $\n#\n# Ubuntu Update for subversion USN-3388-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.843282\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-08-12 07:29:58 +0200 (Sat, 12 Aug 2017)\");\n script_cve_id(\"CVE-2017-9800\", \"CVE-2016-2167\", \"CVE-2016-8734\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for subversion USN-3388-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'subversion'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Joern Schneeweisz discovered that Subversion\n did not properly handle host names in 'svn+<A HREF='ssh://'>ssh://</A>' URLs. A\n remote attacker could use this to construct a subversion repository that when\n accessed could run arbitrary code with the privileges of the user.\n (CVE-2017-9800) Daniel Shahaf and James McCoy discovered that Subversion did not\n properly verify realms when using Cyrus SASL authentication. A remote attacker\n could use this to possibly bypass intended access restrictions. This issue only\n affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2016-2167) Florian Weimer\n discovered that Subversion clients did not properly restrict XML entity\n expansion when accessing http(s):// URLs. A remote attacker could use this to\n cause a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu\n 16.04 LTS. (CVE-2016-8734)\");\n script_tag(name:\"affected\", value:\"subversion on Ubuntu 17.04,\n Ubuntu 16.04 LTS,\n Ubuntu 14.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"3388-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3388-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(14\\.04 LTS|17\\.04|16\\.04 LTS)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-svn\", ver:\"1.8.8-1ubuntu3.3\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libapache2-svn\", ver:\"1.8.8-1ubuntu3.3\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libsvn1:amd64\", ver:\"1.8.8-1ubuntu3.3\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libsvn1:i386\", ver:\"1.8.8-1ubuntu3.3\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"subversion\", ver:\"1.8.8-1ubuntu3.3\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU17.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libsvn1:i386\", ver:\"1.9.5-1ubuntu1.1\", rls:\"UBUNTU17.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libsvn1:amd64\", ver:\"1.9.5-1ubuntu1.1\", rls:\"UBUNTU17.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"subversion\", ver:\"1.9.5-1ubuntu1.1\", rls:\"UBUNTU17.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU16.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-svn\", ver:\"1.9.3-2ubuntu1.1\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libapache2-svn\", ver:\"1.9.3-2ubuntu1.1\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libsvn1:amd64\", ver:\"1.9.3-2ubuntu1.1\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libsvn1:i386\", ver:\"1.9.3-2ubuntu1.1\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"subversion\", ver:\"1.9.3-2ubuntu1.1\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:37:24", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2014-08-15T00:00:00", "type": "openvas", "title": "Ubuntu Update for serf USN-2315-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3504"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310841932", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841932", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_2315_1.nasl 14140 2019-03-13 12:26:09Z cfischer $\n#\n# Ubuntu Update for serf USN-2315-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.841932\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-08-15 05:56:43 +0200 (Fri, 15 Aug 2014)\");\n script_cve_id(\"CVE-2014-3504\");\n script_tag(name:\"cvss_base\", value:\"4.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:P/A:N\");\n script_name(\"Ubuntu Update for serf USN-2315-1\");\n\n script_tag(name:\"affected\", value:\"serf on Ubuntu 14.04 LTS,\n Ubuntu 12.04 LTS\");\n script_tag(name:\"insight\", value:\"Ben Reser discovered that serf did not correctly handle SSL\ncertificates with NUL bytes in the CommonName or SubjectAltNames fields. A\nremote attacker could exploit this to perform a man in the middle attack to\nview sensitive information or alter encrypted communications.\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"USN\", value:\"2315-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2315-1/\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'serf'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(14\\.04 LTS|12\\.04 LTS)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libserf-1-1:i386\", ver:\"1.3.3-1ubuntu0.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libserf1\", ver:\"1.0.0-2ubuntu0.1\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.0, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2019-05-29T18:36:42", "description": "Ivan Zhakov discovered an integer\noverflow in mod_dav_svn, which allows an attacker with write access to the\nserver to execute arbitrary code or cause a denial of service.\n\nThe oldstable distribution (wheezy) is not affected.", "cvss3": {}, "published": "2015-12-16T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3424-1 (subversion - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-5343"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:1361412562310703424", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703424", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3424.nasl 14278 2019-03-18 14:47:26Z cfischer $\n# Auto-generated from advisory DSA 3424-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703424\");\n script_version(\"$Revision: 14278 $\");\n script_cve_id(\"CVE-2015-5343\");\n script_name(\"Debian Security Advisory DSA 3424-1 (subversion - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:47:26 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-12-16 00:00:00 +0100 (Wed, 16 Dec 2015)\");\n script_tag(name:\"cvss_base\", value:\"8.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:P/I:P/A:C\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2015/dsa-3424.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n script_tag(name:\"affected\", value:\"subversion on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (jessie),\nthis problem has been fixed in version 1.8.10-6+deb8u2.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1.9.3-1.\n\nWe recommend that you upgrade your subversion packages.\");\n script_tag(name:\"summary\", value:\"Ivan Zhakov discovered an integer\noverflow in mod_dav_svn, which allows an attacker with write access to the\nserver to execute arbitrary code or cause a denial of service.\n\nThe oldstable distribution (wheezy) is not affected.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software\nversion using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"libapache2-mod-svn\", ver:\"1.8.10-6+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libapache2-svn\", ver:\"1.8.10-6+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libsvn-dev\", ver:\"1.8.10-6+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libsvn-doc\", ver:\"1.8.10-6+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libsvn-java\", ver:\"1.8.10-6+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libsvn-perl\", ver:\"1.8.10-6+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libsvn-ruby1.8\", ver:\"1.8.10-6+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libsvn1:amd64\", ver:\"1.8.10-6+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libsvn1:i386\", ver:\"1.8.10-6+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"python-subversion\", ver:\"1.8.10-6+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"ruby-svn:amd64\", ver:\"1.8.10-6+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"ruby-svn:i386\", ver:\"1.8.10-6+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"subversion\", ver:\"1.8.10-6+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"subversion-dbg\", ver:\"1.8.10-6+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"subversion-tools\", ver:\"1.8.10-6+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 8.0, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:C"}}, {"lastseen": "2017-07-24T12:53:55", "description": "Ivan Zhakov discovered an integer\noverflow in mod_dav_svn, which allows an attacker with write access to the\nserver to execute arbitrary code or cause a denial of service.\n\nThe oldstable distribution (wheezy) is not affected.", "cvss3": {}, "published": "2015-12-16T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3424-1 (subversion - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-5343"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:703424", "href": "http://plugins.openvas.org/nasl.php?oid=703424", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3424.nasl 6609 2017-07-07 12:05:59Z cfischer $\n# Auto-generated from advisory DSA 3424-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_id(703424);\n script_version(\"$Revision: 6609 $\");\n script_cve_id(\"CVE-2015-5343\");\n script_name(\"Debian Security Advisory DSA 3424-1 (subversion - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2017-07-07 14:05:59 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name: \"creation_date\", value: \"2015-12-16 00:00:00 +0100 (Wed, 16 Dec 2015)\");\n script_tag(name:\"cvss_base\", value:\"8.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:P/I:P/A:C\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n script_tag(name: \"qod_type\", value: \"package\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2015/dsa-3424.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"subversion on Debian Linux\");\n script_tag(name: \"insight\", value: \"Apache Subversion, also known as svn,\nis a centralised version control system. Version control systems allow many\nindividuals (who may be distributed geographically) to collaborate on a set of\nfiles (source code, websites, etc). Subversion began with a CVS paradigm and\nsupports all the major features of CVS, but has evolved to support\nmany features that CVS users often wish they had.\");\n script_tag(name: \"solution\", value: \"For the stable distribution (jessie),\nthis problem has been fixed in version 1.8.10-6+deb8u2.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1.9.3-1.\n\nWe recommend that you upgrade your subversion packages.\");\n script_tag(name: \"summary\", value: \"Ivan Zhakov discovered an integer\noverflow in mod_dav_svn, which allows an attacker with write access to the\nserver to execute arbitrary code or cause a denial of service.\n\nThe oldstable distribution (wheezy) is not affected.\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software\nversion using the apt package manager.\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libapache2-mod-svn\", ver:\"1.8.10-6+deb8u2\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libapache2-svn\", ver:\"1.8.10-6+deb8u2\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsvn-dev\", ver:\"1.8.10-6+deb8u2\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsvn-doc\", ver:\"1.8.10-6+deb8u2\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsvn-java\", ver:\"1.8.10-6+deb8u2\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsvn-perl\", ver:\"1.8.10-6+deb8u2\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsvn-ruby1.8\", ver:\"1.8.10-6+deb8u2\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsvn1:amd64\", ver:\"1.8.10-6+deb8u2\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsvn1:i386\", ver:\"1.8.10-6+deb8u2\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python-subversion\", ver:\"1.8.10-6+deb8u2\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ruby-svn:amd64\", ver:\"1.8.10-6+deb8u2\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ruby-svn:i386\", ver:\"1.8.10-6+deb8u2\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"subversion\", ver:\"1.8.10-6+deb8u2\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"subversion-dbg\", ver:\"1.8.10-6+deb8u2\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"subversion-tools\", ver:\"1.8.10-6+deb8u2\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 8.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:34:23", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2017-01-10T00:00:00", "type": "openvas", "title": "Fedora Update for subversion FEDORA-2017-c629f16f6c", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-8734"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310872237", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310872237", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for subversion FEDORA-2017-c629f16f6c\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.872237\");\n script_version(\"$Revision: 14225 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 15:32:03 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-01-10 05:52:17 +0100 (Tue, 10 Jan 2017)\");\n script_cve_id(\"CVE-2016-8734\");\n script_tag(name:\"cvss_base\", value:\"4.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for subversion FEDORA-2017-c629f16f6c\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'subversion'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"subversion on Fedora 25\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2017-c629f16f6c\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H2SWPD4GI3BJOKUQA6XOPBR4LVLJPTMY\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC25\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC25\")\n{\n\n if ((res = isrpmvuln(pkg:\"subversion\", rpm:\"subversion~1.9.5~1.fc25\", rls:\"FC25\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:35:14", "description": "This host is installed with Apache Subversion\n and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2016-05-02T00:00:00", "type": "openvas", "title": "Apache Subversion Multiple Vulnerabilities May-16", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-5343"], "modified": "2018-10-18T00:00:00", "id": "OPENVAS:1361412562310807684", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310807684", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_apache_subversion_mult_vuln_may16.nasl 11969 2018-10-18 14:53:42Z asteins $\n#\n# Apache Subversion Multiple Vulnerabilities May-16\n#\n# Authors:\n# Kashinath T <tkashinath@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:apache:subversion\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.807684\");\n script_version(\"$Revision: 11969 $\");\n script_cve_id(\"CVE-2015-5343\");\n script_tag(name:\"cvss_base\", value:\"8.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:P/I:P/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-18 16:53:42 +0200 (Thu, 18 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2016-05-02 15:57:20 +0530 (Mon, 02 May 2016)\");\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n script_name(\"Apache Subversion Multiple Vulnerabilities May-16\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Apache Subversion\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The multiple flaws exist due to an integer\n overflow in 'util.c' script in mod_dav_svn when parsing skel-encoded request\n bodies.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attacker to cause a denial of service and to possibly execute arbitrary code\n under the context of the httpd process.\");\n\n script_tag(name:\"affected\", value:\"Apache subversion version 1.7.0 to 1.8.14,\n and 1.9.0 through 1.9.2\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Apache subversion version 1.8.15,\n or 1.9.3, or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://subversion.apache.org/security/CVE-2015-5343-advisory.txt\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_subversion_remote_detect.nasl\");\n script_mandatory_keys(\"Subversion/installed\");\n script_require_ports(\"Services/www\", 3690);\n script_xref(name:\"URL\", value:\"https://subversion.apache.org\");\n exit(0);\n}\n\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!sub_port = get_app_port(cpe:CPE)){\n exit(0);\n}\n\nif(!subver = get_app_version(cpe:CPE, port:sub_port)){\n exit(0);\n}\n\nif(version_in_range(version:subver, test_version:\"1.9.0\", test_version2:\"1.9.2\"))\n{\n fix = \"1.9.3\";\n VULN = TRUE;\n}\n\nelse if(version_in_range(version:subver, test_version:\"1.7.0\", test_version2:\"1.8.14\"))\n{\n fix = \"1.8.15\";\n VULN = TRUE;\n}\n\nif(VULN)\n{\n report = report_fixed_ver(installed_version:subver, fixed_version:fix);\n security_message(data:report, port:sub_port);\n exit(0);\n}\n", "cvss": {"score": 8.0, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:C"}}, {"lastseen": "2019-05-29T18:37:44", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2014-08-23T00:00:00", "type": "openvas", "title": "Fedora Update for libserf FEDORA-2014-9367", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3504"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310868118", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310868118", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for libserf FEDORA-2014-9367\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.868118\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-08-23 05:55:34 +0200 (Sat, 23 Aug 2014)\");\n script_cve_id(\"CVE-2014-3504\");\n script_tag(name:\"cvss_base\", value:\"4.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:P/A:N\");\n script_name(\"Fedora Update for libserf FEDORA-2014-9367\");\n script_tag(name:\"affected\", value:\"libserf on Fedora 20\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"FEDORA\", value:\"2014-9367\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2014-August/136944.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libserf'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC20\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC20\")\n{\n\n if ((res = isrpmvuln(pkg:\"libserf\", rpm:\"libserf~1.3.7~1.fc20\", rls:\"FC20\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.0, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2020-03-17T23:00:30", "description": "The remote host is missing an update announced via the referenced Security Advisory.", "cvss3": {}, "published": "2015-09-08T00:00:00", "type": "openvas", "title": "Amazon Linux: Security Advisory (ALAS-2014-397)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3504"], "modified": "2020-03-13T00:00:00", "id": "OPENVAS:1361412562310120243", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120243", "sourceData": "# Copyright (C) 2015 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120243\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2015-09-08 13:21:15 +0200 (Tue, 08 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 13:19:50 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2014-397)\");\n script_tag(name:\"insight\", value:\"The (1) serf_ssl_cert_issuer, (2) serf_ssl_cert_subject, and (3) serf_ssl_cert_certificate functions in Serf 0.2.0 through 1.3.x before 1.3.7 does not properly handle a NUL byte in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority.\");\n script_tag(name:\"solution\", value:\"Run yum update libserf to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2014-397.html\");\n script_cve_id(\"CVE-2014-3504\");\n script_tag(name:\"cvss_base\", value:\"4.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:P/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2015 Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"libserf-debuginfo\", rpm:\"libserf-debuginfo~1.3.7~1.6.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libserf-devel\", rpm:\"libserf-devel~1.3.7~1.6.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libserf\", rpm:\"libserf~1.3.7~1.6.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 4.0, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2019-05-29T18:35:31", "description": "This host is installed with Apache Subversion\n and is prone to certificate validation information disclosure vulnerability.", "cvss3": {}, "published": "2016-02-08T00:00:00", "type": "openvas", "title": "Apache Subversion Certificate Validation Information Disclosure Vulnerability", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3522"], "modified": "2018-10-24T00:00:00", "id": "OPENVAS:1361412562310806858", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310806858", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_apache_subversion_mitm_vuln_feb16.nasl 12051 2018-10-24 09:14:54Z asteins $\n#\n# Apache Subversion Certificate Validation Information Disclosure Vulnerability\n#\n# Authors:\n# Kashinath T <tkashinath@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:apache:subversion\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.806858\");\n script_version(\"$Revision: 12051 $\");\n script_cve_id(\"CVE-2014-3522\");\n script_bugtraq_id(69237);\n script_tag(name:\"cvss_base\", value:\"4.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-24 11:14:54 +0200 (Wed, 24 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2016-02-08 18:19:08 +0530 (Mon, 08 Feb 2016)\");\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n script_name(\"Apache Subversion Certificate Validation Information Disclosure Vulnerability\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Apache Subversion\n and is prone to certificate validation information disclosure vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The flaw is due to an improper validation\n of certificates with wildcards in them for HTTPS.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow a man in the\n middle attacker to spoof servers via a crafted certificate.\");\n\n script_tag(name:\"affected\", value:\"Apache Subversion 1.4.0 through 1.7.x before\n 1.7.18 and 1.8.x before 1.8.10\");\n\n script_tag(name:\"solution\", value:\"Upgrade to version 1.7.18, or 1.8.10 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"https://subversion.apache.org/security/CVE-2014-3522-advisory.txt\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_subversion_remote_detect.nasl\");\n script_mandatory_keys(\"Subversion/installed\");\n script_require_ports(\"Services/www\", 3690);\n exit(0);\n}\n\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!http_port = get_app_port(cpe:CPE)){\n exit(0);\n}\n\nif(!subver = get_app_version(cpe:CPE, port:http_port)){\n exit(0);\n}\n\nif(subver =~ \"^(1\\.8)\")\n{\n if(version_is_less(version:subver, test_version:\"1.8.10\"))\n {\n report = report_fixed_ver( installed_version:subver, fixed_version:\"1.8.10\" );\n security_message(data:report, port:http_port);\n exit(0);\n }\n}\n\nelse if(version_in_range(version:subver, test_version:\"1.4\", test_version2:\"1.7.17\"))\n{\n report = report_fixed_ver( installed_version:subver, fixed_version:\"1.7.18\" );\n security_message(data:report, port:http_port);\n exit(0);\n}\n", "cvss": {"score": 4.0, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2020-03-17T23:00:25", "description": "The remote host is missing an update announced via the referenced Security Advisory.", "cvss3": {}, "published": "2015-09-08T00:00:00", "type": "openvas", "title": "Amazon Linux: Security Advisory (ALAS-2014-413)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3522"], "modified": "2020-03-13T00:00:00", "id": "OPENVAS:1361412562310120082", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120082", "sourceData": "# Copyright (C) 2015 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120082\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2015-09-08 13:17:01 +0200 (Tue, 08 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 13:19:50 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2014-413)\");\n script_tag(name:\"insight\", value:\"The Serf RA layer in Apache Subversion 1.4.0 through 1.7.x before 1.7.18 and 1.8.x before 1.8.10 does not properly handle wildcards in the Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof servers via a crafted certificate.\");\n script_tag(name:\"solution\", value:\"Run yum update subversion to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2014-413.html\");\n script_cve_id(\"CVE-2014-3522\");\n script_tag(name:\"cvss_base\", value:\"4.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:P/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2015 Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"subversion-tools\", rpm:\"subversion-tools~1.8.10~1.44.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"subversion\", rpm:\"subversion~1.8.10~1.44.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"subversion-libs\", rpm:\"subversion-libs~1.8.10~1.44.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"subversion-ruby\", rpm:\"subversion-ruby~1.8.10~1.44.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mod_dav_svn\", rpm:\"mod_dav_svn~1.8.10~1.44.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"subversion-javahl\", rpm:\"subversion-javahl~1.8.10~1.44.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"subversion-python\", rpm:\"subversion-python~1.8.10~1.44.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"subversion-perl\", rpm:\"subversion-perl~1.8.10~1.44.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"subversion-devel\", rpm:\"subversion-devel~1.8.10~1.44.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"subversion-debuginfo\", rpm:\"subversion-debuginfo~1.8.10~1.44.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 4.0, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2019-05-29T18:37:44", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2014-08-29T00:00:00", "type": "openvas", "title": "Fedora Update for subversion FEDORA-2014-9636", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3522"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310868142", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310868142", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for subversion FEDORA-2014-9636\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.868142\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-08-29 05:51:45 +0200 (Fri, 29 Aug 2014)\");\n script_cve_id(\"CVE-2014-3522\");\n script_tag(name:\"cvss_base\", value:\"4.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:P/A:N\");\n script_name(\"Fedora Update for subversion FEDORA-2014-9636\");\n script_tag(name:\"affected\", value:\"subversion on Fedora 20\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"FEDORA\", value:\"2014-9636\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2014-August/137116.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'subversion'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC20\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC20\")\n{\n\n if ((res = isrpmvuln(pkg:\"subversion\", rpm:\"subversion~1.8.10~1.fc20\", rls:\"FC20\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 4.0, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2020-04-21T15:16:29", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-04-20T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for subversion (EulerOS-SA-2020-1513)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-0203"], "modified": "2020-04-20T00:00:00", "id": "OPENVAS:1361412562311220201513", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220201513", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from the referenced\n# advisories, and are Copyright (C) by the respective right holder(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2020.1513\");\n script_version(\"2020-04-20T08:05:12+0000\");\n script_cve_id(\"CVE-2019-0203\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-04-20 08:05:12 +0000 (Mon, 20 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-04-20 08:05:12 +0000 (Mon, 20 Apr 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for subversion (EulerOS-SA-2020-1513)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP8\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2020-1513\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1513\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'subversion' package(s) announced via the EulerOS-SA-2020-1513 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"In Apache Subversion versions up to and including 1.9.10, 1.10.4, 1.12.0, Subversion's svnserve server process may exit when a client sends certain sequences of protocol commands. This can lead to disruption for users of the server.(CVE-2019-0203)\");\n\n script_tag(name:\"affected\", value:\"'subversion' package(s) on Huawei EulerOS V2.0SP8.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP8\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"mod_dav_svn\", rpm:\"mod_dav_svn~1.10.2~1.h2.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"subversion\", rpm:\"subversion~1.10.2~1.h2.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"subversion-libs\", rpm:\"subversion-libs~1.10.2~1.h2.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:34:24", "description": "Several problems were discovered in Subversion, a centralised version\ncontrol system.\n\nCVE-2016-8734\n(jessie only)\n\nSubversion", "cvss3": {}, "published": "2017-08-10T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3932-1 (subversion - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-8734", "CVE-2017-9800"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:1361412562310703932", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703932", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: deb_3932.nasl 14280 2019-03-18 14:50:45Z cfischer $\n#\n# Auto-generated from advisory DSA 3932-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2017 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License as published by\n# the Free Software Foundation; either version 2 of the License, or\n# (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703932\");\n script_version(\"$Revision: 14280 $\");\n script_cve_id(\"CVE-2016-8734\", \"CVE-2017-9800\");\n script_name(\"Debian Security Advisory DSA 3932-1 (subversion - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:50:45 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-08-10 00:00:00 +0200 (Thu, 10 Aug 2017)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2017/dsa-3932.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2017 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB(9|8)\");\n script_tag(name:\"affected\", value:\"subversion on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the oldstable distribution (jessie), these problems have been fixed\nin version 1.8.10-6+deb8u5.\n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 1.9.5-1+deb9u1.\n\nWe recommend that you upgrade your subversion packages.\");\n script_tag(name:\"summary\", value:\"Several problems were discovered in Subversion, a centralised version\ncontrol system.\n\nCVE-2016-8734\n(jessie only)\n\nSubversion's mod_dontdothat server module and Subversion clients\nusing http(s):// were vulnerable to a denial-of-service attack\ncaused by exponential XML entity expansion.\n\nCVE-2017-9800Joern Schneeweisz discovered that Subversion did not correctly\nhandle maliciously constructed svn+ssh:// URLs. This allowed an\nattacker to run an arbitrary shell command, for instance via\nsvn:externals properties or when using svnsync sync\n.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"libapache2-mod-svn\", ver:\"1.9.5-1+deb9u1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libsvn-dev\", ver:\"1.9.5-1+deb9u1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libsvn-doc\", ver:\"1.9.5-1+deb9u1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libsvn-java\", ver:\"1.9.5-1+deb9u1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libsvn-perl\", ver:\"1.9.5-1+deb9u1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libsvn1\", ver:\"1.9.5-1+deb9u1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"python-subversion\", ver:\"1.9.5-1+deb9u1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"ruby-svn\", ver:\"1.9.5-1+deb9u1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"subversion\", ver:\"1.9.5-1+deb9u1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"subversion-tools\", ver:\"1.9.5-1+deb9u1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libapache2-mod-svn\", ver:\"1.8.10-6+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libapache2-svn\", ver:\"1.8.10-6+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libsvn-dev\", ver:\"1.8.10-6+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libsvn-doc\", ver:\"1.8.10-6+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libsvn-java\", ver:\"1.8.10-6+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libsvn-perl\", ver:\"1.8.10-6+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libsvn-ruby1.8\", ver:\"1.8.10-6+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libsvn1\", ver:\"1.8.10-6+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"python-subversion\", ver:\"1.8.10-6+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"ruby-svn\", ver:\"1.8.10-6+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"subversion\", ver:\"1.8.10-6+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"subversion-dbg\", ver:\"1.8.10-6+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"subversion-tools\", ver:\"1.8.10-6+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-29T19:29:27", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-08-30T00:00:00", "type": "openvas", "title": "Debian LTS: Security Advisory for subversion (DLA-1903-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-0203", "CVE-2018-11782"], "modified": "2020-01-29T00:00:00", "id": "OPENVAS:1361412562310891903", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310891903", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.891903\");\n script_version(\"2020-01-29T08:22:52+0000\");\n script_cve_id(\"CVE-2018-11782\", \"CVE-2019-0203\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-29 08:22:52 +0000 (Wed, 29 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-08-30 02:00:13 +0000 (Fri, 30 Aug 2019)\");\n script_name(\"Debian LTS: Security Advisory for subversion (DLA-1903-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n\n script_xref(name:\"URL\", value:\"https://lists.debian.org/debian-lts-announce/2019/08/msg00037.html\");\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/DLA-1903-1\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'subversion'\n package(s) announced via the DLA-1903-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Several vulnerabilities were discovered in Subversion, a version control\nsystem. The Common Vulnerabilities and Exposures project identifies the\nfollowing problems:\n\nCVE-2018-11782\n\nAce Olszowka reported that the Subversion's svnserve server process\nmay exit when a well-formed read-only request produces a particular\nanswer, leading to a denial of service.\n\nCVE-2019-0203\n\nTomas Bortoli reported that the Subversion's svnserve server process\nmay exit when a client sends certain sequences of protocol commands.\nIf the server is configured with anonymous access enabled this could\nlead to a remote unauthenticated denial of service.\");\n\n script_tag(name:\"affected\", value:\"'subversion' package(s) on Debian Linux.\");\n\n script_tag(name:\"solution\", value:\"For Debian 8 'Jessie', these problems have been fixed in version\n1.8.10-6+deb8u7.\n\nWe recommend that you upgrade your subversion packages.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"libapache2-mod-svn\", ver:\"1.8.10-6+deb8u7\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libapache2-svn\", ver:\"1.8.10-6+deb8u7\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libsvn-dev\", ver:\"1.8.10-6+deb8u7\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libsvn-doc\", ver:\"1.8.10-6+deb8u7\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libsvn-java\", ver:\"1.8.10-6+deb8u7\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libsvn-perl\", ver:\"1.8.10-6+deb8u7\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libsvn-ruby1.8\", ver:\"1.8.10-6+deb8u7\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libsvn1\", ver:\"1.8.10-6+deb8u7\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"python-subversion\", ver:\"1.8.10-6+deb8u7\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"ruby-svn\", ver:\"1.8.10-6+deb8u7\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"subversion\", ver:\"1.8.10-6+deb8u7\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"subversion-dbg\", ver:\"1.8.10-6+deb8u7\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"subversion-tools\", ver:\"1.8.10-6+deb8u7\", rls:\"DEB8\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-10-02T14:45:36", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-08-01T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 4490-1 (subversion - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-0203", "CVE-2018-11782"], "modified": "2019-10-02T00:00:00", "id": "OPENVAS:1361412562310704490", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310704490", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.704490\");\n script_version(\"2019-10-02T07:08:50+0000\");\n script_cve_id(\"CVE-2018-11782\", \"CVE-2019-0203\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-10-02 07:08:50 +0000 (Wed, 02 Oct 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-08-01 02:00:18 +0000 (Thu, 01 Aug 2019)\");\n script_name(\"Debian Security Advisory DSA 4490-1 (subversion - security update)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB(10|9)\");\n\n script_xref(name:\"URL\", value:\"https://www.debian.org/security/2019/dsa-4490.html\");\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/DSA-4490-1\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'subversion'\n package(s) announced via the DSA-4490-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Several vulnerabilities were discovered in Subversion, a version control\nsystem. The Common Vulnerabilities and Exposures project identifies the\nfollowing problems:\n\nCVE-2018-11782\nAce Olszowka reported that the Subversion's svnserve server process\nmay exit when a well-formed read-only request produces a particular\nanswer, leading to a denial of service.\n\nCVE-2019-0203\nTomas Bortoli reported that the Subversion's svnserve server process\nmay exit when a client sends certain sequences of protocol commands.\nIf the server is configured with anonymous access enabled this could\nlead to a remote unauthenticated denial of service.\");\n\n script_tag(name:\"affected\", value:\"'subversion' package(s) on Debian Linux.\");\n\n script_tag(name:\"solution\", value:\"For the oldstable distribution (stretch), these problems have been fixed\nin version 1.9.5-1+deb9u4.\n\nFor the stable distribution (buster), these problems have been fixed in\nversion 1.10.4-1+deb10u1.\n\nWe recommend that you upgrade your subversion packages.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"libapache2-mod-svn\", ver:\"1.10.4-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libsvn-dev\", ver:\"1.10.4-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libsvn-doc\", ver:\"1.10.4-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libsvn-java\", ver:\"1.10.4-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libsvn-perl\", ver:\"1.10.4-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libsvn1\", ver:\"1.10.4-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"python-subversion\", ver:\"1.10.4-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"ruby-svn\", ver:\"1.10.4-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"subversion\", ver:\"1.10.4-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"subversion-tools\", ver:\"1.10.4-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libapache2-mod-svn\", ver:\"1.9.5-1+deb9u4\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libsvn-dev\", ver:\"1.9.5-1+deb9u4\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libsvn-doc\", ver:\"1.9.5-1+deb9u4\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libsvn-java\", ver:\"1.9.5-1+deb9u4\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libsvn-perl\", ver:\"1.9.5-1+deb9u4\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libsvn1\", ver:\"1.9.5-1+deb9u4\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"python-subversion\", ver:\"1.9.5-1+deb9u4\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"ruby-svn\", ver:\"1.9.5-1+deb9u4\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"subversion\", ver:\"1.9.5-1+deb9u4\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"subversion-tools\", ver:\"1.9.5-1+deb9u4\", rls:\"DEB9\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-10-02T14:38:31", "description": "The remote host is missing an update for the\n ", "cvss3": {}, "published": "2019-08-06T00:00:00", "type": "openvas", "title": "Fedora Update for subversion FEDORA-2019-f6bc68e455", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-0203", "CVE-2018-11782"], "modified": "2019-10-02T00:00:00", "id": "OPENVAS:1361412562310876636", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876636", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876636\");\n script_version(\"2019-10-02T07:08:50+0000\");\n script_cve_id(\"CVE-2018-11782\", \"CVE-2019-0203\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-10-02 07:08:50 +0000 (Wed, 02 Oct 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-08-06 02:23:41 +0000 (Tue, 06 Aug 2019)\");\n script_name(\"Fedora Update for subversion FEDORA-2019-f6bc68e455\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC30\");\n\n script_xref(name:\"FEDORA\", value:\"2019-f6bc68e455\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JJTOZLIYIINAM3ZQORMBF275VXCUBYAS\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the\n 'subversion' package(s) announced via the FEDORA-2019-f6bc68e455 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is\n present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Subversion is a concurrent version control\n system which enables one or more users to collaborate in developing and\n maintaining a hierarchy of files and directories while keeping a history of\n all changes. Subversion only stores the differences between versions, instead\n of every complete file. Subversion is intended to be a compelling replacement\n for CVS.\");\n\n script_tag(name:\"affected\", value:\"'subversion' package(s) on Fedora 30.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC30\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"subversion\", rpm:\"subversion~1.12.2~1.fc30\", rls:\"FC30\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-10-02T14:40:52", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-08-01T00:00:00", "type": "openvas", "title": "Ubuntu Update for subversion USN-4082-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-0203", "CVE-2018-11782"], "modified": "2019-10-02T00:00:00", "id": "OPENVAS:1361412562310844117", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310844117", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.844117\");\n script_version(\"2019-10-02T07:08:50+0000\");\n script_cve_id(\"CVE-2018-11782\", \"CVE-2019-0203\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-10-02 07:08:50 +0000 (Wed, 02 Oct 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-08-01 02:01:17 +0000 (Thu, 01 Aug 2019)\");\n script_name(\"Ubuntu Update for subversion USN-4082-1\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU16\\.04 LTS\");\n\n script_xref(name:\"USN\", value:\"4082-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-4082-1/\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'subversion'\n package(s) announced via the USN-4082-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Ace Olszowka discovered that Subversion incorrectly handled certain\nsvnserve requests. A remote attacker could possibly use this issue to\ncause svnserver to crash, resulting in a denial of service.\n(CVE-2018-11782)\n\nTomas Bortoli discovered that Subversion incorrectly handled certain\nsvnserve requests. A remote attacker could possibly use this issue to\ncause svnserver to crash, resulting in a denial of service. (CVE-2019-0203)\");\n\n script_tag(name:\"affected\", value:\"'subversion' package(s) on Ubuntu 16.04 LTS.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"UBUNTU16.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"libsvn1\", ver:\"1.9.3-2ubuntu1.3\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"subversion\", ver:\"1.9.3-2ubuntu1.3\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-01-31T16:50:59", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-08-16T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for subversion (openSUSE-SU-2019:1910-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-0203", "CVE-2018-11782"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310852658", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852658", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852658\");\n script_version(\"2020-01-31T08:04:39+0000\");\n script_cve_id(\"CVE-2018-11782\", \"CVE-2019-0203\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:04:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-08-16 02:01:24 +0000 (Fri, 16 Aug 2019)\");\n script_name(\"openSUSE: Security Advisory for subversion (openSUSE-SU-2019:1910-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.0\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2019:1910-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2019-08/msg00051.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'subversion'\n package(s) announced via the openSUSE-SU-2019:1910-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for subversion to version 1.10.6 fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2018-11782: Fixed a remote denial of service in svnserve\n 'get-deleted-rev' (bsc#1142743).\n\n - CVE-2019-0203: Fixed a remote, unauthenticated denial of service in\n svnserve (bsc#1142721).\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.1:\n\n zypper in -t patch openSUSE-2019-1910=1\n\n - openSUSE Leap 15.0:\n\n zypper in -t patch openSUSE-2019-1910=1\");\n\n script_tag(name:\"affected\", value:\"'subversion' package(s) on openSUSE Leap 15.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"libsvn_auth_gnome_keyring-1-0\", rpm:\"libsvn_auth_gnome_keyring-1-0~1.10.6~lp150.7.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsvn_auth_gnome_keyring-1-0-debuginfo\", rpm:\"libsvn_auth_gnome_keyring-1-0-debuginfo~1.10.6~lp150.7.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsvn_auth_kwallet-1-0\", rpm:\"libsvn_auth_kwallet-1-0~1.10.6~lp150.7.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsvn_auth_kwallet-1-0-debuginfo\", rpm:\"libsvn_auth_kwallet-1-0-debuginfo~1.10.6~lp150.7.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"subversion\", rpm:\"subversion~1.10.6~lp150.7.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"subversion-debuginfo\", rpm:\"subversion-debuginfo~1.10.6~lp150.7.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"subversion-debugsource\", rpm:\"subversion-debugsource~1.10.6~lp150.7.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"subversion-devel\", rpm:\"subversion-devel~1.10.6~lp150.7.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"subversion-perl\", rpm:\"subversion-perl~1.10.6~lp150.7.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"subversion-perl-debuginfo\", rpm:\"subversion-perl-debuginfo~1.10.6~lp150.7.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"subversion-python\", rpm:\"subversion-python~1.10.6~lp150.7.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"subversion-python-ctypes\", rpm:\"subversion-python-ctypes~1.10.6~lp150.7.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"subversion-python-debuginfo\", rpm:\"subversion-python-debuginfo~1.10.6~lp150.7.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"subversion-ruby\", rpm:\"subversion-ruby~1.10.6~lp150.7.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"subversion-ruby-debuginfo\", rpm:\"subversion-ruby-debuginfo~1.10.6~lp150.7.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"subversion-server\", rpm:\"subversion-server~1.10.6~lp150.7.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"subversion-server-debuginfo\", rpm:\"subversion-server-debuginfo~1.10.6~lp150.7.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"subversion-tools\", rpm:\"subversion-tools~1.10.6~lp150.7.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"subversion-tools-debuginfo\", rpm:\"subversion-tools-debuginfo~1.10.6~lp150.7.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"subversion-bash-completion\", rpm:\"subversion-bash-completion~1.10.6~lp150.7.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:37:21", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2014-08-15T00:00:00", "type": "openvas", "title": "Ubuntu Update for subversion USN-2316-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-0032", "CVE-2014-3522", "CVE-2014-3528"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310841931", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841931", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_2316_1.nasl 14140 2019-03-13 12:26:09Z cfischer $\n#\n# Ubuntu Update for subversion USN-2316-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.841931\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-08-15 05:56:40 +0200 (Fri, 15 Aug 2014)\");\n script_cve_id(\"CVE-2014-0032\", \"CVE-2014-3522\", \"CVE-2014-3528\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_name(\"Ubuntu Update for subversion USN-2316-1\");\n\n script_tag(name:\"affected\", value:\"subversion on Ubuntu 14.04 LTS,\n Ubuntu 12.04 LTS\");\n script_tag(name:\"insight\", value:\"Lieven Govaerts discovered that the Subversion mod_dav_svn\nmodule incorrectly handled certain request methods when SVNListParentPath was\nenabled. A remote attacker could use this issue to cause the server to\ncrash, resulting in a denial of service. This issue only affected Ubuntu\n12.04 LTS. (CVE-2014-0032)\n\nBen Reser discovered that Subversion did not correctly validate SSL\ncertificates containing wildcards. A remote attacker could exploit this to\nperform a man in the middle attack to view sensitive information or alter\nencrypted communications. (CVE-2014-3522)\n\nBert Huijben discovered that Subversion did not properly handle cached\ncredentials. A malicious server could possibly use this issue to obtain\ncredentials cached for a different server. (CVE-2014-3528)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"USN\", value:\"2316-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2316-1/\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'subversion'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(14\\.04 LTS|12\\.04 LTS)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libsvn1:i386\", ver:\"1.8.8-1ubuntu3.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"subversion\", ver:\"1.8.8-1ubuntu3.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-svn\", ver:\"1.6.17dfsg-3ubuntu3.4\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libsvn1\", ver:\"1.6.17dfsg-3ubuntu3.4\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"subversion\", ver:\"1.6.17dfsg-3ubuntu3.4\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}], "nessus": [{"lastseen": "2023-05-24T14:32:55", "description": "According to the versions of the subversion packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - Integer overflow in util.c in mod_dav_svn in Apache Subversion 1.7.x, 1.8.x before 1.8.15, and 1.9.x before 1.9.3 allows remote authenticated users to cause a denial of service (subversion server crash or memory consumption) and possibly execute arbitrary code via a skel-encoded request body, which triggers an out-of-bounds read and heap-based buffer overflow.(CVE-2015-5343)\n\n - The canonicalize_username function in svnserve/cyrus_auth.c in Apache Subversion before 1.8.16 and 1.9.x before 1.9.4, when Cyrus SASL authentication is used, allows remote attackers to authenticate and bypass intended access restrictions via a realm string that is a prefix of an expected repository realm string.(CVE-2016-2167)\n\n - The req_check_access function in the mod_authz_svn module in the httpd server in Apache Subversion before 1.8.16 and 1.9.x before 1.9.4 allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) via a crafted header in a (1) MOVE or (2) COPY request, involving an authorization check.(CVE-2016-2168)\n\n - Apache Subversion's mod_dontdothat module and HTTP clients 1.4.0 through 1.8.16, and 1.9.0 through 1.9.4 are vulnerable to a denial-of-service attack caused by exponential XML entity expansion. The attack can cause the targeted process to consume an excessive amount of CPU resources or memory.(CVE-2016-8734)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-12-09T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP5 : subversion (EulerOS-SA-2019-2550)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-5343", "CVE-2016-2167", "CVE-2016-2168", "CVE-2016-8734"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:mod_dav_svn", "p-cpe:/a:huawei:euleros:subversion", "p-cpe:/a:huawei:euleros:subversion-libs", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2019-2550.NASL", "href": "https://www.tenable.com/plugins/nessus/131824", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(131824);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2015-5343\",\n \"CVE-2016-2167\",\n \"CVE-2016-2168\",\n \"CVE-2016-8734\"\n );\n\n script_name(english:\"EulerOS 2.0 SP5 : subversion (EulerOS-SA-2019-2550)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the subversion packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - Integer overflow in util.c in mod_dav_svn in Apache\n Subversion 1.7.x, 1.8.x before 1.8.15, and 1.9.x before\n 1.9.3 allows remote authenticated users to cause a\n denial of service (subversion server crash or memory\n consumption) and possibly execute arbitrary code via a\n skel-encoded request body, which triggers an\n out-of-bounds read and heap-based buffer\n overflow.(CVE-2015-5343)\n\n - The canonicalize_username function in\n svnserve/cyrus_auth.c in Apache Subversion before\n 1.8.16 and 1.9.x before 1.9.4, when Cyrus SASL\n authentication is used, allows remote attackers to\n authenticate and bypass intended access restrictions\n via a realm string that is a prefix of an expected\n repository realm string.(CVE-2016-2167)\n\n - The req_check_access function in the mod_authz_svn\n module in the httpd server in Apache Subversion before\n 1.8.16 and 1.9.x before 1.9.4 allows remote\n authenticated users to cause a denial of service (NULL\n pointer dereference and crash) via a crafted header in\n a (1) MOVE or (2) COPY request, involving an\n authorization check.(CVE-2016-2168)\n\n - Apache Subversion's mod_dontdothat module and HTTP\n clients 1.4.0 through 1.8.16, and 1.9.0 through 1.9.4\n are vulnerable to a denial-of-service attack caused by\n exponential XML entity expansion. The attack can cause\n the targeted process to consume an excessive amount of\n CPU resources or memory.(CVE-2016-8734)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2550\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?e1f4586c\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected subversion packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:mod_dav_svn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:subversion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:subversion-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(5)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"mod_dav_svn-1.7.14-14.h1.eulerosv2r7\",\n \"subversion-1.7.14-14.h1.eulerosv2r7\",\n \"subversion-libs-1.7.14-14.h1.eulerosv2r7\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"5\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"subversion\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:33:20", "description": "According to the versions of the subversion packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - Apache Subversion's mod_dontdothat module and HTTP clients 1.4.0 through 1.8.16, and 1.9.0 through 1.9.4 are vulnerable to a denial-of-service attack caused by exponential XML entity expansion. The attack can cause the targeted process to consume an excessive amount of CPU resources or memory.(CVE-2016-8734)\n\n - Integer overflow in util.c in mod_dav_svn in Apache Subversion 1.7.x, 1.8.x before 1.8.15, and 1.9.x before 1.9.3 allows remote authenticated users to cause a denial of service (subversion server crash or memory consumption) and possibly execute arbitrary code via a skel-encoded request body, which triggers an out-of-bounds read and heap-based buffer overflow.(CVE-2015-5343)\n\n - The canonicalize_username function in svnserve/cyrus_auth.c in Apache Subversion before 1.8.16 and 1.9.x before 1.9.4, when Cyrus SASL authentication is used, allows remote attackers to authenticate and bypass intended access restrictions via a realm string that is a prefix of an expected repository realm string.(CVE-2016-2167)\n\n - The req_check_access function in the mod_authz_svn module in the httpd server in Apache Subversion before 1.8.16 and 1.9.x before 1.9.4 allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) via a crafted header in a (1) MOVE or (2) COPY request, involving an authorization check.(CVE-2016-2168)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-12-04T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP2 : subversion (EulerOS-SA-2019-2504)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-5343", "CVE-2016-2167", "CVE-2016-2168", "CVE-2016-8734"], "modified": "2021-01-06T00:00:00", "cpe": ["cpe:/o:huawei:euleros:2.0", "p-cpe:/a:huawei:euleros:subversion", "p-cpe:/a:huawei:euleros:subversion-libs", "p-cpe:/a:huawei:euleros:mod_dav_svn"], "id": "EULEROS_SA-2019-2504.NASL", "href": "https://www.tenable.com/plugins/nessus/131657", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(131657);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2015-5343\",\n \"CVE-2016-2167\",\n \"CVE-2016-2168\",\n \"CVE-2016-8734\"\n );\n\n script_name(english:\"EulerOS 2.0 SP2 : subversion (EulerOS-SA-2019-2504)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the subversion packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - Apache Subversion's mod_dontdothat module and HTTP\n clients 1.4.0 through 1.8.16, and 1.9.0 through 1.9.4\n are vulnerable to a denial-of-service attack caused by\n exponential XML entity expansion. The attack can cause\n the targeted process to consume an excessive amount of\n CPU resources or memory.(CVE-2016-8734)\n\n - Integer overflow in util.c in mod_dav_svn in Apache\n Subversion 1.7.x, 1.8.x before 1.8.15, and 1.9.x before\n 1.9.3 allows remote authenticated users to cause a\n denial of service (subversion server crash or memory\n consumption) and possibly execute arbitrary code via a\n skel-encoded request body, which triggers an\n out-of-bounds read and heap-based buffer\n overflow.(CVE-2015-5343)\n\n - The canonicalize_username function in\n svnserve/cyrus_auth.c in Apache Subversion before\n 1.8.16 and 1.9.x before 1.9.4, when Cyrus SASL\n authentication is used, allows remote attackers to\n authenticate and bypass intended access restrictions\n via a realm string that is a prefix of an expected\n repository realm string.(CVE-2016-2167)\n\n - The req_check_access function in the mod_authz_svn\n module in the httpd server in Apache Subversion before\n 1.8.16 and 1.9.x before 1.9.4 allows remote\n authenticated users to cause a denial of service (NULL\n pointer dereference and crash) via a crafted header in\n a (1) MOVE or (2) COPY request, involving an\n authorization check.(CVE-2016-2168)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2504\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?87225153\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected subversion packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/04\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:mod_dav_svn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:subversion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:subversion-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(2)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"mod_dav_svn-1.7.14-11.h2\",\n \"subversion-1.7.14-11.h2\",\n \"subversion-libs-1.7.14-11.h2\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"2\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"subversion\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T14:32:30", "description": "According to the versions of the subversion packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - Apache Subversion's mod_dontdothat module and HTTP clients 1.4.0 through 1.8.16, and 1.9.0 through 1.9.4 are vulnerable to a denial-of-service attack caused by exponential XML entity expansion. The attack can cause the targeted process to consume an excessive amount of CPU resources or memory.(CVE-2016-8734)\n\n - Integer overflow in util.c in mod_dav_svn in Apache Subversion 1.7.x, 1.8.x before 1.8.15, and 1.9.x before 1.9.3 allows remote authenticated users to cause a denial of service (subversion server crash or memory consumption) and possibly execute arbitrary code via a skel-encoded request body, which triggers an out-of-bounds read and heap-based buffer overflow.(CVE-2015-5343)\n\n - The canonicalize_username function in svnserve/cyrus_auth.c in Apache Subversion before 1.8.16 and 1.9.x before 1.9.4, when Cyrus SASL authentication is used, allows remote attackers to authenticate and bypass intended access restrictions via a realm string that is a prefix of an expected repository realm string.(CVE-2016-2167)\n\n - The req_check_access function in the mod_authz_svn module in the httpd server in Apache Subversion before 1.8.16 and 1.9.x before 1.9.4 allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) via a crafted header in a (1) MOVE or (2) COPY request, involving an authorization check.(CVE-2016-2168)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-12-18T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP3 : subversion (EulerOS-SA-2019-2669)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-5343", "CVE-2016-2167", "CVE-2016-2168", "CVE-2016-8734"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:mod_dav_svn", "p-cpe:/a:huawei:euleros:subversion", "p-cpe:/a:huawei:euleros:subversion-libs", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2019-2669.NASL", "href": "https://www.tenable.com/plugins/nessus/132204", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(132204);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2015-5343\",\n \"CVE-2016-2167\",\n \"CVE-2016-2168\",\n \"CVE-2016-8734\"\n );\n\n script_name(english:\"EulerOS 2.0 SP3 : subversion (EulerOS-SA-2019-2669)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the subversion packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - Apache Subversion's mod_dontdothat module and HTTP\n clients 1.4.0 through 1.8.16, and 1.9.0 through 1.9.4\n are vulnerable to a denial-of-service attack caused by\n exponential XML entity expansion. The attack can cause\n the targeted process to consume an excessive amount of\n CPU resources or memory.(CVE-2016-8734)\n\n - Integer overflow in util.c in mod_dav_svn in Apache\n Subversion 1.7.x, 1.8.x before 1.8.15, and 1.9.x before\n 1.9.3 allows remote authenticated users to cause a\n denial of service (subversion server crash or memory\n consumption) and possibly execute arbitrary code via a\n skel-encoded request body, which triggers an\n out-of-bounds read and heap-based buffer\n overflow.(CVE-2015-5343)\n\n - The canonicalize_username function in\n svnserve/cyrus_auth.c in Apache Subversion before\n 1.8.16 and 1.9.x before 1.9.4, when Cyrus SASL\n authentication is used, allows remote attackers to\n authenticate and bypass intended access restrictions\n via a realm string that is a prefix of an expected\n repository realm string.(CVE-2016-2167)\n\n - The req_check_access function in the mod_authz_svn\n module in the httpd server in Apache Subversion before\n 1.8.16 and 1.9.x before 1.9.4 allows remote\n authenticated users to cause a denial of service (NULL\n pointer dereference and crash) via a crafted header in\n a (1) MOVE or (2) COPY request, involving an\n authorization check.(CVE-2016-2168)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2669\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?95fb7548\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected subversion packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:mod_dav_svn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:subversion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:subversion-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(3)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"mod_dav_svn-1.7.14-11.h2\",\n \"subversion-1.7.14-11.h2\",\n \"subversion-libs-1.7.14-11.h2\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"3\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"subversion\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:24:18", "description": "- Update to 1.9.4 (#1331222) CVE-2016-2167 CVE-2016-2168 - Move tools in docs to tools subpackage (rhbz 1171757 1199761) - Disable make check to work around FTBFS\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-05-12T00:00:00", "type": "nessus", "title": "Fedora 24 : subversion-1.9.4-1.fc24 (2016-20cc04ac50)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2167", "CVE-2016-2168"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:subversion", "cpe:/o:fedoraproject:fedora:24"], "id": "FEDORA_2016-20CC04AC50.NASL", "href": "https://www.tenable.com/plugins/nessus/91059", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2016-20cc04ac50.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(91059);\n script_version(\"2.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-2167\", \"CVE-2016-2168\");\n script_xref(name:\"FEDORA\", value:\"2016-20cc04ac50\");\n\n script_name(english:\"Fedora 24 : subversion-1.9.4-1.fc24 (2016-20cc04ac50)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Update to 1.9.4 (#1331222) CVE-2016-2167 CVE-2016-2168 -\n Move tools in docs to tools subpackage (rhbz 1171757\n 1199761) - Disable make check to work around FTBFS\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1171757\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1199761\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1331222\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1331687\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2016-May/184545.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0d62a72a\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected subversion package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:subversion\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:24\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/05/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/05/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^24([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 24.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC24\", reference:\"subversion-1.9.4-1.fc24\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"subversion\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:26:01", "description": "An update of the subversion package has been released.", "cvss3": {}, "published": "2019-02-07T00:00:00", "type": "nessus", "title": "Photon OS 1.0: Subversion PHSA-2016-0013", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2167", "CVE-2016-2168"], "modified": "2019-02-07T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:subversion", "cpe:/o:vmware:photonos:1.0"], "id": "PHOTONOS_PHSA-2016-0013_SUBVERSION.NASL", "href": "https://www.tenable.com/plugins/nessus/121656", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2016-0013. The text\n# itself is copyright (C) VMware, Inc.\n\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(121656);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2019/02/07\");\n\n script_cve_id(\"CVE-2016-2167\", \"CVE-2016-2168\");\n\n script_name(english:\"Photon OS 1.0: Subversion PHSA-2016-0013\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the subversion package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-13.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-2167\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/12/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/12/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/02/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:subversion\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:1.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 1\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 1.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"subversion-1.9.4-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"subversion-1.9.4-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"subversion-debuginfo-1.9.4-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"subversion-debuginfo-1.9.4-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"subversion-devel-1.9.4-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"subversion-devel-1.9.4-1.ph1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"subversion\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:24:29", "description": "The canonicalize_username function in svnserve/cyrus_auth.c in Apache Subversion before 1.8.16 and 1.9.x before 1.9.4, when Cyrus SASL authentication is used, allows remote attackers to authenticate and bypass intended access restrictions via a realm string that is a prefix of an expected repository realm string. (CVE-2016-2167)\n\nThe req_check_access function in the mod_authz_svn module in the httpd server in Apache Subversion before 1.8.16 and 1.9.x before 1.9.4 allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) via a crafted header in a (1) MOVE or (2) COPY request, involving an authorization check. (CVE-2016-2168)", "cvss3": {}, "published": "2016-06-06T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : mod_dav_svn (ALAS-2016-710)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2167", "CVE-2016-2168"], "modified": "2018-04-18T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:mod_dav_svn", "p-cpe:/a:amazon:linux:mod_dav_svn-debuginfo", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2016-710.NASL", "href": "https://www.tenable.com/plugins/nessus/91469", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2016-710.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(91469);\n script_version(\"2.3\");\n script_cvs_date(\"Date: 2018/04/18 15:09:36\");\n\n script_cve_id(\"CVE-2016-2167\", \"CVE-2016-2168\");\n script_xref(name:\"ALAS\", value:\"2016-710\");\n\n script_name(english:\"Amazon Linux AMI : mod_dav_svn (ALAS-2016-710)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The canonicalize_username function in svnserve/cyrus_auth.c in Apache\nSubversion before 1.8.16 and 1.9.x before 1.9.4, when Cyrus SASL\nauthentication is used, allows remote attackers to authenticate and\nbypass intended access restrictions via a realm string that is a\nprefix of an expected repository realm string. (CVE-2016-2167)\n\nThe req_check_access function in the mod_authz_svn module in the httpd\nserver in Apache Subversion before 1.8.16 and 1.9.x before 1.9.4\nallows remote authenticated users to cause a denial of service (NULL\npointer dereference and crash) via a crafted header in a (1) MOVE or\n(2) COPY request, involving an authorization check. (CVE-2016-2168)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2016-710.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update mod_dav_svn' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:mod_dav_svn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:mod_dav_svn-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/06/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/06/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"mod_dav_svn-1.9.4-2.52.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"mod_dav_svn-debuginfo-1.9.4-2.52.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mod_dav_svn / mod_dav_svn-debuginfo\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:23:55", "description": "This update for subversion fixes the following issues :\n\n - CVE-2016-2167: mod_authz_svn: DoS in MOVE/COPY authorization check (bsc#976849)\n\n - CVE-2016-2168: svnserve/sasl may authenticate users using the wrong realm (bsc#976850)\n\nThe following non-security bugs were fixed :\n\n - mod_authz_svn: fix authz with mod_auth_kerb/mod_auth_ntlm (boo#977424)", "cvss3": {}, "published": "2016-05-09T00:00:00", "type": "nessus", "title": "openSUSE Security Update : subversion (openSUSE-2016-571)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2167", "CVE-2016-2168"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libsvn_auth_gnome_keyring-1-0", "p-cpe:/a:novell:opensuse:libsvn_auth_gnome_keyring-1-0-debuginfo", "p-cpe:/a:novell:opensuse:libsvn_auth_kwallet-1-0", "p-cpe:/a:novell:opensuse:libsvn_auth_kwallet-1-0-debuginfo", "p-cpe:/a:novell:opensuse:subversion", "p-cpe:/a:novell:opensuse:subversion-bash-completion", "p-cpe:/a:novell:opensuse:subversion-debuginfo", "p-cpe:/a:novell:opensuse:subversion-debugsource", "p-cpe:/a:novell:opensuse:subversion-devel", "p-cpe:/a:novell:opensuse:subversion-perl", "p-cpe:/a:novell:opensuse:subversion-perl-debuginfo", "p-cpe:/a:novell:opensuse:subversion-python", "p-cpe:/a:novell:opensuse:subversion-python-ctypes", "p-cpe:/a:novell:opensuse:subversion-python-debuginfo", "p-cpe:/a:novell:opensuse:subversion-ruby", "p-cpe:/a:novell:opensuse:subversion-ruby-debuginfo", "p-cpe:/a:novell:opensuse:subversion-server", "p-cpe:/a:novell:opensuse:subversion-server-debuginfo", "p-cpe:/a:novell:opensuse:subversion-tools", "p-cpe:/a:novell:opensuse:subversion-tools-debuginfo", "cpe:/o:novell:opensuse:13.2"], "id": "OPENSUSE-2016-571.NASL", "href": "https://www.tenable.com/plugins/nessus/90983", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2016-571.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(90983);\n script_version(\"2.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2016-2167\", \"CVE-2016-2168\");\n\n script_name(english:\"openSUSE Security Update : subversion (openSUSE-2016-571)\");\n script_summary(english:\"Check for the openSUSE-2016-571 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for subversion fixes the following issues :\n\n - CVE-2016-2167: mod_authz_svn: DoS in MOVE/COPY\n authorization check (bsc#976849)\n\n - CVE-2016-2168: svnserve/sasl may authenticate users\n using the wrong realm (bsc#976850)\n\nThe following non-security bugs were fixed :\n\n - mod_authz_svn: fix authz with\n mod_auth_kerb/mod_auth_ntlm (boo#977424)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=976849\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=976850\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=977424\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected subversion packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsvn_auth_gnome_keyring-1-0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsvn_auth_gnome_keyring-1-0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsvn_auth_kwallet-1-0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsvn_auth_kwallet-1-0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-bash-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-perl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-python-ctypes\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-python-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-ruby-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-server-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/05/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/05/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE13\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"13.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libsvn_auth_gnome_keyring-1-0-1.8.16-2.26.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libsvn_auth_gnome_keyring-1-0-debuginfo-1.8.16-2.26.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libsvn_auth_kwallet-1-0-1.8.16-2.26.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libsvn_auth_kwallet-1-0-debuginfo-1.8.16-2.26.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"subversion-1.8.16-2.26.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"subversion-bash-completion-1.8.16-2.26.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"subversion-debuginfo-1.8.16-2.26.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"subversion-debugsource-1.8.16-2.26.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"subversion-devel-1.8.16-2.26.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"subversion-perl-1.8.16-2.26.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"subversion-perl-debuginfo-1.8.16-2.26.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"subversion-python-1.8.16-2.26.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"subversion-python-ctypes-1.8.16-2.26.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"subversion-python-debuginfo-1.8.16-2.26.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"subversion-ruby-1.8.16-2.26.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"subversion-ruby-debuginfo-1.8.16-2.26.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"subversion-server-1.8.16-2.26.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"subversion-server-debuginfo-1.8.16-2.26.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"subversion-tools-1.8.16-2.26.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"subversion-tools-debuginfo-1.8.16-2.26.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libsvn_auth_gnome_keyring-1-0 / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:23:57", "description": "New subversion packages are available for Slackware 14.0, 14.1, and\n-current to fix security issues.", "cvss3": {}, "published": "2016-05-02T00:00:00", "type": "nessus", "title": "Slackware 14.0 / 14.1 / current : subversion (SSA:2016-121-01)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2167", "CVE-2016-2168"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:slackware:slackware_linux:subversion", "cpe:/o:slackware:slackware_linux", "cpe:/o:slackware:slackware_linux:14.0", "cpe:/o:slackware:slackware_linux:14.1"], "id": "SLACKWARE_SSA_2016-121-01.NASL", "href": "https://www.tenable.com/plugins/nessus/90802", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2016-121-01. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(90802);\n script_version(\"2.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2016-2167\", \"CVE-2016-2168\");\n script_xref(name:\"SSA\", value:\"2016-121-01\");\n\n script_name(english:\"Slackware 14.0 / 14.1 / current : subversion (SSA:2016-121-01)\");\n script_summary(english:\"Checks for updated package in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New subversion packages are available for Slackware 14.0, 14.1, and\n-current to fix security issues.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.417496\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e5b8f234\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected subversion package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:subversion\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/04/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/05/02\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"14.0\", pkgname:\"subversion\", pkgver:\"1.7.22\", pkgarch:\"i486\", pkgnum:\"2_slack14.0\")) flag++;\nif (slackware_check(osver:\"14.0\", arch:\"x86_64\", pkgname:\"subversion\", pkgver:\"1.7.22\", pkgarch:\"x86_64\", pkgnum:\"2_slack14.0\")) flag++;\n\nif (slackware_check(osver:\"14.1\", pkgname:\"subversion\", pkgver:\"1.7.22\", pkgarch:\"i486\", pkgnum:\"2_slack14.1\")) flag++;\nif (slackware_check(osver:\"14.1\", arch:\"x86_64\", pkgname:\"subversion\", pkgver:\"1.7.22\", pkgarch:\"x86_64\", pkgnum:\"2_slack14.1\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"subversion\", pkgver:\"1.9.4\", pkgarch:\"i586\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"subversion\", pkgver:\"1.9.4\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:slackware_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:24:18", "description": "This update for subversion fixes the following issues :\n\n - CVE-2016-2167: mod_authz_svn: DoS in MOVE/COPY authorization check (bsc#976849)\n\n - CVE-2016-2168: svnserve/sasl may authenticate users using the wrong realm (bsc#976850)\n\nThe following non-security bugs were fixed :\n\n - bsc#969159: subversion dependencies did not enforce matching password store\n\n - bsc#911620: svnserve could not be started via YaST Service manager\n\nThis update was imported from the SUSE:SLE-12:Update update project.", "cvss3": {}, "published": "2016-05-09T00:00:00", "type": "nessus", "title": "openSUSE Security Update : subversion (openSUSE-2016-570)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2167", "CVE-2016-2168"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libsvn_auth_gnome_keyring-1-0", "p-cpe:/a:novell:opensuse:libsvn_auth_gnome_keyring-1-0-debuginfo", "p-cpe:/a:novell:opensuse:libsvn_auth_kwallet-1-0", "p-cpe:/a:novell:opensuse:libsvn_auth_kwallet-1-0-debuginfo", "p-cpe:/a:novell:opensuse:subversion", "p-cpe:/a:novell:opensuse:subversion-bash-completion", "p-cpe:/a:novell:opensuse:subversion-debuginfo", "p-cpe:/a:novell:opensuse:subversion-debugsource", "p-cpe:/a:novell:opensuse:subversion-devel", "p-cpe:/a:novell:opensuse:subversion-perl", "p-cpe:/a:novell:opensuse:subversion-perl-debuginfo", "p-cpe:/a:novell:opensuse:subversion-python", "p-cpe:/a:novell:opensuse:subversion-python-debuginfo", "p-cpe:/a:novell:opensuse:subversion-ruby", "p-cpe:/a:novell:opensuse:subversion-ruby-debuginfo", "p-cpe:/a:novell:opensuse:subversion-server", "p-cpe:/a:novell:opensuse:subversion-server-debuginfo", "p-cpe:/a:novell:opensuse:subversion-tools", "p-cpe:/a:novell:opensuse:subversion-tools-debuginfo", "cpe:/o:novell:opensuse:42.1"], "id": "OPENSUSE-2016-570.NASL", "href": "https://www.tenable.com/plugins/nessus/90982", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2016-570.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(90982);\n script_version(\"2.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2016-2167\", \"CVE-2016-2168\");\n\n script_name(english:\"openSUSE Security Update : subversion (openSUSE-2016-570)\");\n script_summary(english:\"Check for the openSUSE-2016-570 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for subversion fixes the following issues :\n\n - CVE-2016-2167: mod_authz_svn: DoS in MOVE/COPY\n authorization check (bsc#976849)\n\n - CVE-2016-2168: svnserve/sasl may authenticate users\n using the wrong realm (bsc#976850)\n\nThe following non-security bugs were fixed :\n\n - bsc#969159: subversion dependencies did not enforce\n matching password store\n\n - bsc#911620: svnserve could not be started via YaST\n Service manager\n\nThis update was imported from the SUSE:SLE-12:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=911620\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=969159\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=976849\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=976850\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected subversion packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsvn_auth_gnome_keyring-1-0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsvn_auth_gnome_keyring-1-0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsvn_auth_kwallet-1-0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsvn_auth_kwallet-1-0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-bash-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-perl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-python-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-ruby-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-server-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/05/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/05/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libsvn_auth_gnome_keyring-1-0-1.8.10-9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libsvn_auth_gnome_keyring-1-0-debuginfo-1.8.10-9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libsvn_auth_kwallet-1-0-1.8.10-9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libsvn_auth_kwallet-1-0-debuginfo-1.8.10-9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"subversion-1.8.10-9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"subversion-bash-completion-1.8.10-9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"subversion-debuginfo-1.8.10-9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"subversion-debugsource-1.8.10-9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"subversion-devel-1.8.10-9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"subversion-perl-1.8.10-9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"subversion-perl-debuginfo-1.8.10-9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"subversion-python-1.8.10-9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"subversion-python-debuginfo-1.8.10-9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"subversion-ruby-1.8.10-9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"subversion-ruby-debuginfo-1.8.10-9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"subversion-server-1.8.10-9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"subversion-server-debuginfo-1.8.10-9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"subversion-tools-1.8.10-9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"subversion-tools-debuginfo-1.8.10-9.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libsvn_auth_gnome_keyring-1-0 / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:24:03", "description": "CVE-2016-2167\n\nsvnserve, the svn:// protocol server, can optionally use the Cyrus SASL library for authentication, integrity protection, and encryption.\nDue to a programming oversight, authentication against Cyrus SASL would permit the remote user to specify a realm string which is a prefix of the expected realm string.\n\nCVE-2016-2168\n\nSubversion's httpd servers are vulnerable to a remotely triggerable crash in the mod_authz_svn module. The crash can occur during an authorization check for a COPY or MOVE request with a specially crafted header value.\n\nThis allows remote attackers to cause a denial of service.\n\n-- James GPG Key: 4096R/331BA3DB 2011-12-05 James McCoy <jamessan@debian.org>\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-05-02T00:00:00", "type": "nessus", "title": "Debian DLA-448-1 : subversion security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2167", "CVE-2016-2168"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libapache2-svn", "p-cpe:/a:debian:debian_linux:libsvn-dev", "p-cpe:/a:debian:debian_linux:libsvn-doc", "p-cpe:/a:debian:debian_linux:libsvn-java", "p-cpe:/a:debian:debian_linux:libsvn-perl", "p-cpe:/a:debian:debian_linux:libsvn-ruby", "p-cpe:/a:debian:debian_linux:libsvn-ruby1.8", "p-cpe:/a:debian:debian_linux:libsvn1", "p-cpe:/a:debian:debian_linux:python-subversion", "p-cpe:/a:debian:debian_linux:subversion", "p-cpe:/a:debian:debian_linux:subversion-tools", "cpe:/o:debian:debian_linux:7.0"], "id": "DEBIAN_DLA-448.NASL", "href": "https://www.tenable.com/plugins/nessus/90805", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-448-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(90805);\n script_version(\"2.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-2167\", \"CVE-2016-2168\");\n\n script_name(english:\"Debian DLA-448-1 : subversion security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"CVE-2016-2167\n\nsvnserve, the svn:// protocol server, can optionally use the Cyrus\nSASL library for authentication, integrity protection, and encryption.\nDue to a programming oversight, authentication against Cyrus SASL\nwould permit the remote user to specify a realm string which is a\nprefix of the expected realm string.\n\nCVE-2016-2168\n\nSubversion's httpd servers are vulnerable to a remotely triggerable\ncrash in the mod_authz_svn module. The crash can occur during an\nauthorization check for a COPY or MOVE request with a specially\ncrafted header value.\n\nThis allows remote attackers to cause a denial of service.\n\n-- James GPG Key: 4096R/331BA3DB 2011-12-05 James McCoy\n<jamessan@debian.org>\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2016/05/msg00000.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/subversion\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libapache2-svn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libsvn-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libsvn-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libsvn-java\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libsvn-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libsvn-ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libsvn-ruby1.8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libsvn1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python-subversion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:subversion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:subversion-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/04/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/05/02\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"libapache2-svn\", reference:\"1.6.17dfsg-4+deb7u11\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libsvn-dev\", reference:\"1.6.17dfsg-4+deb7u11\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libsvn-doc\", reference:\"1.6.17dfsg-4+deb7u11\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libsvn-java\", reference:\"1.6.17dfsg-4+deb7u11\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libsvn-perl\", reference:\"1.6.17dfsg-4+deb7u11\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libsvn-ruby\", reference:\"1.6.17dfsg-4+deb7u11\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libsvn-ruby1.8\", reference:\"1.6.17dfsg-4+deb7u11\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libsvn1\", reference:\"1.6.17dfsg-4+deb7u11\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"python-subversion\", reference:\"1.6.17dfsg-4+deb7u11\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"subversion\", reference:\"1.6.17dfsg-4+deb7u11\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"subversion-tools\", reference:\"1.6.17dfsg-4+deb7u11\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:24:52", "description": "The canonicalize_username function in svnserve/cyrus_auth.c in Apache Subversion before 1.8.16 and 1.9.x before 1.9.4, when Cyrus SASL authentication is used, allows remote attackers to authenticate and bypass intended access restrictions via a realm string that is a prefix of an expected repository realm string. (CVE-2016-2167)\n\nThe req_check_access function in the mod_authz_svn module in the httpd server in Apache Subversion before 1.8.16 and 1.9.x before 1.9.4 allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) via a crafted header in a (1) MOVE or (2) COPY request, involving an authorization check. (CVE-2016-2168)", "cvss3": {}, "published": "2016-06-06T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : subversion (ALAS-2016-709)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2167", "CVE-2016-2168"], "modified": "2018-04-18T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:mod24_dav_svn", "p-cpe:/a:amazon:linux:subversion", "p-cpe:/a:amazon:linux:subversion-debuginfo", "p-cpe:/a:amazon:linux:subversion-devel", "p-cpe:/a:amazon:linux:subversion-javahl", "p-cpe:/a:amazon:linux:subversion-libs", "p-cpe:/a:amazon:linux:subversion-perl", "p-cpe:/a:amazon:linux:subversion-python26", "p-cpe:/a:amazon:linux:subversion-python27", "p-cpe:/a:amazon:linux:subversion-ruby", "p-cpe:/a:amazon:linux:subversion-tools", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2016-709.NASL", "href": "https://www.tenable.com/plugins/nessus/91468", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2016-709.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(91468);\n script_version(\"2.3\");\n script_cvs_date(\"Date: 2018/04/18 15:09:36\");\n\n script_cve_id(\"CVE-2016-2167\", \"CVE-2016-2168\");\n script_xref(name:\"ALAS\", value:\"2016-709\");\n\n script_name(english:\"Amazon Linux AMI : subversion (ALAS-2016-709)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The canonicalize_username function in svnserve/cyrus_auth.c in Apache\nSubversion before 1.8.16 and 1.9.x before 1.9.4, when Cyrus SASL\nauthentication is used, allows remote attackers to authenticate and\nbypass intended access restrictions via a realm string that is a\nprefix of an expected repository realm string. (CVE-2016-2167)\n\nThe req_check_access function in the mod_authz_svn module in the httpd\nserver in Apache Subversion before 1.8.16 and 1.9.x before 1.9.4\nallows remote authenticated users to cause a denial of service (NULL\npointer dereference and crash) via a crafted header in a (1) MOVE or\n(2) COPY request, involving an authorization check. (CVE-2016-2168)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2016-709.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update subversion' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:mod24_dav_svn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:subversion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:subversion-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:subversion-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:subversion-javahl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:subversion-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:subversion-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:subversion-python26\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:subversion-python27\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:subversion-ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:subversion-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/06/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/06/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"mod24_dav_svn-1.9.4-2.54.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"subversion-1.9.4-2.54.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"subversion-debuginfo-1.9.4-2.54.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"subversion-devel-1.9.4-2.54.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"subversion-javahl-1.9.4-2.54.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"subversion-libs-1.9.4-2.54.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"subversion-perl-1.9.4-2.54.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"subversion-python26-1.9.4-2.54.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"subversion-python27-1.9.4-2.54.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"subversion-ruby-1.9.4-2.54.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"subversion-tools-1.9.4-2.54.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mod24_dav_svn / subversion / subversion-debuginfo / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:20:09", "description": "The version of Apache Subversion installed on the remote host is version 1.8.x prior to 1.8.16 or 1.9.x prior to 1.9.4. It is, therefore, affected by the following vulnerabilities : \n\n - A flaw exists within 'svnserve/sasl' that is triggered when handling a realm string which is a prefix of the expected realm string, which can cause an authenticated remote attacker to incorrectly authenticate into the wrong realm. This may allow the attacker to gain access to areas they would otherwise be restricted from. (CVE-2016-2167)\n - A flaw exists within 'mod_authz_svn' that is triggered as authorization checks are not properly performed on 'COPY' and 'MOVE' actions. This may allow a remote attacker to use a specially crafted header to crash the server. (CVE-2016-2168)\n - A 'NULL pointer' dereference flaw exists within the 'mod_authz_svn' module that is triggered when handling invalid headers for COPY and MOVE requests. This may allow a remote attacker to cause a Subversion server to crash. (CVE-2016-2168)", "cvss3": {}, "published": "2016-02-05T00:00:00", "type": "nessus", "title": "Apache Subversion 1.8.x < 1.8.16 / 1.9.x < 1.9.4 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2167", "CVE-2016-2168"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:/a:apache:subversion"], "id": "9395.PRM", "href": "https://www.tenable.com/plugins/nnm/9395", "sourceData": "Binary data 9395.prm", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:23:35", "description": "Several vulnerabilities were discovered in Subversion, a version control system. The Common Vulnerabilities and Exposures project identifies the following problems :\n\n - CVE-2016-2167 Daniel Shahaf and James McCoy discovered that an implementation error in the authentication against the Cyrus SASL library would permit a remote user to specify a realm string which is a prefix of the expected realm string and potentially allowing a user to authenticate using the wrong realm.\n\n - CVE-2016-2168 Ivan Zhakov of VisualSVN discovered a remotely triggerable denial of service vulnerability in the mod_authz_svn module during COPY or MOVE authorization check. An authenticated remote attacker could take advantage of this flaw to cause a denial of service (Subversion server crash) via COPY or MOVE requests with specially crafted header.", "cvss3": {}, "published": "2016-05-02T00:00:00", "type": "nessus", "title": "Debian DSA-3561-1 : subversion - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2167", "CVE-2016-2168"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:subversion", "cpe:/o:debian:debian_linux:8.0"], "id": "DEBIAN_DSA-3561.NASL", "href": "https://www.tenable.com/plugins/nessus/90808", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3561. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(90808);\n script_version(\"2.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-2167\", \"CVE-2016-2168\");\n script_xref(name:\"DSA\", value:\"3561\");\n\n script_name(english:\"Debian DSA-3561-1 : subversion - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities were discovered in Subversion, a version\ncontrol system. The Common Vulnerabilities and Exposures project\nidentifies the following problems :\n\n - CVE-2016-2167\n Daniel Shahaf and James McCoy discovered that an\n implementation error in the authentication against the\n Cyrus SASL library would permit a remote user to specify\n a realm string which is a prefix of the expected realm\n string and potentially allowing a user to authenticate\n using the wrong realm.\n\n - CVE-2016-2168\n Ivan Zhakov of VisualSVN discovered a remotely\n triggerable denial of service vulnerability in the\n mod_authz_svn module during COPY or MOVE authorization\n check. An authenticated remote attacker could take\n advantage of this flaw to cause a denial of service\n (Subversion server crash) via COPY or MOVE requests with\n specially crafted header.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-2167\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-2168\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/subversion\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2016/dsa-3561\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the subversion packages.\n\nFor the stable distribution (jessie), these problems have been fixed\nin version 1.8.10-6+deb8u4.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:subversion\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/04/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/05/02\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"libapache2-mod-svn\", reference:\"1.8.10-6+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libapache2-svn\", reference:\"1.8.10-6+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libsvn-dev\", reference:\"1.8.10-6+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libsvn-doc\", reference:\"1.8.10-6+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libsvn-java\", reference:\"1.8.10-6+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libsvn-perl\", reference:\"1.8.10-6+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libsvn-ruby1.8\", reference:\"1.8.10-6+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libsvn1\", reference:\"1.8.10-6+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"python-subversion\", reference:\"1.8.10-6+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ruby-svn\", reference:\"1.8.10-6+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"subversion\", reference:\"1.8.10-6+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"subversion-dbg\", reference:\"1.8.10-6+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"subversion-tools\", reference:\"1.8.10-6+deb8u4\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:25:33", "description": "- Update to 1.9.4 (#1331222) CVE-2016-2167 CVE-2016-2168\n\n - Move tools in docs to tools subpackage (rhbz 1171757 1199761)\n\n - Disable make check to work around FTBFS\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-07-14T00:00:00", "type": "nessus", "title": "Fedora 23 : subversion (2016-e024b3e02b)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2167", "CVE-2016-2168"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:subversion", "cpe:/o:fedoraproject:fedora:23"], "id": "FEDORA_2016-E024B3E02B.NASL", "href": "https://www.tenable.com/plugins/nessus/92183", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2016-e024b3e02b.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(92183);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-2167\", \"CVE-2016-2168\");\n script_xref(name:\"FEDORA\", value:\"2016-e024b3e02b\");\n\n script_name(english:\"Fedora 23 : subversion (2016-e024b3e02b)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Update to 1.9.4 (#1331222) CVE-2016-2167 CVE-2016-2168\n\n - Move tools in docs to tools subpackage (rhbz 1171757\n 1199761)\n\n - Disable make check to work around FTBFS\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2016-e024b3e02b\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected subversion package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:subversion\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:23\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/05/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/05/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/07/14\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^23([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 23\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC23\", reference:\"subversion-1.9.4-1.fc23\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"subversion\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:23:22", "description": "Subversion project reports :\n\nsvnserve, the svn:// protocol server, can optionally use the Cyrus SASL library for authentication, integrity protection, and encryption.\nDue to a programming oversight, authentication against Cyrus SASL would permit the remote user to specify a realm string which is a prefix of the expected realm string.\n\nSubversion's httpd servers are vulnerable to a remotely triggerable crash in the mod_authz_svn module. The crash can occur during an authorization check for a COPY or MOVE request with a specially crafted header value.\n\nThis allows remote attackers to cause a denial of service.", "cvss3": {}, "published": "2016-04-29T00:00:00", "type": "nessus", "title": "FreeBSD : subversion -- multiple vulnerabilities (c8174b63-0d3a-11e6-b06e-d43d7eed0ce2)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2167", "CVE-2016-2168"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:subversion", "p-cpe:/a:freebsd:freebsd:subversion18", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_C8174B630D3A11E6B06ED43D7EED0CE2.NASL", "href": "https://www.tenable.com/plugins/nessus/90780", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(90780);\n script_version(\"2.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2016-2167\", \"CVE-2016-2168\");\n\n script_name(english:\"FreeBSD : subversion -- multiple vulnerabilities (c8174b63-0d3a-11e6-b06e-d43d7eed0ce2)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Subversion project reports :\n\nsvnserve, the svn:// protocol server, can optionally use the Cyrus\nSASL library for authentication, integrity protection, and encryption.\nDue to a programming oversight, authentication against Cyrus SASL\nwould permit the remote user to specify a realm string which is a\nprefix of the expected realm string.\n\nSubversion's httpd servers are vulnerable to a remotely triggerable\ncrash in the mod_authz_svn module. The crash can occur during an\nauthorization check for a COPY or MOVE request with a specially\ncrafted header value.\n\nThis allows remote attackers to cause a denial of service.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://subversion.apache.org/security/CVE-2016-2167-advisory.txt\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://subversion.apache.org/security/CVE-2016-2168-advisory.txt\"\n );\n # https://vuxml.freebsd.org/freebsd/c8174b63-0d3a-11e6-b06e-d43d7eed0ce2.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f6288c90\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:subversion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:subversion18\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/04/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/04/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/04/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"subversion>=1.9.0<1.9.4\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"subversion>=1.0.0<1.8.15\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"subversion18>=1.0.0<1.8.15\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:23:17", "description": "This subversion and libserf update fixes several security and non security issues :\n\n - subversion: guard against md5 hash collisions when finding cached credentials [bnc#889849] [CVE-2014-3528]\n\n - subversion: ra_serf: properly match wildcards in SSL certs. [bnc#890511] [CVE-2014-3522]\n\n - libserf: Handle NUL bytes in fields of an X.509 certificate. [bnc#890510] [CVE-2014-3504]", "cvss3": {}, "published": "2014-08-25T00:00:00", "type": "nessus", "title": "openSUSE Security Update : libserf / subversion (openSUSE-SU-2014:1059-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3504", "CVE-2014-3522", "CVE-2014-3528"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libserf-1-0", "p-cpe:/a:novell:opensuse:libserf-1-0-debuginfo", "p-cpe:/a:novell:opensuse:libserf-1-1", "p-cpe:/a:novell:opensuse:libserf-1-1-debuginfo", "p-cpe:/a:novell:opensuse:libserf-debugsource", "p-cpe:/a:novell:opensuse:libserf-devel", "p-cpe:/a:novell:opensuse:libsvn_auth_gnome_keyring-1-0", "p-cpe:/a:novell:opensuse:libsvn_auth_gnome_keyring-1-0-debuginfo", "p-cpe:/a:novell:opensuse:libsvn_auth_kwallet-1-0", "p-cpe:/a:novell:opensuse:libsvn_auth_kwallet-1-0-debuginfo", "p-cpe:/a:novell:opensuse:subversion", "p-cpe:/a:novell:opensuse:subversion-bash-completion", "p-cpe:/a:novell:opensuse:subversion-debuginfo", "p-cpe:/a:novell:opensuse:subversion-debugsource", "p-cpe:/a:novell:opensuse:subversion-devel", "p-cpe:/a:novell:opensuse:subversion-perl", "p-cpe:/a:novell:opensuse:subversion-perl-debuginfo", "p-cpe:/a:novell:opensuse:subversion-python", "p-cpe:/a:novell:opensuse:subversion-python-debuginfo", "p-cpe:/a:novell:opensuse:subversion-ruby", "p-cpe:/a:novell:opensuse:subversion-ruby-debuginfo", "p-cpe:/a:novell:opensuse:subversion-server", "p-cpe:/a:novell:opensuse:subversion-server-debuginfo", "p-cpe:/a:novell:opensuse:subversion-tools", "p-cpe:/a:novell:opensuse:subversion-tools-debuginfo", "cpe:/o:novell:opensuse:12.3", "cpe:/o:novell:opensuse:13.1"], "id": "OPENSUSE-2014-511.NASL", "href": "https://www.tenable.com/plugins/nessus/77364", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2014-511.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(77364);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2014-3504\", \"CVE-2014-3522\", \"CVE-2014-3528\");\n\n script_name(english:\"openSUSE Security Update : libserf / subversion (openSUSE-SU-2014:1059-1)\");\n script_summary(english:\"Check for the openSUSE-2014-511 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This subversion and libserf update fixes several security and non\nsecurity issues :\n\n - subversion: guard against md5 hash collisions when\n finding cached credentials [bnc#889849] [CVE-2014-3528]\n\n - subversion: ra_serf: properly match wildcards in SSL\n certs. [bnc#890511] [CVE-2014-3522]\n\n - libserf: Handle NUL bytes in fields of an X.509\n certificate. [bnc#890510] [CVE-2014-3504]\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=889849\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=890510\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=890511\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2014-08/msg00038.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libserf / subversion packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libserf-1-0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libserf-1-0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libserf-1-1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libserf-1-1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libserf-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libserf-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsvn_auth_gnome_keyring-1-0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsvn_auth_gnome_keyring-1-0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsvn_auth_kwallet-1-0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsvn_auth_kwallet-1-0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-bash-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-perl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-python-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-ruby-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-server-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/08/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/08/25\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.3|SUSE13\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.3 / 13.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libserf-1-0-1.1.1-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libserf-1-0-debuginfo-1.1.1-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libserf-debugsource-1.1.1-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libserf-devel-1.1.1-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libsvn_auth_gnome_keyring-1-0-1.7.18-2.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libsvn_auth_gnome_keyring-1-0-debuginfo-1.7.18-2.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libsvn_auth_kwallet-1-0-1.7.18-2.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libsvn_auth_kwallet-1-0-debuginfo-1.7.18-2.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"subversion-1.7.18-2.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"subversion-bash-completion-1.7.18-2.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"subversion-debuginfo-1.7.18-2.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"subversion-debugsource-1.7.18-2.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"subversion-devel-1.7.18-2.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"subversion-perl-1.7.18-2.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"subversion-perl-debuginfo-1.7.18-2.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"subversion-python-1.7.18-2.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"subversion-python-debuginfo-1.7.18-2.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"subversion-server-1.7.18-2.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"subversion-server-debuginfo-1.7.18-2.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"subversion-tools-1.7.18-2.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"subversion-tools-debuginfo-1.7.18-2.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libserf-1-1-1.3.7-16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libserf-1-1-debuginfo-1.3.7-16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libserf-debugsource-1.3.7-16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libserf-devel-1.3.7-16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libsvn_auth_gnome_keyring-1-0-1.8.10-2.29.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libsvn_auth_gnome_keyring-1-0-debuginfo-1.8.10-2.29.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libsvn_auth_kwallet-1-0-1.8.10-2.29.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libsvn_auth_kwallet-1-0-debuginfo-1.8.10-2.29.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"subversion-1.8.10-2.29.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"subversion-bash-completion-1.8.10-2.29.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"subversion-debuginfo-1.8.10-2.29.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"subversion-debugsource-1.8.10-2.29.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"subversion-devel-1.8.10-2.29.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"subversion-perl-1.8.10-2.29.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"subversion-perl-debuginfo-1.8.10-2.29.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"subversion-python-1.8.10-2.29.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"subversion-python-debuginfo-1.8.10-2.29.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"subversion-ruby-1.8.10-2.29.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"subversion-ruby-debuginfo-1.8.10-2.29.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"subversion-server-1.8.10-2.29.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"subversion-server-debuginfo-1.8.10-2.29.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"subversion-tools-1.8.10-2.29.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"subversion-tools-debuginfo-1.8.10-2.29.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libserf-1-0 / libserf-1-0-debuginfo / libserf-debugsource / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:16:28", "description": "Joern Schneeweisz discovered that Subversion did not properly handle host names in 'svn+ssh://' URLs. A remote attacker could use this to construct a subversion repository that when accessed could run arbitrary code with the privileges of the user. (CVE-2017-9800)\n\nDaniel Shahaf and James McCoy discovered that Subversion did not properly verify realms when using Cyrus SASL authentication. A remote attacker could use this to possibly bypass intended access restrictions. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2016-2167)\n\nFlorian Weimer discovered that Subversion clients did not properly restrict XML entity expansion when accessing http(s):// URLs. A remote attacker could use this to cause a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2016-8734).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2017-08-11T00:00:00", "type": "nessus", "title": "Ubuntu 14.04 LTS / 16.04 LTS / 17.04 : subversion vulnerabilities (USN-3388-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2167", "CVE-2016-8734", "CVE-2017-9800"], "modified": "2023-01-12T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libapache2-mod-svn", "p-cpe:/a:canonical:ubuntu_linux:libapache2-svn", "p-cpe:/a:canonical:ubuntu_linux:libsvn1", "p-cpe:/a:canonical:ubuntu_linux:subversion", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/o:canonical:ubuntu_linux:17.04"], "id": "UBUNTU_USN-3388-1.NASL", "href": "https://www.tenable.com/plugins/nessus/102424", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3388-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(102424);\n script_version(\"3.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/12\");\n\n script_cve_id(\"CVE-2016-2167\", \"CVE-2016-8734\", \"CVE-2017-9800\");\n script_xref(name:\"USN\", value:\"3388-1\");\n\n script_name(english:\"Ubuntu 14.04 LTS / 16.04 LTS / 17.04 : subversion vulnerabilities (USN-3388-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Joern Schneeweisz discovered that Subversion did not properly handle\nhost names in 'svn+ssh://' URLs. A remote attacker could use this to\nconstruct a subversion repository that when accessed could run\narbitrary code with the privileges of the user. (CVE-2017-9800)\n\nDaniel Shahaf and James McCoy discovered that Subversion did not\nproperly verify realms when using Cyrus SASL authentication. A remote\nattacker could use this to possibly bypass intended access\nrestrictions. This issue only affected Ubuntu 14.04 LTS and Ubuntu\n16.04 LTS. (CVE-2016-2167)\n\nFlorian Weimer discovered that Subversion clients did not properly\nrestrict XML entity expansion when accessing http(s):// URLs. A remote\nattacker could use this to cause a denial of service. This issue only\naffected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2016-8734).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3388-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libapache2-mod-svn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libapache2-svn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libsvn1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:subversion\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:17.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/05/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/08/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/08/11\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2017-2023 Canonical, Inc. / NASL script (C) 2017-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nvar release = chomp(release);\nif (! preg(pattern:\"^(14\\.04|16\\.04|17\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.04 / 16.04 / 17.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nvar flag = 0;\n\nif (ubuntu_check(osver:\"14.04\", pkgname:\"libapache2-mod-svn\", pkgver:\"1.8.8-1ubuntu3.3\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"libapache2-svn\", pkgver:\"1.8.8-1ubuntu3.3\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"libsvn1\", pkgver:\"1.8.8-1ubuntu3.3\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"subversion\", pkgver:\"1.8.8-1ubuntu3.3\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"libapache2-mod-svn\", pkgver:\"1.9.3-2ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"libapache2-svn\", pkgver:\"1.9.3-2ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"libsvn1\", pkgver:\"1.9.3-2ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"subversion\", pkgver:\"1.9.3-2ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"17.04\", pkgname:\"libsvn1\", pkgver:\"1.9.5-1ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"17.04\", pkgname:\"subversion\", pkgver:\"1.9.5-1ubuntu1.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libapache2-mod-svn / libapache2-svn / libsvn1 / subversion\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:28:40", "description": "The remote host is affected by the vulnerability described in GLSA-201610-05 (Subversion, Serf: Multiple Vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Subversion and Serf.\n Please review the CVE identifiers referenced below for details Impact :\n\n A remote attacker could possibly execute arbitrary code with the privileges of the process, conduct a man-in-the-middle attack, obtain sensitive information, or cause a Denial of Service Condition.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {}, "published": "2016-10-12T00:00:00", "type": "nessus", "title": "GLSA-201610-05 : Subversion, Serf: Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-0032", "CVE-2014-3504", "CVE-2014-3522", "CVE-2014-3528", "CVE-2015-0202", "CVE-2015-0248", "CVE-2015-0251", "CVE-2015-3184", "CVE-2015-3187", "CVE-2015-5259", "CVE-2016-2167", "CVE-2016-2168"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:serf", "p-cpe:/a:gentoo:linux:subversion", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-201610-05.NASL", "href": "https://www.tenable.com/plugins/nessus/93992", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201610-05.\n#\n# The advisory text is Copyright (C) 2001-2016 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(93992);\n script_version(\"2.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2014-0032\", \"CVE-2014-3504\", \"CVE-2014-3522\", \"CVE-2014-3528\", \"CVE-2015-0202\", \"CVE-2015-0248\", \"CVE-2015-0251\", \"CVE-2015-3184\", \"CVE-2015-3187\", \"CVE-2015-5259\", \"CVE-2016-2167\", \"CVE-2016-2168\");\n script_xref(name:\"GLSA\", value:\"201610-05\");\n\n script_name(english:\"GLSA-201610-05 : Subversion, Serf: Multiple Vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201610-05\n(Subversion, Serf: Multiple Vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Subversion and Serf.\n Please review the CVE identifiers referenced below for details\n \nImpact :\n\n A remote attacker could possibly execute arbitrary code with the\n privileges of the process, conduct a man-in-the-middle attack, obtain\n sensitive information, or cause a Denial of Service Condition.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201610-05\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Subversion users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-vcs/subversion-1.9.4'\n All Serf users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-libs/serf-1.3.7'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:serf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:subversion\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/10/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/10/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"dev-vcs/subversion\", unaffected:make_list(\"ge 1.9.4\", \"rgt 1.8.16\"), vulnerable:make_list(\"lt 1.9.4\"))) flag++;\nif (qpkg_check(package:\"net-libs/serf\", unaffected:make_list(\"ge 1.3.7\"), vulnerable:make_list(\"lt 1.3.7\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Subversion / Serf\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:23:10", "description": "serf Development list reports :\n\nSerf provides APIs to retrieve information about a certificate. These APIs return the information as NUL terminated strings (commonly called C strings). X.509 uses counted length strings which may include a NUL byte. This means that a library user will interpret any information as ending upon seeing this NUL byte and will only see a partial value for that field.\n\nAttackers could exploit this vulnerability to create a certificate that a client will accept for a different hostname than the full certificate is actually for by embedding a NUL byte in the certificate.\n\nThis can lead to a man-in-the-middle attack. There are no known instances of this problem being exploited in the wild and in practice it should be difficult to actually exploit this vulnerability.", "cvss3": {}, "published": "2014-08-12T00:00:00", "type": "nessus", "title": "FreeBSD : serf -- SSL Certificate Null Byte Poisoning (69048656-2187-11e4-802c-20cf30e32f6d)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3504"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:serf", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_69048656218711E4802C20CF30E32F6D.NASL", "href": "https://www.tenable.com/plugins/nessus/77124", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(77124);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2014-3504\");\n\n script_name(english:\"FreeBSD : serf -- SSL Certificate Null Byte Poisoning (69048656-2187-11e4-802c-20cf30e32f6d)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"serf Development list reports :\n\nSerf provides APIs to retrieve information about a certificate. These\nAPIs return the information as NUL terminated strings (commonly called\nC strings). X.509 uses counted length strings which may include a NUL\nbyte. This means that a library user will interpret any information as\nending upon seeing this NUL byte and will only see a partial value for\nthat field.\n\nAttackers could exploit this vulnerability to create a certificate\nthat a client will accept for a different hostname than the full\ncertificate is actually for by embedding a NUL byte in the\ncertificate.\n\nThis can lead to a man-in-the-middle attack. There are no known\ninstances of this problem being exploited in the wild and in practice\nit should be difficult to actually exploit this vulnerability.\"\n );\n # https://vuxml.freebsd.org/freebsd/69048656-2187-11e4-802c-20cf30e32f6d.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?eac2332c\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:serf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/08/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/08/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/08/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"serf<1.3.7\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:22:55", "description": "Serf 1.3.7 [2014-08-11]\n\n - Handle NUL bytes in fields of an X.509 certificate.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2014-08-23T00:00:00", "type": "nessus", "title": "Fedora 20 : libserf-1.3.7-1.fc20 (2014-9367)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3504"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:libserf", "cpe:/o:fedoraproject:fedora:20"], "id": "FEDORA_2014-9367.NASL", "href": "https://www.tenable.com/plugins/nessus/77349", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2014-9367.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(77349);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2014-3504\");\n script_bugtraq_id(69238);\n script_xref(name:\"FEDORA\", value:\"2014-9367\");\n\n script_name(english:\"Fedora 20 : libserf-1.3.7-1.fc20 (2014-9367)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Serf 1.3.7 [2014-08-11]\n\n - Handle NUL bytes in fields of an X.509 certificate.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1128962\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2014-August/136944.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5256982e\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libserf package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:libserf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:20\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/08/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/08/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^20([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 20.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC20\", reference:\"libserf-1.3.7-1.fc20\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libserf\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:23:39", "description": "Updated serf packages fix security vulnerability :\n\nBen Reser discovered that serf did not correctly handle SSL certificates with NUL bytes in the CommonName or SubjectAltNames fields. A remote attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications (CVE-2014-3504).", "cvss3": {}, "published": "2014-09-12T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : serf (MDVSA-2014:166)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3504"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:lib64serf-devel", "p-cpe:/a:mandriva:linux:lib64serf0", "cpe:/o:mandriva:business_server:1"], "id": "MANDRIVA_MDVSA-2014-166.NASL", "href": "https://www.tenable.com/plugins/nessus/77645", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2014:166. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(77645);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2014-3504\");\n script_bugtraq_id(69238);\n script_xref(name:\"MDVSA\", value:\"2014:166\");\n\n script_name(english:\"Mandriva Linux Security Advisory : serf (MDVSA-2014:166)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated serf packages fix security vulnerability :\n\nBen Reser discovered that serf did not correctly handle SSL\ncertificates with NUL bytes in the CommonName or SubjectAltNames\nfields. A remote attacker could exploit this to perform a man in the\nmiddle attack to view sensitive information or alter encrypted\ncommunications (CVE-2014-3504).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://advisories.mageia.org/MGASA-2014-0353.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected lib64serf-devel and / or lib64serf0 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64serf-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64serf0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:business_server:1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/09/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/09/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64serf-devel-1.1.1-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64serf0-1.1.1-1.mbs1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:29:41", "description": "The Apache Software Foundation reports :\n\nThe mod_dontdothat module of subversion and subversion clients using http(s):// are vulnerable to a denial-of-service attack, caused by exponential XML entity expansion. The attack targets XML parsers causing targeted process to consume excessive amounts of resources.\nThe attack is also known as the 'billions of laughs attack.'", "cvss3": {}, "published": "2016-11-30T00:00:00", "type": "nessus", "title": "FreeBSD : subversion -- Unrestricted XML entity expansion in mod_dontdothat and Subversionclients using http(s) (ac256985-b6a9-11e6-a3bf-206a8a720317)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-8734"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:subversion18", "p-cpe:/a:freebsd:freebsd:subversion", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_AC256985B6A911E6A3BF206A8A720317.NASL", "href": "https://www.tenable.com/plugins/nessus/95409", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2019 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(95409);\n script_version(\"2.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2016-8734\");\n\n script_name(english:\"FreeBSD : subversion -- Unrestricted XML entity expansion in mod_dontdothat and Subversionclients using http(s) (ac256985-b6a9-11e6-a3bf-206a8a720317)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Apache Software Foundation reports :\n\nThe mod_dontdothat module of subversion and subversion clients using\nhttp(s):// are vulnerable to a denial-of-service attack, caused by\nexponential XML entity expansion. The attack targets XML parsers\ncausing targeted process to consume excessive amounts of resources.\nThe attack is also known as the 'billions of laughs attack.'\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://subversion.apache.org/security/CVE-2016-8734-advisory.txt\"\n );\n # https://vuxml.freebsd.org/freebsd/ac256985-b6a9-11e6-a3bf-206a8a720317.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b25fdd5a\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:subversion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:subversion18\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/11/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/11/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/11/30\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"subversion18<1.8.17\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"subversion<1.9.5\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:08:39", "description": "This update includes the latest stable release of _Apache Subversion_, version **1.9.5**.\n\n#### Client-side bugfixes :\n\n - fix accessing non-existent paths during reintegrate merge \n\n - fix handling of newly secured subdirectories in working copy \n\n - info: remove trailing whitespace in --show-item=revision ([issue 4660](http://subversion.tigris.org/issues/show_bug.cgi?i d=4660))\n\n - fix recording wrong revisions for tree conflicts \n\n - gpg-agent: improve discovery of gpg-agent sockets \n\n - gpg-agent: fix file descriptor leak \n\n - resolve: fix --accept=mine-full for binary files ([issue 4647](http://subversion.tigris.org/issues/show_bug.cgi?i d=4647))\n\n - merge: fix possible crash ([issue 4652](http://subversion.tigris.org/issues/show_bug.cgi?i d=4652))\n\n - resolve: fix possible crash \n\n - fix potential crash in Win32 crash reporter #### Server-side bugfixes :\n\n - fsfs: fix 'offset too large' error during pack ([issue 4657](http://subversion.tigris.org/issues/show_bug.cgi?i d=4657))\n\n - svnserve: enable hook script environments \n\n - fsfs: fix possible data reconstruction error ([issue 4658](http://subversion.tigris.org/issues/show_bug.cgi?i d=4658))\n\n - fix source of spurious 'incoming edit' tree conflicts \n\n - fsfs: improve caching for large directories \n\n - fsfs: fix crash when encountering all-zero checksums \n\n - fsfs: fix potential source of repository corruptions \n\n - mod_dav_svn: fix excessive memory usage with mod_headers/mod_deflate ([issue 3084](http://subversion.tigris.org/issues/show_bug.cgi?i d=3084))\n\n - mod_dav_svn: reduce memory usage during GET requests \n\n - fsfs: fix unexpected 'database is locked' errors \n\n - fsfs: fix opening old repositories without db/format files #### Client-side and server-side bugfixes :\n\n - fix possible crash when reading invalid configuration files #### Bindings bugfixes :\n\n - swig-pl: do not corrupt '{DATE}' revision variable \n\n - javahl: fix temporary accepting SSL server certificates \n\n - swig-pl: fix possible stack corruption\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2017-01-10T00:00:00", "type": "nessus", "title": "Fedora 25 : subversion (2017-c629f16f6c)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-8734"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:subversion", "cpe:/o:fedoraproject:fedora:25"], "id": "FEDORA_2017-C629F16F6C.NASL", "href": "https://www.tenable.com/plugins/nessus/96360", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2017-c629f16f6c.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(96360);\n script_version(\"3.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2016-8734\");\n script_xref(name:\"FEDORA\", value:\"2017-c629f16f6c\");\n\n script_name(english:\"Fedora 25 : subversion (2017-c629f16f6c)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update includes the latest stable release of _Apache Subversion_,\nversion **1.9.5**.\n\n#### Client-side bugfixes :\n\n - fix accessing non-existent paths during reintegrate\n merge \n\n - fix handling of newly secured subdirectories in working\n copy \n\n - info: remove trailing whitespace in --show-item=revision\n ([issue\n 4660](http://subversion.tigris.org/issues/show_bug.cgi?i\n d=4660))\n\n - fix recording wrong revisions for tree conflicts \n\n - gpg-agent: improve discovery of gpg-agent sockets \n\n - gpg-agent: fix file descriptor leak \n\n - resolve: fix --accept=mine-full for binary files ([issue\n 4647](http://subversion.tigris.org/issues/show_bug.cgi?i\n d=4647))\n\n - merge: fix possible crash ([issue\n 4652](http://subversion.tigris.org/issues/show_bug.cgi?i\n d=4652))\n\n - resolve: fix possible crash \n\n - fix potential crash in Win32 crash reporter ####\n Server-side bugfixes :\n\n - fsfs: fix 'offset too large' error during pack ([issue\n 4657](http://subversion.tigris.org/issues/show_bug.cgi?i\n d=4657))\n\n - svnserve: enable hook script environments \n\n - fsfs: fix possible data reconstruction error ([issue\n 4658](http://subversion.tigris.org/issues/show_bug.cgi?i\n d=4658))\n\n - fix source of spurious 'incoming edit' tree conflicts \n\n - fsfs: improve caching for large directories \n\n - fsfs: fix crash when encountering all-zero checksums \n\n - fsfs: fix potential source of repository corruptions \n\n - mod_dav_svn: fix excessive memory usage with\n mod_headers/mod_deflate ([issue\n 3084](http://subversion.tigris.org/issues/show_bug.cgi?i\n d=3084))\n\n - mod_dav_svn: reduce memory usage during GET requests \n\n - fsfs: fix unexpected 'database is locked' errors \n\n - fsfs: fix opening old repositories without db/format\n files #### Client-side and server-side bugfixes :\n\n - fix possible crash when reading invalid configuration\n files #### Bindings bugfixes :\n\n - swig-pl: do not corrupt '{DATE}' revision variable \n\n - javahl: fix temporary accepting SSL server certificates \n\n - swig-pl: fix possible stack corruption\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2017-c629f16f6c\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected subversion package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:subversion\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:25\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/10/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/01/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/01/10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^25([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 25\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC25\", reference:\"subversion-1.9.5-1.fc25\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"subversion\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:26:35", "description": "An update of the subversion package has been released.", "cvss3": {}, "published": "2019-02-07T00:00:00", "type": "nessus", "title": "Photon OS 1.0: Subversion PHSA-2017-1.0-0093", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-8734"], "modified": "2022-05-24T00:00:00", "cpe": ["cpe:/o:vmware:photonos:1.0", "p-cpe:/a:vmware:photonos:subversion"], "id": "PHOTONOS_PHSA-2017-1_0-0093_SUBVERSION.NASL", "href": "https://www.tenable.com/plugins/nessus/121782", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2017-1.0-0093. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(121782);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/24\");\n\n script_cve_id(\"CVE-2016-8734\");\n\n script_name(english:\"Photon OS 1.0: Subversion PHSA-2017-1.0-0093\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the subversion package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-1.0-93.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-8734\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/12/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/12/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/02/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:subversion\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:1.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 1\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 1.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"subversion-1.9.4-4.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"subversion-debuginfo-1.9.4-4.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"subversion-devel-1.9.4-4.ph1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"subversion\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:23:23", "description": "New subversion packages are available for Slackware 14.0, 14.1, and\n-current to fix security issues.", "cvss3": {}, "published": "2016-04-07T00:00:00", "type": "nessus", "title": "Slackware 14.0 / 14.1 / current : subversion (SSA:2016-097-01)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-5343"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:slackware:slackware_linux:subversion", "cpe:/o:slackware:slackware_linux", "cpe:/o:slackware:slackware_linux:14.0", "cpe:/o:slackware:slackware_linux:14.1"], "id": "SLACKWARE_SSA_2016-097-01.NASL", "href": "https://www.tenable.com/plugins/nessus/90363", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2016-097-01. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(90363);\n script_version(\"2.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2015-5343\");\n script_xref(name:\"SSA\", value:\"2016-097-01\");\n\n script_name(english:\"Slackware 14.0 / 14.1 / current : subversion (SSA:2016-097-01)\");\n script_summary(english:\"Checks for updated package in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New subversion packages are available for Slackware 14.0, 14.1, and\n-current to fix security issues.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.405261\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?af9999d5\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected subversion package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:subversion\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/04/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/04/07\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"14.0\", pkgname:\"subversion\", pkgver:\"1.7.22\", pkgarch:\"i486\", pkgnum:\"1_slack14.0\")) flag++;\nif (slackware_check(osver:\"14.0\", arch:\"x86_64\", pkgname:\"subversion\", pkgver:\"1.7.22\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.0\")) flag++;\n\nif (slackware_check(osver:\"14.1\", pkgname:\"subversion\", pkgver:\"1.7.22\", pkgarch:\"i486\", pkgnum:\"1_slack14.1\")) flag++;\nif (slackware_check(osver:\"14.1\", arch:\"x86_64\", pkgname:\"subversion\", pkgver:\"1.7.22\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.1\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"subversion\", pkgver:\"1.9.3\", pkgarch:\"i586\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"subversion\", pkgver:\"1.9.3\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:slackware_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:18:11", "description": "This update for subversion fixes the following issues :\n\n - Apache Subversion 1.8.15 This release fixes one security issue: Remotely triggerable heap overflow and out-of-bounds read in mod_dav_svn caused by integer overflow when parsing skel-encoded request bodies.\n CVE-2015-5343 [boo#958300]\n\n - fix a segfault with old style text delta\n\n - fsfs: reduce memory allocation with Apache\n\n - mod_dav_svn: emit first log items as soon as possible\n\n - mod_dav_svn: use LimitXMLRequestBody for skel-encoded requests\n\n - swig: fix memory corruption in svn_client_copy_source_t\n\n - better configure-time detection of httpd authz fix (drop subversion-1.8.14-httpd-version-number-detection.patch, replace subversion-1.8.9-allow-httpd-2.4.6.patch with subversion-1.8.15-allow-httpd-2.4.6.patch as a result", "cvss3": {}, "published": "2015-12-29T00:00:00", "type": "nessus", "title": "openSUSE Security Update : subversion (openSUSE-2015-948)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-5343"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libsvn_auth_gnome_keyring-1-0", "p-cpe:/a:novell:opensuse:libsvn_auth_gnome_keyring-1-0-debuginfo", "p-cpe:/a:novell:opensuse:libsvn_auth_kwallet-1-0", "p-cpe:/a:novell:opensuse:libsvn_auth_kwallet-1-0-debuginfo", "p-cpe:/a:novell:opensuse:subversion", "p-cpe:/a:novell:opensuse:subversion-bash-completion", "p-cpe:/a:novell:opensuse:subversion-debuginfo", "p-cpe:/a:novell:opensuse:subversion-debugsource", "p-cpe:/a:novell:opensuse:subversion-devel", "p-cpe:/a:novell:opensuse:subversion-perl", "p-cpe:/a:novell:opensuse:subversion-perl-debuginfo", "p-cpe:/a:novell:opensuse:subversion-python", "p-cpe:/a:novell:opensuse:subversion-python-ctypes", "p-cpe:/a:novell:opensuse:subversion-python-debuginfo", "p-cpe:/a:novell:opensuse:subversion-ruby", "p-cpe:/a:novell:opensuse:subversion-ruby-debuginfo", "p-cpe:/a:novell:opensuse:subversion-server", "p-cpe:/a:novell:opensuse:subversion-server-debuginfo", "p-cpe:/a:novell:opensuse:subversion-tools", "p-cpe:/a:novell:opensuse:subversion-tools-debuginfo", "cpe:/o:novell:opensuse:13.1", "cpe:/o:novell:opensuse:13.2"], "id": "OPENSUSE-2015-948.NASL", "href": "https://www.tenable.com/plugins/nessus/87623", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2015-948.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87623);\n script_version(\"2.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2015-5343\");\n\n script_name(english:\"openSUSE Security Update : subversion (openSUSE-2015-948)\");\n script_summary(english:\"Check for the openSUSE-2015-948 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for subversion fixes the following issues :\n\n - Apache Subversion 1.8.15 This release fixes one security\n issue: Remotely triggerable heap overflow and\n out-of-bounds read in mod_dav_svn caused by integer\n overflow when parsing skel-encoded request bodies.\n CVE-2015-5343 [boo#958300]\n\n - fix a segfault with old style text delta\n\n - fsfs: reduce memory allocation with Apache\n\n - mod_dav_svn: emit first log items as soon as possible\n\n - mod_dav_svn: use LimitXMLRequestBody for skel-encoded\n requests\n\n - swig: fix memory corruption in svn_client_copy_source_t\n\n - better configure-time detection of httpd authz fix (drop\n subversion-1.8.14-httpd-version-number-detection.patch,\n replace subversion-1.8.9-allow-httpd-2.4.6.patch with\n subversion-1.8.15-allow-httpd-2.4.6.patch as a result\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=958300\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected subversion packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsvn_auth_gnome_keyring-1-0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsvn_auth_gnome_keyring-1-0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsvn_auth_kwallet-1-0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsvn_auth_kwallet-1-0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-bash-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-perl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-python-ctypes\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-python-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-ruby-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-server-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE13\\.1|SUSE13\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"13.1 / 13.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libsvn_auth_gnome_keyring-1-0-1.8.15-2.42.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libsvn_auth_gnome_keyring-1-0-debuginfo-1.8.15-2.42.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libsvn_auth_kwallet-1-0-1.8.15-2.42.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libsvn_auth_kwallet-1-0-debuginfo-1.8.15-2.42.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"subversion-1.8.15-2.42.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"subversion-bash-completion-1.8.15-2.42.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"subversion-debuginfo-1.8.15-2.42.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"subversion-debugsource-1.8.15-2.42.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"subversion-devel-1.8.15-2.42.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"subversion-perl-1.8.15-2.42.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"subversion-perl-debuginfo-1.8.15-2.42.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"subversion-python-1.8.15-2.42.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"subversion-python-debuginfo-1.8.15-2.42.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"subversion-ruby-1.8.15-2.42.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"subversion-ruby-debuginfo-1.8.15-2.42.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"subversion-server-1.8.15-2.42.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"subversion-server-debuginfo-1.8.15-2.42.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"subversion-tools-1.8.15-2.42.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"subversion-tools-debuginfo-1.8.15-2.42.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libsvn_auth_gnome_keyring-1-0-1.8.15-2.23.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libsvn_auth_gnome_keyring-1-0-debuginfo-1.8.15-2.23.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libsvn_auth_kwallet-1-0-1.8.15-2.23.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libsvn_auth_kwallet-1-0-debuginfo-1.8.15-2.23.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"subversion-1.8.15-2.23.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"subversion-bash-completion-1.8.15-2.23.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"subversion-debuginfo-1.8.15-2.23.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"subversion-debugsource-1.8.15-2.23.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"subversion-devel-1.8.15-2.23.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"subversion-perl-1.8.15-2.23.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"subversion-perl-debuginfo-1.8.15-2.23.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"subversion-python-1.8.15-2.23.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"subversion-python-ctypes-1.8.15-2.23.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"subversion-python-debuginfo-1.8.15-2.23.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"subversion-ruby-1.8.15-2.23.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"subversion-ruby-debuginfo-1.8.15-2.23.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"subversion-server-1.8.15-2.23.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"subversion-server-debuginfo-1.8.15-2.23.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"subversion-tools-1.8.15-2.23.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"subversion-tools-debuginfo-1.8.15-2.23.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libsvn_auth_gnome_keyring-1-0 / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:20:10", "description": "The version of Apache Subversion installed on the remote host is 1.7.x, 1.8.x prior to 1.8.15, or 1.9.x prior to 1.9.3 and is affected by a buffer overflow vulnerability. Specifically, these versions contain an integer overflow condition in the 'request_body_to_string()' function in 'mod_dav_svn/util.c' that is triggered when handling skel-encoded request bodies. This may allow an authenticated, remote attacker to cause a heap-based buffer overflow, crashing the service or potentially allowing the execution of arbitrary code. (CVE-2015-5343)", "cvss3": {}, "published": "2016-02-05T00:00:00", "type": "nessus", "title": "Apache Subversion < 1.8.15 / 1.9.x < 1.9.3 Buffer Overflow", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-5343"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:/a:apache:subversion"], "id": "9068.PRM", "href": "https://www.tenable.com/plugins/nnm/9068", "sourceData": "Binary data 9068.prm", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:09:16", "description": "It was discovered that Subversion's mod_dontdothat module and Subversion clients using http(s):// are vulnerable to a denial-of-service attack caused by exponential XML entity expansion.\nAn authenticated remote attacker can cause denial-of-service conditions on the server using mod_dontdothat by sending a specially crafted REPORT request. The attack does not require access to a particular repository.", "cvss3": {}, "published": "2017-02-07T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : subversion / mod_dav_svn (ALAS-2017-794)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-8734"], "modified": "2018-04-18T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:mod24_dav_svn", "p-cpe:/a:amazon:linux:mod_dav_svn", "p-cpe:/a:amazon:linux:mod_dav_svn-debuginfo", "p-cpe:/a:amazon:linux:subversion", "p-cpe:/a:amazon:linux:subversion-debuginfo", "p-cpe:/a:amazon:linux:subversion-devel", "p-cpe:/a:amazon:linux:subversion-javahl", "p-cpe:/a:amazon:linux:subversion-libs", "p-cpe:/a:amazon:linux:subversion-perl", "p-cpe:/a:amazon:linux:subversion-python26", "p-cpe:/a:amazon:linux:subversion-python27", "p-cpe:/a:amazon:linux:subversion-ruby", "p-cpe:/a:amazon:linux:subversion-tools", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2017-794.NASL", "href": "https://www.tenable.com/plugins/nessus/97024", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2017-794.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(97024);\n script_version(\"3.4\");\n script_cvs_date(\"Date: 2018/04/18 15:09:36\");\n\n script_cve_id(\"CVE-2016-8734\");\n script_xref(name:\"ALAS\", value:\"2017-794\");\n\n script_name(english:\"Amazon Linux AMI : subversion / mod_dav_svn (ALAS-2017-794)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that Subversion's mod_dontdothat module and\nSubversion clients using http(s):// are vulnerable to a\ndenial-of-service attack caused by exponential XML entity expansion.\nAn authenticated remote attacker can cause denial-of-service\nconditions on the server using mod_dontdothat by sending a specially\ncrafted REPORT request. The attack does not require access to a\nparticular repository.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2017-794.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Run 'yum update subversion' to update your system.\n\nRun 'yum update mod_dav_svn' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:mod24_dav_svn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:mod_dav_svn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:mod_dav_svn-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:subversion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:subversion-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:subversion-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:subversion-javahl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:subversion-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:subversion-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:subversion-python26\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:subversion-python27\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:subversion-ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:subversion-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/02/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/02/07\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"mod24_dav_svn-1.9.5-1.56.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"mod_dav_svn-1.9.5-2.53.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"mod_dav_svn-debuginfo-1.9.5-2.53.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"subversion-1.9.5-1.56.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"subversion-debuginfo-1.9.5-1.56.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"subversion-devel-1.9.5-1.56.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"subversion-javahl-1.9.5-1.56.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"subversion-libs-1.9.5-1.56.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"subversion-perl-1.9.5-1.56.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"subversion-python26-1.9.5-1.56.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"subversion-python27-1.9.5-1.56.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"subversion-ruby-1.9.5-1.56.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"subversion-tools-1.9.5-1.56.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mod24_dav_svn / mod_dav_svn / mod_dav_svn-debuginfo / subversion / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:30:42", "description": "This update for subversion fixes the following issues :\n\n - Version update to 1.9.5 :\n\n - Unrestricted XML entity expansion in mod_dontdothat and Subversion clients using http(s):// (boo#1011552, CVE-2016-8734)\n\n - Client-side bugfixes :\n\n - fix accessing non-existent paths during reintegrate merge (r1766699 et al)\n\n - fix handling of newly secured subdirectories in working copy (r1724448)\n\n - info: remove trailing whitespace in --show-item=revision (issue #4660)\n\n - fix recording wrong revisions for tree conflicts (r1734106)\n\n - gpg-agent: improve discovery of gpg-agent sockets (r1766327)\n\n - gpg-agent: fix file descriptor leak (r1766323)\n\n - resolve: fix --accept=mine-full for binary files (issue #4647)\n\n - merge: fix possible crash (issue #4652)\n\n - resolve: fix possible crash (r1748514)\n\n - fix potential crash in Win32 crash reporter (r1663253 et al)\n\n - Server-side bugfixes :\n\n - fsfs: fix 'offset too large' error during pack (issue #4657)\n\n - svnserve: enable hook script environments (r1769152)\n\n - fsfs: fix possible data reconstruction error (issue #4658)\n\n - fix source of spurious 'incoming edit' tree conflicts (r1770108)\n\n - fsfs: improve caching for large directories (r1721285)\n\n - fsfs: fix crash when encountering all-zero checksums (r1759686)\n\n - fsfs: fix potential source of repository corruptions (r1756266)\n\n - mod_dav_svn: fix excessive memory usage with mod_headers/mod_deflate (issue #3084)\n\n - mod_dav_svn: reduce memory usage during GET requests (r1757529 et al)\n\n - fsfs: fix unexpected 'database is locked' errors (r1741096 et al)\n\n - fsfs: fix opening old repositories without db/format files (r1720015)\n\n - Client-side and server-side bugfixes :\n\n - fix possible crash when reading invalid configuration files (r1715777)\n\n - Bindings bugfixes :\n\n - swig-pl: do not corrupt '(DATE)' revision variable (r1767768)\n\n - javahl: fix temporary accepting SSL server certificates (r1764851)\n\n - swig-pl: fix possible stack corruption (r1683266, r1683267)", "cvss3": {}, "published": "2016-12-12T00:00:00", "type": "nessus", "title": "openSUSE Security Update : subversion (openSUSE-2016-1435)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-8734"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libsvn_auth_gnome_keyring-1-0", "p-cpe:/a:novell:opensuse:libsvn_auth_gnome_keyring-1-0-debuginfo", "p-cpe:/a:novell:opensuse:libsvn_auth_kwallet-1-0", "p-cpe:/a:novell:opensuse:libsvn_auth_kwallet-1-0-debuginfo", "p-cpe:/a:novell:opensuse:subversion", "p-cpe:/a:novell:opensuse:subversion-bash-completion", "p-cpe:/a:novell:opensuse:subversion-debuginfo", "p-cpe:/a:novell:opensuse:subversion-debugsource", "p-cpe:/a:novell:opensuse:subversion-devel", "p-cpe:/a:novell:opensuse:subversion-perl", "p-cpe:/a:novell:opensuse:subversion-perl-debuginfo", "p-cpe:/a:novell:opensuse:subversion-python", "p-cpe:/a:novell:opensuse:subversion-python-ctypes", "p-cpe:/a:novell:opensuse:subversion-python-debuginfo", "p-cpe:/a:novell:opensuse:subversion-ruby", "p-cpe:/a:novell:opensuse:subversion-ruby-debuginfo", "p-cpe:/a:novell:opensuse:subversion-server", "p-cpe:/a:novell:opensuse:subversion-server-debuginfo", "p-cpe:/a:novell:opensuse:subversion-tools", "p-cpe:/a:novell:opensuse:subversion-tools-debuginfo", "cpe:/o:novell:opensuse:42.2"], "id": "OPENSUSE-2016-1435.NASL", "href": "https://www.tenable.com/plugins/nessus/95707", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2016-1435.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(95707);\n script_version(\"3.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2016-8734\");\n\n script_name(english:\"openSUSE Security Update : subversion (openSUSE-2016-1435)\");\n script_summary(english:\"Check for the openSUSE-2016-1435 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for subversion fixes the following issues :\n\n - Version update to 1.9.5 :\n\n - Unrestricted XML entity expansion in mod_dontdothat and\n Subversion clients using http(s):// (boo#1011552,\n CVE-2016-8734)\n\n - Client-side bugfixes :\n\n - fix accessing non-existent paths during reintegrate\n merge (r1766699 et al)\n\n - fix handling of newly secured subdirectories in working\n copy (r1724448)\n\n - info: remove trailing whitespace in --show-item=revision\n (issue #4660)\n\n - fix recording wrong revisions for tree conflicts\n (r1734106)\n\n - gpg-agent: improve discovery of gpg-agent sockets\n (r1766327)\n\n - gpg-agent: fix file descriptor leak (r1766323)\n\n - resolve: fix --accept=mine-full for binary files (issue\n #4647)\n\n - merge: fix possible crash (issue #4652)\n\n - resolve: fix possible crash (r1748514)\n\n - fix potential crash in Win32 crash reporter (r1663253 et\n al)\n\n - Server-side bugfixes :\n\n - fsfs: fix 'offset too large' error during pack (issue\n #4657)\n\n - svnserve: enable hook script environments (r1769152)\n\n - fsfs: fix possible data reconstruction error (issue\n #4658)\n\n - fix source of spurious 'incoming edit' tree conflicts\n (r1770108)\n\n - fsfs: improve caching for large directories (r1721285)\n\n - fsfs: fix crash when encountering all-zero checksums\n (r1759686)\n\n - fsfs: fix potential source of repository corruptions\n (r1756266)\n\n - mod_dav_svn: fix excessive memory usage with\n mod_headers/mod_deflate (issue #3084)\n\n - mod_dav_svn: reduce memory usage during GET requests\n (r1757529 et al)\n\n - fsfs: fix unexpected 'database is locked' errors\n (r1741096 et al)\n\n - fsfs: fix opening old repositories without db/format\n files (r1720015)\n\n - Client-side and server-side bugfixes :\n\n - fix possible crash when reading invalid configuration\n files (r1715777)\n\n - Bindings bugfixes :\n\n - swig-pl: do not corrupt '(DATE)' revision variable\n (r1767768)\n\n - javahl: fix temporary accepting SSL server certificates\n (r1764851)\n\n - swig-pl: fix possible stack corruption (r1683266,\n r1683267)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1011552\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected subversion packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsvn_auth_gnome_keyring-1-0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsvn_auth_gnome_keyring-1-0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsvn_auth_kwallet-1-0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsvn_auth_kwallet-1-0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-bash-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-perl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-python-ctypes\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-python-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-ruby-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-server-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/10/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/12/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/12/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.2\", reference:\"libsvn_auth_gnome_keyring-1-0-1.9.5-3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"libsvn_auth_gnome_keyring-1-0-debuginfo-1.9.5-3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"libsvn_auth_kwallet-1-0-1.9.5-3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"libsvn_auth_kwallet-1-0-debuginfo-1.9.5-3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"subversion-1.9.5-3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"subversion-bash-completion-1.9.5-3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"subversion-debuginfo-1.9.5-3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"subversion-debugsource-1.9.5-3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"subversion-devel-1.9.5-3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"subversion-perl-1.9.5-3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"subversion-perl-debuginfo-1.9.5-3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"subversion-python-1.9.5-3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"subversion-python-ctypes-1.9.5-3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"subversion-python-debuginfo-1.9.5-3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"subversion-ruby-1.9.5-3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"subversion-ruby-debuginfo-1.9.5-3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"subversion-server-1.9.5-3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"subversion-server-debuginfo-1.9.5-3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"subversion-tools-1.9.5-3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"subversion-tools-debuginfo-1.9.5-3.2\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libsvn_auth_gnome_keyring-1-0 / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:18:17", "description": "Ivan Zhakov discovered an integer overflow in mod_dav_svn, which allows an attacker with write access to the server to execute arbitrary code or cause a denial of service.\n\nThe oldstable distribution (wheezy) is not affected.", "cvss3": {}, "published": "2015-12-17T00:00:00", "type": "nessus", "title": "Debian DSA-3424-1 : subversion - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-5343"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:subversion", "cpe:/o:debian:debian_linux:8.0"], "id": "DEBIAN_DSA-3424.NASL", "href": "https://www.tenable.com/plugins/nessus/87431", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3424. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87431);\n script_version(\"2.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-5343\");\n script_xref(name:\"DSA\", value:\"3424\");\n\n script_name(english:\"Debian DSA-3424-1 : subversion - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Ivan Zhakov discovered an integer overflow in mod_dav_svn, which\nallows an attacker with write access to the server to execute\narbitrary code or cause a denial of service.\n\nThe oldstable distribution (wheezy) is not affected.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/subversion\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2015/dsa-3424\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the subversion packages.\n\nFor the stable distribution (jessie), this problem has been fixed in\nversion 1.8.10-6+deb8u2.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:subversion\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"libapache2-mod-svn\", reference:\"1.8.10-6+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libapache2-svn\", reference:\"1.8.10-6+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libsvn-dev\", reference:\"1.8.10-6+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libsvn-doc\", reference:\"1.8.10-6+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libsvn-java\", reference:\"1.8.10-6+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libsvn-perl\", reference:\"1.8.10-6+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libsvn-ruby1.8\", reference:\"1.8.10-6+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libsvn1\", reference:\"1.8.10-6+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"python-subversion\", reference:\"1.8.10-6+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ruby-svn\", reference:\"1.8.10-6+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"subversion\", reference:\"1.8.10-6+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"subversion-dbg\", reference:\"1.8.10-6+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"subversion-tools\", reference:\"1.8.10-6+deb8u2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:24:00", "description": "The (1) serf_ssl_cert_issuer, (2) serf_ssl_cert_subject, and (3) serf_ssl_cert_certificate functions in Serf 0.2.0 through 1.3.x before 1.3.7 does not properly handle a NUL byte in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority.", "cvss3": {}, "published": "2014-10-12T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : libserf (ALAS-2014-397)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3504"], "modified": "2018-04-18T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:libserf", "p-cpe:/a:amazon:linux:libserf-debuginfo", "p-cpe:/a:amazon:linux:libserf-devel", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2014-397.NASL", "href": "https://www.tenable.com/plugins/nessus/78340", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2014-397.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(78340);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2018/04/18 15:09:35\");\n\n script_cve_id(\"CVE-2014-3504\");\n script_xref(name:\"ALAS\", value:\"2014-397\");\n\n script_name(english:\"Amazon Linux AMI : libserf (ALAS-2014-397)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The (1) serf_ssl_cert_issuer, (2) serf_ssl_cert_subject, and (3)\nserf_ssl_cert_certificate functions in Serf 0.2.0 through 1.3.x before\n1.3.7 does not properly handle a NUL byte in a domain name in the\nsubject's Common Name (CN) field of an X.509 certificate, which allows\nman-in-the-middle attackers to spoof arbitrary SSL servers via a\ncrafted certificate issued by a legitimate Certification Authority.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2014-397.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update libserf' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libserf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libserf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libserf-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/09/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/10/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"libserf-1.3.7-1.6.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"libserf-debuginfo-1.3.7-1.6.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"libserf-devel-1.3.7-1.6.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libserf / libserf-debuginfo / libserf-devel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:23:06", "description": "Ben Reser discovered that serf did not correctly handle SSL certificates with NUL bytes in the CommonName or SubjectAltNames fields. A remote attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2014-08-15T00:00:00", "type": "nessus", "title": "Ubuntu 12.04 LTS / 14.04 LTS : serf vulnerability (USN-2315-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3504"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libserf-1-1", "p-cpe:/a:canonical:ubuntu_linux:libserf1", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "UBUNTU_USN-2315-1.NASL", "href": "https://www.tenable.com/plugins/nessus/77218", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2315-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(77218);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2014-3504\");\n script_bugtraq_id(69238);\n script_xref(name:\"USN\", value:\"2315-1\");\n\n script_name(english:\"Ubuntu 12.04 LTS / 14.04 LTS : serf vulnerability (USN-2315-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Ben Reser discovered that serf did not correctly handle SSL\ncertificates with NUL bytes in the CommonName or SubjectAltNames\nfields. A remote attacker could exploit this to perform a man in the\nmiddle attack to view sensitive information or alter encrypted\ncommunications.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2315-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libserf-1-1 and / or libserf1 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libserf-1-1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libserf1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/08/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/08/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/08/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2014-2020 Canonical, Inc. / NASL script (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(12\\.04|14\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04 / 14.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"libserf1\", pkgver:\"1.0.0-2ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"libserf-1-1\", pkgver:\"1.3.3-1ubuntu0.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libserf-1-1 / libserf1\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:10:44", "description": "Updated serf packages fix security vulnerability :\n\nBen Reser discovered that serf did not correctly handle SSL certificates with NUL bytes in the CommonName or SubjectAltNames fields. A remote attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications (CVE-2014-3504).", "cvss3": {}, "published": "2015-03-30T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : serf (MDVSA-2015:127)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3504"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:lib64serf-devel", "p-cpe:/a:mandriva:linux:lib64serf1", "cpe:/o:mandriva:business_server:2"], "id": "MANDRIVA_MDVSA-2015-127.NASL", "href": "https://www.tenable.com/plugins/nessus/82380", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2015:127. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(82380);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2014-3504\");\n script_xref(name:\"MDVSA\", value:\"2015:127\");\n\n script_name(english:\"Mandriva Linux Security Advisory : serf (MDVSA-2015:127)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated serf packages fix security vulnerability :\n\nBen Reser discovered that serf did not correctly handle SSL\ncertificates with NUL bytes in the CommonName or SubjectAltNames\nfields. A remote attacker could exploit this to perform a man in the\nmiddle attack to view sensitive information or alter encrypted\ncommunications (CVE-2014-3504).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://advisories.mageia.org/MGASA-2014-0353.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected lib64serf-devel and / or lib64serf1 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64serf-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64serf1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:business_server:2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/03/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/03/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"lib64serf-devel-1.3.2-3.1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"lib64serf1-1.3.2-3.1.mbs2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:24:09", "description": "The Serf RA layer in Apache Subversion 1.4.0 through 1.7.x before 1.7.18 and 1.8.x before 1.8.10 does not properly handle wildcards in the Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof servers via a crafted certificate.", "cvss3": {}, "published": "2014-10-12T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : subversion (ALAS-2014-413)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3522"], "modified": "2018-04-18T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:mod_dav_svn", "p-cpe:/a:amazon:linux:subversion", "p-cpe:/a:amazon:linux:subversion-debuginfo", "p-cpe:/a:amazon:linux:subversion-devel", "p-cpe:/a:amazon:linux:subversion-javahl", "p-cpe:/a:amazon:linux:subversion-libs", "p-cpe:/a:amazon:linux:subversion-perl", "p-cpe:/a:amazon:linux:subversion-python", "p-cpe:/a:amazon:linux:subversion-ruby", "p-cpe:/a:amazon:linux:subversion-tools", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2014-413.NASL", "href": "https://www.tenable.com/plugins/nessus/78356", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2014-413.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(78356);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2018/04/18 15:09:35\");\n\n script_cve_id(\"CVE-2014-3522\");\n script_xref(name:\"ALAS\", value:\"2014-413\");\n\n script_name(english:\"Amazon Linux AMI : subversion (ALAS-2014-413)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Serf RA layer in Apache Subversion 1.4.0 through 1.7.x before\n1.7.18 and 1.8.x before 1.8.10 does not properly handle wildcards in\nthe Common Name (CN) or subjectAltName field of the X.509 certificate,\nwhich allows man-in-the-middle attackers to spoof servers via a\ncrafted certificate.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2014-413.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update subversion' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:mod_dav_svn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:subversion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:subversion-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:subversion-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:subversion-javahl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:subversion-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:subversion-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:subversion-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:subversion-ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:subversion-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/09/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/10/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"mod_dav_svn-1.8.10-1.44.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"subversion-1.8.10-1.44.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"subversion-debuginfo-1.8.10-1.44.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"subversion-devel-1.8.10-1.44.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"subversion-javahl-1.8.10-1.44.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"subversion-libs-1.8.10-1.44.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"subversion-perl-1.8.10-1.44.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"subversion-python-1.8.10-1.44.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"subversion-ruby-1.8.10-1.44.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"subversion-tools-1.8.10-1.44.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mod_dav_svn / subversion / subversion-debuginfo / subversion-devel / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:22:57", "description": "This update includes the latest stable release of **Apache Subversion**, version **1.8.10**.\n\n**Client-side bugfixes:**\n\n - guard against md5 hash collisions when finding cached credentials\n\n - ra_serf: properly match wildcards in SSL certs.\n\n - ra_serf: ignore the CommonName in SSL certs where there are Subject Alt Names\n\n - ra_serf: fix a URI escaping bug that prevented deleting locked paths\n\n - rm: Display the proper URL when deleting a URL in the commit log editor\n\n - log: Fix another instance of broken pipe error\n\n - copy: Properly handle props not present or excluded on cross wc copy\n\n - copy: Fix copying parents of locally deleted nodes between wcs\n\n - externals: Properly delete ancestor directories of externals when removing the external by changing svn:externals.\n\n - ra_serf: fix memory lifetime of some hash values\n\n**Server-side bugfixes:**\n\n - fsfs: omit config file when creating pre-1.5 format repos\n\n**Bindings:**\n\n - ruby: removing warning about Ruby 1.9 support being new.\n\n - python: fix notify_func callbacks\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2014-08-29T00:00:00", "type": "nessus", "title": "Fedora 20 : subversion-1.8.10-1.fc20 (2014-9636)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3522"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:subversion", "cpe:/o:fedoraproject:fedora:20"], "id": "FEDORA_2014-9636.NASL", "href": "https://www.tenable.com/plugins/nessus/77428", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2014-9636.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(77428);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2014-3522\");\n script_bugtraq_id(69237);\n script_xref(name:\"FEDORA\", value:\"2014-9636\");\n\n script_name(english:\"Fedora 20 : subversion-1.8.10-1.fc20 (2014-9636)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update includes the latest stable release of **Apache\nSubversion**, version **1.8.10**.\n\n**Client-side bugfixes:**\n\n - guard against md5 hash collisions when finding cached\n credentials\n\n - ra_serf: properly match wildcards in SSL certs.\n\n - ra_serf: ignore the CommonName in SSL certs where\n there are Subject Alt Names\n\n - ra_serf: fix a URI escaping bug that prevented\n deleting locked paths\n\n - rm: Display the proper URL when deleting a URL in the\n commit log editor\n\n - log: Fix another instance of broken pipe error\n\n - copy: Properly handle props not present or excluded on\n cross wc copy\n\n - copy: Fix copying parents of locally deleted nodes\n between wcs\n\n - externals: Properly delete ancestor directories of\n externals when removing the external by changing\n svn:externals.\n\n - ra_serf: fix memory lifetime of some hash values\n\n**Server-side bugfixes:**\n\n - fsfs: omit config file when creating pre-1.5 format\n repos\n\n**Bindings:**\n\n - ruby: removing warning about Ruby 1.9 support being new.\n\n - python: fix notify_func callbacks\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1125800\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1128884\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1129100\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2014-August/137116.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ede7be2c\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected subversion package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:subversion\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:20\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/08/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/08/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^20([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 20.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC20\", reference:\"subversion-1.8.10-1.fc20\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"subversion\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:59:46", "description": "According to the version of the subversion packages installed, the EulerOS installation on the remote host is affected by the following vulnerability :\n\n - In Apache Subversion versions up to and including 1.9.10, 1.10.4, 1.12.0, Subversion's svnserve server process may exit when a client sends certain sequences of protocol commands. This can lead to disruption for users of the server.(CVE-2019-0203)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2020-04-20T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP8 : subversion (EulerOS-SA-2020-1513)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-0203"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:mod_dav_svn", "p-cpe:/a:huawei:euleros:subversion", "p-cpe:/a:huawei:euleros:subversion-libs", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2020-1513.NASL", "href": "https://www.tenable.com/plugins/nessus/135746", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(135746);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2019-0203\"\n );\n\n script_name(english:\"EulerOS 2.0 SP8 : subversion (EulerOS-SA-2020-1513)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the subversion packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerability :\n\n - In Apache Subversion versions up to and including\n 1.9.10, 1.10.4, 1.12.0, Subversion's svnserve server\n process may exit when a client sends certain sequences\n of protocol commands. This can lead to disruption for\n users of the server.(CVE-2019-0203)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1513\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?b92b9efa\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected subversion package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:mod_dav_svn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:subversion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:subversion-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(8)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"mod_dav_svn-1.10.2-1.h2.eulerosv2r8\",\n \"subversion-1.10.2-1.h2.eulerosv2r8\",\n \"subversion-libs-1.10.2-1.h2.eulerosv2r8\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"8\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"subversion\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:27:03", "description": "From Red Hat Security Advisory 2019:2512 :\n\nAn update for the subversion:1.10 module is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nSubversion (SVN) is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes.\n\nSecurity Fix(es) :\n\n* subversion: NULL pointer dereference in svnserve leading to an unauthenticated remote DoS (CVE-2019-0203)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {}, "published": "2019-08-20T00:00:00", "type": "nessus", "title": "Oracle Linux 8 : subversion:1.10 (ELSA-2019-2512)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-0203"], "modified": "2020-01-02T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:libserf", "p-cpe:/a:oracle:linux:mod_dav_svn", "p-cpe:/a:oracle:linux:subversion", "p-cpe:/a:oracle:linux:subversion-devel", "p-cpe:/a:oracle:linux:subversion-gnome", "p-cpe:/a:oracle:linux:subversion-javahl", "p-cpe:/a:oracle:linux:subversion-libs", "p-cpe:/a:oracle:linux:subversion-perl", "p-cpe:/a:oracle:linux:subversion-tools", "p-cpe:/a:oracle:linux:utf8proc", "cpe:/o:oracle:linux:8"], "id": "ORACLELINUX_ELSA-2019-2512.NASL", "href": "https://www.tenable.com/plugins/nessus/127984", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2019:2512 and \n# Oracle Linux Security Advisory ELSA-2019-2512 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(127984);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2020/01/02\");\n\n script_cve_id(\"CVE-2019-0203\");\n script_xref(name:\"RHSA\", value:\"2019:2512\");\n\n script_name(english:\"Oracle Linux 8 : subversion:1.10 (ELSA-2019-2512)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2019:2512 :\n\nAn update for the subversion:1.10 module is now available for Red Hat\nEnterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nSubversion (SVN) is a concurrent version control system which enables\none or more users to collaborate in developing and maintaining a\nhierarchy of files and directories while keeping a history of all\nchanges.\n\nSecurity Fix(es) :\n\n* subversion: NULL pointer dereference in svnserve leading to an\nunauthenticated remote DoS (CVE-2019-0203)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2019-August/009075.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected subversion:1.10 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libserf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mod_dav_svn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:subversion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:subversion-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:subversion-gnome\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:subversion-javahl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:subversion-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:subversion-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:subversion-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:utf8proc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:8\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/20\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 8\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"libserf-1.3.9-9.module+el8.0.0+5251+b51029f7\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"mod_dav_svn-1.10.2-2.module+el8.0.0+5251+b51029f7\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"subversion-1.10.2-2.module+el8.0.0+5251+b51029f7\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"subversion-devel-1.10.2-2.module+el8.0.0+5251+b51029f7\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"subversion-gnome-1.10.2-2.module+el8.0.0+5251+b51029f7\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"subversion-javahl-1.10.2-2.module+el8.0.0+5251+b51029f7\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"subversion-libs-1.10.2-2.module+el8.0.0+5251+b51029f7\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"subversion-perl-1.10.2-2.module+el8.0.0+5251+b51029f7\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"subversion-tools-1.10.2-2.module+el8.0.0+5251+b51029f7\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"utf8proc-2.1.1-5.module+el8.0.0+5251+b51029f7\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libserf / mod_dav_svn / subversion / subversion-devel / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:26:53", "description": "An update for the subversion:1.10 module is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nSubversion (SVN) is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes.\n\nSecurity Fix(es) :\n\n* subversion: NULL pointer dereference in svnserve leading to an unauthenticated remote DoS (CVE-2019-0203)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {}, "published": "2019-08-20T00:00:00", "type": "nessus", "title": "RHEL 8 : subversion:1.10 (RHSA-2019:2512)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-0203"], "modified": "2021-03-24T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:libserf", "p-cpe:/a:redhat:enterprise_linux:libserf-debugsource", "p-cpe:/a:redhat:enterprise_linux:mod_dav_svn", "p-cpe:/a:redhat:enterprise_linux:subversion", "p-cpe:/a:redhat:enterprise_linux:subversion-debugsource", "p-cpe:/a:redhat:enterprise_linux:subversion-devel", "p-cpe:/a:redhat:enterprise_linux:subversion-gnome", "p-cpe:/a:redhat:enterprise_linux:subversion-javahl", "p-cpe:/a:redhat:enterprise_linux:subversion-libs", "p-cpe:/a:redhat:enterprise_linux:subversion-perl", "p-cpe:/a:redhat:enterprise_linux:subversion-tools", "p-cpe:/a:redhat:enterprise_linux:utf8proc", "p-cpe:/a:redhat:enterprise_linux:utf8proc-debugsource", "cpe:/o:redhat:enterprise_linux:8", "cpe:/o:redhat:enterprise_linux:8.0"], "id": "REDHAT-RHSA-2019-2512.NASL", "href": "https://www.tenable.com/plugins/nessus/127992", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2019:2512. The text\n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(127992);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/03/24\");\n\n script_cve_id(\"CVE-2019-0203\");\n script_xref(name:\"RHSA\", value:\"2019:2512\");\n\n script_name(english:\"RHEL 8 : subversion:1.10 (RHSA-2019:2512)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"An update for the subversion:1.10 module is now available for Red Hat\nEnterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nSubversion (SVN) is a concurrent version control system which enables\none or more users to collaborate in developing and maintaining a\nhierarchy of files and directories while keeping a history of all\nchanges.\n\nSecurity Fix(es) :\n\n* subversion: NULL pointer dereference in svnserve leading to an\nunauthenticated remote DoS (CVE-2019-0203)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2019:2512\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-0203\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-0203\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libserf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libserf-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mod_dav_svn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:subversion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:subversion-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:subversion-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:subversion-gnome\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:subversion-javahl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:subversion-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:subversion-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:subversion-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:utf8proc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:utf8proc-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/20\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 8.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nmodule_ver = get_kb_item('Host/RedHat/appstream/subversion');\nif (isnull(module_ver)) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module subversion:1.10');\nif ('1.10' >!< module_ver) audit(AUDIT_PACKAGE_NOT_AFFECTED, 'Module subversion:' + module_ver);\n\nappstreams = {\n 'subversion:1.10': [\n {'reference':'libserf-1.3.9-9.module+el8.0.0+3900+919b6753', 'cpu':'aarch64', 'release':'8'},\n {'reference':'libserf-1.3.9-9.module+el8.0.0+3900+919b6753', 'cpu':'s390x', 'release':'8'},\n {'reference':'libserf-1.3.9-9.module+el8.0.0+3900+919b6753', 'cpu':'x86_64', 'release':'8'},\n {'reference':'libserf-debugsource-1.3.9-9.module+el8.0.0+3900+919b6753', 'cpu':'aarch64', 'release':'8'},\n {'reference':'libserf-debugsource-1.3.9-9.module+el8.0.0+3900+919b6753', 'cpu':'s390x', 'release':'8'},\n {'reference':'libserf-debugsource-1.3.9-9.module+el8.0.0+3900+919b6753', 'cpu':'x86_64', 'release':'8'},\n {'reference':'mod_dav_svn-1.10.2-2.module+el8.0.0+3900+919b6753', 'cpu':'aarch64', 'release':'8'},\n {'reference':'mod_dav_svn-1.10.2-2.module+el8.0.0+3900+919b6753', 'cpu':'s390x', 'release':'8'},\n {'reference':'mod_dav_svn-1.10.2-2.module+el8.0.0+3900+919b6753', 'cpu':'x86_64', 'release':'8'},\n {'reference':'subversion-1.10.2-2.module+el8.0.0+3900+919b6753', 'cpu':'aarch64', 'release':'8'},\n {'reference':'subversion-1.10.2-2.module+el8.0.0+3900+919b6753', 'cpu':'s390x', 'release':'8'},\n {'reference':'subversion-1.10.2-2.module+el8.0.0+3900+919b6753', 'cpu':'x86_64', 'release':'8'},\n {'reference':'subversion-debugsource-1.10.2-2.module+el8.0.0+3900+919b6753', 'cpu':'aarch64', 'release':'8'},\n {'reference':'subversion-debugsource-1.10.2-2.module+el8.0.0+3900+919b6753', 'cpu':'s390x', 'release':'8'},\n {'reference':'subversion-debugsource-1.10.2-2.module+el8.0.0+3900+919b6753', 'cpu':'x86_64', 'release':'8'},\n {'reference':'subversion-devel-1.10.2-2.module+el8.0.0+3900+919b6753', 'cpu':'aarch64', 'release':'8'},\n {'reference':'subversion-devel-1.10.2-2.module+el8.0.0+3900+919b6753', 'cpu':'s390x', 'release':'8'},\n {'reference':'subversion-devel-1.10.2-2.module+el8.0.0+3900+919b6753', 'cpu':'x86_64', 'release':'8'},\n {'reference':'subversion-gnome-1.10.2-2.module+el8.0.0+3900+919b6753', 'cpu':'aarch64', 'release':'8'},\n {'reference':'subversion-gnome-1.10.2-2.module+el8.0.0+3900+919b6753', 'cpu':'s390x', 'release':'8'},\n {'reference':'subversion-gnome-1.10.2-2.module+el8.0.0+3900+919b6753', 'cpu':'x86_64', 'release':'8'},\n {'reference':'subversion-javahl-1.10.2-2.module+el8.0.0+3900+919b6753', 'release':'8'},\n {'reference':'subversion-libs-1.10.2-2.module+el8.0.0+3900+919b6753', 'cpu':'aarch64', 'release':'8'},\n {'reference':'subversion-libs-1.10.2-2.module+el8.0.0+3900+919b6753', 'cpu':'s390x', 'release':'8'},\n {'reference':'subversion-libs-1.10.2-2.module+el8.0.0+3900+919b6753', 'cpu':'x86_64', 'release':'8'},\n {'reference':'subversion-perl-1.10.2-2.module+el8.0.0+3900+919b6753', 'cpu':'aarch64', 'release':'8'},\n {'reference':'subversion-perl-1.10.2-2.module+el8.0.0+3900+919b6753', 'cpu':'s390x', 'release':'8'},\n {'reference':'subversion-perl-1.10.2-2.module+el8.0.0+3900+919b6753', 'cpu':'x86_64', 'release':'8'},\n {'reference':'subversion-tools-1.10.2-2.module+el8.0.0+3900+919b6753', 'cpu':'aarch64', 'release':'8'},\n {'reference':'subversion-tools-1.10.2-2.module+el8.0.0+3900+919b6753', 'cpu':'s390x', 'release':'8'},\n {'reference':'subversion-tools-1.10.2-2.module+el8.0.0+3900+919b6753', 'cpu':'x86_64', 'release':'8'},\n {'reference':'utf8proc-2.1.1-5.module+el8.0.0+3900+919b6753', 'cpu':'aarch64', 'release':'8'},\n {'reference':'utf8proc-2.1.1-5.module+el8.0.0+3900+919b6753', 'cpu':'s390x', 'release':'8'},\n {'reference':'utf8proc-2.1.1-5.module+el8.0.0+3900+919b6753', 'cpu':'x86_64', 'release':'8'},\n {'reference':'utf8proc-debugsource-2.1.1-5.module+el8.0.0+3900+919b6753', 'cpu':'aarch64', 'release':'8'},\n {'reference':'utf8proc-debugsource-2.1.1-5.module+el8.0.0+3900+919b6753', 'cpu':'s390x', 'release':'8'},\n {'reference':'utf8proc-debugsource-2.1.1-5.module+el8.0.0+3900+919b6753', 'cpu':'x86_64', 'release':'8'}\n ],\n};\n\nflag = 0;\nappstreams_found = 0;\nforeach module (keys(appstreams)) {\n appstream = NULL;\n appstream_name = NULL;\n appstream_version = NULL;\n appstream_split = split(module, sep:':', keep:FALSE);\n if (!empty_or_null(appstream_split)) {\n appstream_name = appstream_split[0];\n appstream_version = appstream_split[1];\n if (!empty_or_null(appstream_name)) appstream = get_one_kb_item('Host/RedHat/appstream/' + appstream_name);\n }\n if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {\n appstreams_found++;\n foreach package_array ( appstreams[module] ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n }\n }\n}\n\nif (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module subversion:1.10');\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libserf / libserf-debugsource / mod_dav_svn / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:22:24", "description": "This update includes the latest stable release of _Apache Subversion_, version **1.9.3**. ### User-visible changes: #### Client-side bugfixes: * svn: fix possible crash in auth credentials cache * cleanup: avoid unneeded memory growth during pristine cleanup * diff:\nfix crash when repository is on server root * fix translations for commit notifications * ra_serf: fix crash in multistatus parser * svn:\nreport lock/unlock errors as failures * svn: cleanup user deleted external registrations * svn: allow simple resolving of binary file text conflicts * svnlook: properly remove tempfiles on diff errors * ra_serf: report built- and run-time versions of libserf * ra_serf: set Content- Type header in outgoing requests * svn: fix merging deletes of svn:eol-style CRLF/CR files * ra_local: disable zero-copy code path #### Server-side bugfixes: * mod_authz_svn: fix authz with mod_auth_kerb/mod_auth_ntlm ( [issue 4602](http://subversion.tigris.org/issues/show_bug.cgi?id=4602)) * mod_dav_svn: fix display of process ID in cache statistics * mod_dav_svn: use LimitXMLRequestBody for skel-encoded requests * svnadmin dump: preserve no-op changes * fsfs: avoid unneeded I/O when opening transactions #### Bindings bugfixes: * javahl: fix ABI incompatibility with 1.8 * javahl: allow non- absolute paths in SVNClient.vacuum ### Developer-visible changes: #### General :\n\n - fix patch filter invocation in svn_client_patch() * add \\@since information to config defines * fix running the tests in compatibility mode * clarify documentation of svn_fs_node_created_rev() #### API changes: * fix overflow detection in svn_stringbuf_remove and _replace\n * don't ignore some of the parameters to svn_ra_svn_create_conn3\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-03-04T00:00:00", "type": "nessus", "title": "Fedora 23 : subversion-1.9.3-1.fc23 (2015-afdb0e8aaa)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-5259", "CVE-2015-5343"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:subversion", "cpe:/o:fedoraproject:fedora:23"], "id": "FEDORA_2015-AFDB0E8AAA.NASL", "href": "https://www.tenable.com/plugins/nessus/89372", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2015-afdb0e8aaa.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(89372);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-5259\", \"CVE-2015-5343\");\n script_xref(name:\"FEDORA\", value:\"2015-afdb0e8aaa\");\n\n script_name(english:\"Fedora 23 : subversion-1.9.3-1.fc23 (2015-afdb0e8aaa)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update includes the latest stable release of _Apache Subversion_,\nversion **1.9.3**. ### User-visible changes: #### Client-side\nbugfixes: * svn: fix possible crash in auth credentials cache *\ncleanup: avoid unneeded memory growth during pristine cleanup * diff:\nfix crash when repository is on server root * fix translations for\ncommit notifications * ra_serf: fix crash in multistatus parser * svn:\nreport lock/unlock errors as failures * svn: cleanup user deleted\nexternal registrations * svn: allow simple resolving of binary file\ntext conflicts * svnlook: properly remove tempfiles on diff errors *\nra_serf: report built- and run-time versions of libserf * ra_serf: set\nContent- Type header in outgoing requests * svn: fix merging deletes\nof svn:eol-style CRLF/CR files * ra_local: disable zero-copy code path\n#### Server-side bugfixes: * mod_authz_svn: fix authz with\nmod_auth_kerb/mod_auth_ntlm ( [issue\n4602](http://subversion.tigris.org/issues/show_bug.cgi?id=4602)) *\nmod_dav_svn: fix display of process ID in cache statistics *\nmod_dav_svn: use LimitXMLRequestBody for skel-encoded requests *\nsvnadmin dump: preserve no-op changes * fsfs: avoid unneeded I/O when\nopening transactions #### Bindings bugfixes: * javahl: fix ABI\nincompatibility with 1.8 * javahl: allow non- absolute paths in\nSVNClient.vacuum ### Developer-visible changes: #### General :\n\n - fix patch filter invocation in svn_client_patch() * add\n \\@since information to config defines * fix running the\n tests in compatibility mode * clarify documentation of\n svn_fs_node_created_rev() #### API changes: * fix\n overflow detection in svn_stringbuf_remove and _replace\n * don't ignore some of the parameters to\n svn_ra_svn_create_conn3\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://subversion.tigris.org/issues/show_bug.cgi?id=4602\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1289958\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1289959\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-December/174293.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d2163ff8\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected subversion package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:subversion\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:23\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^23([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 23.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC23\", reference:\"subversion-1.9.3-1.fc23\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"subversion\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:16:29", "description": "Several problems were discovered in Subversion, a centralised version control system.\n\n - CVE-2016-8734 (jessie only)\n\n Subversion's mod_dontdothat server module and Subversion clients using http(s):// were vulnerable to a denial-of-service attack caused by exponential XML entity expansion.\n\n - CVE-2017-9800 Joern Schneeweisz discovered that Subversion did not correctly handle maliciously constructed svn+ssh:// URLs. This allowed an attacker to run an arbitrary shell command, for instance via svn:externals properties or when using 'svnsync sync'.", "cvss3": {}, "published": "2017-08-11T00:00:00", "type": "nessus", "title": "Debian DSA-3932-1 : subversion - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-8734", "CVE-2017-9800"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:subversion", "cpe:/o:debian:debian_linux:8.0", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DSA-3932.NASL", "href": "https://www.tenable.com/plugins/nessus/102372", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3932. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(102372);\n script_version(\"3.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2016-8734\", \"CVE-2017-9800\");\n script_xref(name:\"DSA\", value:\"3932\");\n\n script_name(english:\"Debian DSA-3932-1 : subversion - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several problems were discovered in Subversion, a centralised version\ncontrol system.\n\n - CVE-2016-8734\n (jessie only)\n\n Subversion's mod_dontdothat server module and Subversion clients\n using http(s):// were vulnerable to a denial-of-service attack\n caused by exponential XML entity expansion.\n\n - CVE-2017-9800\n Joern Schneeweisz discovered that Subversion did not\n correctly handle maliciously constructed svn+ssh://\n URLs. This allowed an attacker to run an arbitrary shell\n command, for instance via svn:externals properties or\n when using 'svnsync sync'.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-8734\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2017-9800\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/subversion\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/subversion\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2017/dsa-3932\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the subversion packages.\n\nFor the oldstable distribution (jessie), these problems have been\nfixed in version 1.8.10-6+deb8u5.\n\nFor the stable distribution (stretch), these problems have been fixed\nin version 1.9.5-1+deb9u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:subversion\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/08/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/08/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"libapache2-mod-svn\", reference:\"1.8.10-6+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libapache2-svn\", reference:\"1.8.10-6+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libsvn-dev\", reference:\"1.8.10-6+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libsvn-doc\", reference:\"1.8.10-6+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libsvn-java\", reference:\"1.8.10-6+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libsvn-perl\", reference:\"1.8.10-6+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libsvn-ruby1.8\", reference:\"1.8.10-6+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libsvn1\", reference:\"1.8.10-6+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"python-subversion\", reference:\"1.8.10-6+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ruby-svn\", reference:\"1.8.10-6+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"subversion\", reference:\"1.8.10-6+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"subversion-dbg\", reference:\"1.8.10-6+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"subversion-tools\", reference:\"1.8.10-6+deb8u5\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libapache2-mod-svn\", reference:\"1.9.5-1+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libsvn-dev\", reference:\"1.9.5-1+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libsvn-doc\", reference:\"1.9.5-1+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libsvn-java\", reference:\"1.9.5-1+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libsvn-perl\", reference:\"1.9.5-1+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libsvn1\", reference:\"1.9.5-1+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"python-subversion\", reference:\"1.9.5-1+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"ruby-svn\", reference:\"1.9.5-1+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"subversion\", reference:\"1.9.5-1+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"subversion-tools\", reference:\"1.9.5-1+deb9u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:18:30", "description": "Subversion Project reports :\n\nRemotely triggerable heap overflow and out-of-bounds read caused by integer overflow in the svn:// protocol parser.\n\nRemotely triggerable heap overflow and out-of-bounds read in mod_dav_svn caused by integer overflow when parsing skel-encoded request bodies.", "cvss3": {}, "published": "2015-12-16T00:00:00", "type": "nessus", "title": "FreeBSD : subversion -- multiple vulnerabilities (daadef86-a366-11e5-8b40-20cf30e32f6d)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-5259", "CVE-2015-5343"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:mod_dav_svn", "p-cpe:/a:freebsd:freebsd:subversion", "p-cpe:/a:freebsd:freebsd:subversion17", "p-cpe:/a:freebsd:freebsd:subversion18", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_DAADEF86A36611E58B4020CF30E32F6D.NASL", "href": "https://www.tenable.com/plugins/nessus/87388", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87388);\n script_version(\"2.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2015-5259\", \"CVE-2015-5343\");\n\n script_name(english:\"FreeBSD : subversion -- multiple vulnerabilities (daadef86-a366-11e5-8b40-20cf30e32f6d)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Subversion Project reports :\n\nRemotely triggerable heap overflow and out-of-bounds read caused by\ninteger overflow in the svn:// protocol parser.\n\nRemotely triggerable heap overflow and out-of-bounds read in\nmod_dav_svn caused by integer overflow when parsing skel-encoded\nrequest bodies.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://subversion.apache.org/security/CVE-2015-5343-advisory.txt\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://subversion.apache.org/security/CVE-2015-5259-advisory.txt\"\n );\n # https://vuxml.freebsd.org/freebsd/daadef86-a366-11e5-8b40-20cf30e32f6d.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?29013c3c\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:mod_dav_svn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:subversion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:subversion17\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:subversion18\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/11/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"subversion17>=1.7.0<1.7.22_1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"subversion18>=1.8.0<1.8.15\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"subversion>=1.9.0<1.9.3\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"mod_dav_svn>=1.7.0<1.7.22_1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"mod_dav_svn>=1.8.0<1.8.15\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"mod_dav_svn>=1.9.0<1.9.3\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-20T14:40:00", "description": "An update of [ subversion, libtasn1, unzip, dhcp ] packages for PhotonOS has been released.", "cvss3": {}, "published": "2018-08-17T00:00:00", "type": "nessus", "title": "Photon OS 1.0: Dhcp / Libtasn1 / Subversion / Unzip PHSA-2016-0013 (deprecated)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7696", "CVE-2015-7697", "CVE-2015-8605", "CVE-2016-2167", "CVE-2016-2168", "CVE-2016-2774", "CVE-2016-4008"], "modified": "2019-02-07T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:dhcp", "p-cpe:/a:vmware:photonos:libtasn1", "p-cpe:/a:vmware:photonos:subversion", "p-cpe:/a:vmware:photonos:unzip", "cpe:/o:vmware:photonos:1.0"], "id": "PHOTONOS_PHSA-2016-0013.NASL", "href": "https://www.tenable.com/plugins/nessus/111847", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# @DEPRECATED@\n#\n# Disabled on 2/7/2019\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2016-0013. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(111847);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/02/07 18:59:50\");\n\n script_cve_id(\n \"CVE-2015-7696\",\n \"CVE-2015-7697\",\n \"CVE-2015-8605\",\n \"CVE-2016-2167\",\n \"CVE-2016-2168\",\n \"CVE-2016-2774\",\n \"CVE-2016-4008\"\n );\n\n script_name(english:\"Photon OS 1.0: Dhcp / Libtasn1 / Subversion / Unzip PHSA-2016-0013 (deprecated)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"This plugin has been deprecated.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of [ subversion, libtasn1, unzip, dhcp ] packages for\nPhotonOS has been released.\");\n # https://github.com/vmware/photon/wiki/Security-Updates-13\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?364ec0c7\");\n script_set_attribute(attribute:\"solution\", value:\"n/a.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-2774\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/12/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/08/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:dhcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:libtasn1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:subversion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:unzip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:1.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\nexit(0, \"This plugin has been deprecated.\");\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 1\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 1.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\npkgs = [\n \"dhcp-client-4.3.5-1.ph1\",\n \"dhcp-debuginfo-4.3.5-1.ph1\",\n \"dhcp-devel-4.3.5-1.ph1\",\n \"dhcp-libs-4.3.5-1.ph1\",\n \"dhcp-server-4.3.5-1.ph1\",\n \"libtasn1-4.7-3.ph1\",\n \"libtasn1-debuginfo-4.7-3.ph1\",\n \"libtasn1-devel-4.7-3.ph1\",\n \"subversion-1.9.4-1.ph1\",\n \"subversion-debuginfo-1.9.4-1.ph1\",\n \"subversion-devel-1.9.4-1.ph1\",\n \"unzip-6.0-7.ph1\",\n \"unzip-debuginfo-6.0-7.ph1\"\n];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"PhotonOS-1.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"dhcp / libtasn1 / subversion / unzip\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:23:04", "description": "Subversion Project reports :\n\nUsing the Serf RA layer of Subversion for HTTPS uses the apr_fnmatch API to handle matching wildcards in certificate Common Names and Subject Alternate Names. However, apr_fnmatch is not designed for this purpose. Instead it is designed to behave like common shell globbing.\nIn particular this means that '*' is not limited to a single label within a hostname (i.e. it will match '.'). But even further apr_fnmatch supports '?' and character classes (neither of which are part of the RFCs defining how certificate validation works).\n\nSubversion stores cached credentials by an MD5 hash based on the URL and the authentication realm of the server the credentials are cached for. MD5 has been shown to be subject to chosen plaintext hash collisions. This means it may be possible to generate an authentication realm which results in the same MD5 hash for a different URL.", "cvss3": {}, "published": "2014-08-12T00:00:00", "type": "nessus", "title": "FreeBSD : subversion -- several vulnerabilities (83a418cc-2182-11e4-802c-20cf30e32f6d)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3522", "CVE-2014-3528"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:subversion", "p-cpe:/a:freebsd:freebsd:subversion16", "p-cpe:/a:freebsd:freebsd:subversion17", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_83A418CC218211E4802C20CF30E32F6D.NASL", "href": "https://www.tenable.com/plugins/nessus/77125", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(77125);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2014-3522\", \"CVE-2014-3528\");\n\n script_name(english:\"FreeBSD : subversion -- several vulnerabilities (83a418cc-2182-11e4-802c-20cf30e32f6d)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Subversion Project reports :\n\nUsing the Serf RA layer of Subversion for HTTPS uses the apr_fnmatch\nAPI to handle matching wildcards in certificate Common Names and\nSubject Alternate Names. However, apr_fnmatch is not designed for this\npurpose. Instead it is designed to behave like common shell globbing.\nIn particular this means that '*' is not limited to a single label\nwithin a hostname (i.e. it will match '.'). But even further\napr_fnmatch supports '?' and character classes (neither of which are\npart of the RFCs defining how certificate validation works).\n\nSubversion stores cached credentials by an MD5 hash based on the URL\nand the authentication realm of the server the credentials are cached\nfor. MD5 has been shown to be subject to chosen plaintext hash\ncollisions. This means it may be possible to generate an\nauthentication realm which results in the same MD5 hash for a\ndifferent URL.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://subversion.apache.org/security/CVE-2014-3522-advisory.txt\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://subversion.apache.org/security/CVE-2014-3528-advisory.txt\"\n );\n # https://vuxml.freebsd.org/freebsd/83a418cc-2182-11e4-802c-20cf30e32f6d.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?aa0a664a\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:subversion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:subversion16\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:subversion17\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/08/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/08/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/08/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"subversion16>=1.0.0<1.7.18\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"subversion17>=1.0.0<1.7.18\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"subversion>=1.0.0<1.7.18\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"subversion>=1.8.0<1.8.10\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:30:19", "description": "The version of Subversion Server installed on the remote host is version 1.x.x prior to 1.7.18 or 1.8.x prior to 1.8.10. It is, therefore, affected by the following vulnerabilities :\n\n - A flaw exists in the Serf RA layer. This flaw causes wildcards for HTTPS connections to be improperly evaluated, which may result in the application accepting certificates that are not matched against the proper hostname. This may allow a remote man-in-the-middle attacker to intercept traffic and spoof valid sessions. (CVE-2014-3522)\n\n - An MD5 hash of the URL and authentication realm are used to store cached credentials, which may allow remote attackers to obtain these credentials via a specially crafted authentication realm. (CVE-2014-3528)", "cvss3": {}, "published": "2014-10-06T00:00:00", "type": "nessus", "title": "Apache Subversion 1.0.x - 1.7.17 / 1.8.x < 1.8.10 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3522", "CVE-2014-3528"], "modified": "2018-07-30T00:00:00", "cpe": ["cpe:/a:apache:subversion"], "id": "SUBVERSION_1_8_10.NASL", "href": "https://www.tenable.com/plugins/nessus/78068", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(78068);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2018/07/30 15:31:32\");\n\n script_cve_id(\"CVE-2014-3522\", \"CVE-2014-3528\");\n script_bugtraq_id(68995, 69237);\n\n script_name(english:\"Apache Subversion 1.0.x - 1.7.17 / 1.8.x < 1.8.10 Multiple Vulnerabilities\");\n script_summary(english:\"Checks the Subversion Server version.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host has an application that is affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Subversion Server installed on the remote host is\nversion 1.x.x prior to 1.7.18 or 1.8.x prior to 1.8.10. It is,\ntherefore, affected by the following vulnerabilities :\n\n - A flaw exists in the Serf RA layer. This flaw causes\n wildcards for HTTPS connections to be improperly\n evaluated, which may result in the application\n accepting certificates that are not matched against the\n proper hostname. This may allow a remote\n man-in-the-middle attacker to intercept traffic and\n spoof valid sessions. (CVE-2014-3522)\n\n - An MD5 hash of the URL and authentication realm are\n used to store cached credentials, which may allow\n remote attackers to obtain these credentials via a\n specially crafted authentication realm. (CVE-2014-3528)\");\n script_set_attribute(attribute:\"see_also\", value:\"http://subversion.apache.org/security/CVE-2014-3522-advisory.txt\");\n script_set_attribute(attribute:\"see_also\", value:\"http://subversion.apache.org/security/CVE-2014-3528-advisory.txt\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Subversion Server 1.7.18 / 1.8.10 or later, or apply the\nvendor-supplied patch or workaround.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/08/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/08/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/10/06\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apache:subversion\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"subversion_installed.nasl\");\n script_require_keys(\"installed_sw/Subversion Server\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"install_func.inc\");\n\nappname = 'Subversion Server';\ninstall = get_single_install(app_name:appname, exit_if_unknown_ver:TRUE);\n\npath = install['path'];\nversion = install['version'];\nprovider = install['Packaged with'];\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\n# Affected :\n# 1.0.0 through 1.7.17\n# 1.8.0 through 1.8.9\nif (\n (ver_compare(ver:version, fix:'1.0.0', strict:FALSE) >= 0 && ver_compare(ver:version, fix:'1.7.17', strict:FALSE) <= 0) ||\n (ver_compare(ver:version, fix:'1.8.0', strict:FALSE) >= 0 && ver_compare(ver:version, fix:'1.8.9', strict:FALSE) <= 0)\n)\n{\n port = get_kb_item(\"SMB/transport\");\n if (!port) port = 445;\n\n if (report_verbosity > 0)\n {\n report = '\\n Path : ' + path +\n '\\n Packaged with : ' + provider +\n '\\n Installed version : ' + version +\n '\\n Fixed versions : 1/7/18 / 1.8.10' +\n '\\n';\n security_warning(port:port, extra:report);\n }\n else security_warning(port);\n exit(0);\n}\nelse audit(AUDIT_INST_PATH_NOT_VULN, provider + ' ' + appname, version, path);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T18:35:25", "description": "The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:0282 advisory.\n\n - jenkins-2-plugins/subversion: XML parser is not preventing XML external entity (XXE) attacks (CVE-2020-2304)\n\n - jenkins-2-plugins/mercurial: XML parser is not preventing XML external entity (XXE) attacks (CVE-2020-2305)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-09-15T00:00:00", "type": "nessus", "title": "RHEL 7 : OpenShift Container Platform 4.4.33 packages and (RHSA-2021:0282)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-2304", "CVE-2020-2305"], "modified": "2023-01-23T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:jenkins-2-plugins"], "id": "REDHAT-RHSA-2021-0282.NASL", "href": "https://www.tenable.com/plugins/nessus/165124", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2021:0282. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(165124);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/23\");\n\n script_cve_id(\"CVE-2020-2304\", \"CVE-2020-2305\");\n script_xref(name:\"RHSA\", value:\"2021:0282\");\n\n script_name(english:\"RHEL 7 : OpenShift Container Platform 4.4.33 packages and (RHSA-2021:0282)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as\nreferenced in the RHSA-2021:0282 advisory.\n\n - jenkins-2-plugins/subversion: XML parser is not preventing XML external entity (XXE) attacks\n (CVE-2020-2304)\n\n - jenkins-2-plugins/mercurial: XML parser is not preventing XML external entity (XXE) attacks\n (CVE-2020-2305)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2304\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2305\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2021:0282\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1895939\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1895940\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected jenkins-2-plugins package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-2305\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(611);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/11/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/02/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/09/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jenkins-2-plugins\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '7')) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/dist/rhel/power-le/7/7Server/ppc64le/ose/4.4/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/ose/4.4/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/ose/4.4/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/ose/4.4/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/ose/4.4/os',\n 'content/dist/rhel/server/7/7Server/x86_64/ose/4.4/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/ose/4.4/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/ose/4.4/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/ose/4.4/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'jenkins-2-plugins-4.4.1611203637-1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'openshift-hyperkube'}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'jenkins-2-plugins');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:26:46", "description": "This update includes the latest stable release of _Apache Subversion_, version **1.12.2**. This update addresses two security vulnerabilities in **svnserve**, `CVE-2018-11782` and `CVE-2019-0203`. For more information, see :\n\nhttp://subversion.apache.org/security/CVE-2018-11782-advisory.txt http://subversion.apache.org/security/CVE-2019-0203-advisory.txt\n\n## User-visible changes :\n\n - Fix conflict resolver bug: local and incoming edits swapped. \n\n - Fix memory lifetime problem in a libsvn_wc error code path.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-08-12T00:00:00", "type": "nessus", "title": "Fedora 30 : subversion (2019-f6bc68e455)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-11782", "CVE-2019-0203"], "modified": "2020-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:subversion", "cpe:/o:fedoraproject:fedora:30"], "id": "FEDORA_2019-F6BC68E455.NASL", "href": "https://www.tenable.com/plugins/nessus/127538", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-f6bc68e455.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(127538);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2020/01/06\");\n\n script_cve_id(\"CVE-2018-11782\", \"CVE-2019-0203\");\n script_xref(name:\"FEDORA\", value:\"2019-f6bc68e455\");\n\n script_name(english:\"Fedora 30 : subversion (2019-f6bc68e455)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update includes the latest stable release of _Apache Subversion_,\nversion **1.12.2**. This update addresses two security vulnerabilities\nin **svnserve**, `CVE-2018-11782` and `CVE-2019-0203`. For more\ninformation, see :\n\nhttp://subversion.apache.org/security/CVE-2018-11782-advisory.txt\nhttp://subversion.apache.org/security/CVE-2019-0203-advisory.txt\n\n## User-visible changes :\n\n - Fix conflict resolver bug: local and incoming edits\n swapped. \n\n - Fix memory lifetime problem in a libsvn_wc error code\n path.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-f6bc68e455\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected subversion package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:subversion\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:30\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^30([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 30\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC30\", reference:\"subversion-1.12.2-1.fc30\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"subversion\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:27:00", "description": "The installed version of Subversion Server is prior to 1.9.11, 1.10.x prior to 1.10.5, 1.11.x or 1.12.x prior to 1.12.1 and is, therefore, affected by multiple vulnerabilities:\n\n - A denial of service (DoS) vulnerability exists in Subversion's svnserve server process due to that the process may exit when a well-formed read-only request produces a particular answer. A remote authenticated attacker can exploit this issue to cause a denial of service attack. (CVE-2018-11782)\n\n - A denial of service (DoS) vulnerability exists in Subversion's svnserve server process due to that the process may exit when a client sends certain sequences of protocol commands. A remote unauthenticated attacker can exploit this issue, If the server is configured with anonymous access enabled, to cause a remote denial of service attack. (CVE-2019-0203)", "cvss3": {}, "published": "2019-08-12T00:00:00", "type": "nessus", "title": "Apache Subversion < 1.9.11 / 1.10.x < 1.10.5 / 1.11.x / 1.12.x < 1.12.1 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-11782", "CVE-2019-0203"], "modified": "2021-06-03T00:00:00", "cpe": ["cpe:/a:apache:subversion"], "id": "SUBVERSION_1_12_1.NASL", "href": "https://www.tenable.com/plugins/nessus/127137", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(127137);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/06/03\");\n\n script_cve_id(\"CVE-2018-11782\", \"CVE-2019-0203\");\n script_xref(name:\"IAVA\", value:\"2019-A-0279-S\");\n\n script_name(english:\"Apache Subversion < 1.9.11 / 1.10.x < 1.10.5 / 1.11.x / 1.12.x < 1.12.1 Multiple Vulnerabilities\");\n script_summary(english:\"Checks Subversion Server version.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host has an application that is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The installed version of Subversion Server is prior to 1.9.11, 1.10.x prior to 1.10.5, 1.11.x or 1.12.x prior to 1.12.1 \nand is, therefore, affected by multiple vulnerabilities:\n\n - A denial of service (DoS) vulnerability exists in Subversion's svnserve server process due to that the process may exit\n when a well-formed read-only request produces a particular answer. A remote authenticated attacker can exploit this issue\n to cause a denial of service attack. (CVE-2018-11782)\n\n - A denial of service (DoS) vulnerability exists in Subversion's svnserve server process due to that the process may exit\n when a client sends certain sequences of protocol commands. A remote unauthenticated attacker can exploit this issue,\n If the server is configured with anonymous access enabled, to cause a remote denial of service attack. (CVE-2019-0203)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://subversion.apache.org/security/CVE-2019-0203-advisory.txt\");\n script_set_attribute(attribute:\"see_also\", value:\"https://subversion.apache.org/security/CVE-2018-11782-advisory.txt\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Subversion Server 1.9.11, 1.10.5, 1.12.1 or later, or apply the vendor-supplied patch or workaround.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-0203\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apache:subversion\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"subversion_installed.nasl\");\n script_require_keys(\"installed_sw/Subversion Server\");\n\n exit(0);\n}\n\ninclude(\"vcf.inc\");\ninclude(\"vcf_extras.inc\");\n\napp_info = vcf::get_app_info(app:\"Subversion Server\");\n\nconstraints = [\n { \"fixed_version\" : \"1.9.11\" },\n { \"min_version\" : \"1.10.0\", \"fixed_version\" : \"1.10.5\" },\n { \"min_version\" : \"1.11.0\", \"fixed_version\" : \"1.12.1\" }\n];\n\nvcf::apache_subversion::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T14:29:50", "description": "An update of the subversion package has been released.", "cvss3": {}, "published": "2019-10-22T00:00:00", "type": "nessus", "title": "Photon OS 2.0: Subversion PHSA-2019-2.0-0182", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-11782", "CVE-2019-0203"], "modified": "2019-12-17T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:subversion", "cpe:/o:vmware:photonos:2.0"], "id": "PHOTONOS_PHSA-2019-2_0-0182_SUBVERSION.NASL", "href": "https://www.tenable.com/plugins/nessus/130117", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2019-2.0-0182. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(130117);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/12/17\");\n\n script_cve_id(\"CVE-2018-11782\", \"CVE-2019-0203\");\n\n script_name(english:\"Photon OS 2.0: Subversion PHSA-2019-2.0-0182\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the subversion package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-2-182.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-0203\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/22\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:subversion\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:2.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 2.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"subversion-1.9.7-3.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"subversion-debuginfo-1.9.7-3.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"subversion-devel-1.9.7-3.ph2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"subversion\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T14:31:14", "description": "In Apache Subversion versions up to and including 1.9.10, 1.10.4, 1.12.0, Subversion's svnserve server process may exit when a well-formed read-only request produces a particular answer. This can lead to disruption for users of the server.(CVE-2018-11782)\n\nIn Apache Subversion versions up to and including 1.9.10, 1.10.4, 1.12.0, Subversion's svnserve server process may exit when a client sends certain sequences of protocol commands. This can lead to disruption for users of the server.(CVE-2019-0203)", "cvss3": {}, "published": "2019-11-07T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : subversion (ALAS-2019-1317)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-11782", "CVE-2019-0203"], "modified": "2019-12-17T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:mod24_dav_svn", "p-cpe:/a:amazon:linux:subversion", "p-cpe:/a:amazon:linux:subversion-debuginfo", "p-cpe:/a:amazon:linux:subversion-devel", "p-cpe:/a:amazon:linux:subversion-javahl", "p-cpe:/a:amazon:linux:subversion-libs", "p-cpe:/a:amazon:linux:subversion-perl", "p-cpe:/a:amazon:linux:subversion-python26", "p-cpe:/a:amazon:linux:subversion-python27", "p-cpe:/a:amazon:linux:subversion-ruby", "p-cpe:/a:amazon:linux:subversion-tools", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2019-1317.NASL", "href": "https://www.tenable.com/plugins/nessus/130610", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2019-1317.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(130610);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2019/12/17\");\n\n script_cve_id(\"CVE-2018-11782\", \"CVE-2019-0203\");\n script_xref(name:\"ALAS\", value:\"2019-1317\");\n\n script_name(english:\"Amazon Linux AMI : subversion (ALAS-2019-1317)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"In Apache Subversion versions up to and including 1.9.10, 1.10.4,\n1.12.0, Subversion's svnserve server process may exit when a\nwell-formed read-only request produces a particular answer. This can\nlead to disruption for users of the server.(CVE-2018-11782)\n\nIn Apache Subversion versions up to and including 1.9.10, 1.10.4,\n1.12.0, Subversion's svnserve server process may exit when a client\nsends certain sequences of protocol commands. This can lead to\ndisruption for users of the server.(CVE-2019-0203)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2019-1317.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update subversion' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:mod24_dav_svn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:subversion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:subversion-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:subversion-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:subversion-javahl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:subversion-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:subversion-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:subversion-python26\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:subversion-python27\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:subversion-ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:subversion-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/07\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"mod24_dav_svn-1.9.7-1.60.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"subversion-1.9.7-1.60.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"subversion-debuginfo-1.9.7-1.60.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"subversion-devel-1.9.7-1.60.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"subversion-javahl-1.9.7-1.60.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"subversion-libs-1.9.7-1.60.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"subversion-perl-1.9.7-1.60.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"subversion-python26-1.9.7-1.60.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"subversion-python27-1.9.7-1.60.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"subversion-ruby-1.9.7-1.60.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"subversion-tools-1.9.7-1.60.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mod24_dav_svn / subversion / subversion-debuginfo / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:26:45", "description": "Several vulnerabilities were discovered in Subversion, a version control system. The Common Vulnerabilities and Exposures project identifies the following problems :\n\n - CVE-2018-11782 Ace Olszowka reported that the Subversion's svnserve server process may exit when a well-formed read-only request produces a particular answer, leading to a denial of service.\n\n - CVE-2019-0203 Tomas Bortoli reported that the Subversion's svnserve server process may exit when a client sends certain sequences of protocol commands. If the server is configured with anonymous access enabled this could lead to a remote unauthenticated denial of service.", "cvss3": {}, "published": "2019-08-12T00:00:00", "type": "nessus", "title": "Debian DSA-4490-1 : subversion - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-11782", "CVE-2019-0203"], "modified": "2020-01-06T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:subversion", "cpe:/o:debian:debian_linux:10.0", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DSA-4490.NASL", "href": "https://www.tenable.com/plugins/nessus/127486", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4490. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(127486);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2020/01/06\");\n\n script_cve_id(\"CVE-2018-11782\", \"CVE-2019-0203\");\n script_xref(name:\"DSA\", value:\"4490\");\n\n script_name(english:\"Debian DSA-4490-1 : subversion - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities were discovered in Subversion, a version\ncontrol system. The Common Vulnerabilities and Exposures project\nidentifies the following problems :\n\n - CVE-2018-11782\n Ace Olszowka reported that the Subversion's svnserve\n server process may exit when a well-formed read-only\n request produces a particular answer, leading to a\n denial of service.\n\n - CVE-2019-0203\n Tomas Bortoli reported that the Subversion's svnserve\n server process may exit when a client sends certain\n sequences of protocol commands. If the server is\n configured with anonymous access enabled this could lead\n to a remote unauthenticated denial of service.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-11782\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2019-0203\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/subversion\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/subversion\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/buster/subversion\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2019/dsa-4490\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the subversion packages.\n\nFor the oldstable distribution (stretch), these problems have been\nfixed in version 1.9.5-1+deb9u4.\n\nFor the stable distribution (buster), these problems have been fixed\nin version 1.10.4-1+deb10u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:subversion\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:10.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"10.0\", prefix:\"libapache2-mod-svn\", reference:\"1.10.4-1+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libsvn-dev\", reference:\"1.10.4-1+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libsvn-doc\", reference:\"1.10.4-1+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libsvn-java\", reference:\"1.10.4-1+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libsvn-perl\", reference:\"1.10.4-1+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libsvn1\", reference:\"1.10.4-1+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"python-subversion\", reference:\"1.10.4-1+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"ruby-svn\", reference:\"1.10.4-1+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"subversion\", reference:\"1.10.4-1+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"subversion-tools\", reference:\"1.10.4-1+deb10u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libapache2-mod-svn\", reference:\"1.9.5-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libsvn-dev\", reference:\"1.9.5-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libsvn-doc\", reference:\"1.9.5-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libsvn-java\", reference:\"1.9.5-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libsvn-perl\", reference:\"1.9.5-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libsvn1\", reference:\"1.9.5-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"python-subversion\", reference:\"1.9.5-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"ruby-svn\", reference:\"1.9.5-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"subversion\", reference:\"1.9.5-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"subversion-tools\", reference:\"1.9.5-1+deb9u4\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:27:14", "description": "Ace Olszowka discovered that Subversion incorrectly handled certain svnserve requests. A remote attacker could possibly use this issue to cause svnserver to crash, resulting in a denial of service.\n(CVE-2018-11782)\n\nTomas Bortoli discovered that Subversion incorrectly handled certain svnserve requests. A remote attacker could possibly use this issue to cause svnserver to crash, resulting in a denial of service.\n(CVE-2019-0203).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-08-12T00:00:00", "type": "nessus", "title": "Ubuntu 16.04 LTS : Subversion vulnerabilities (USN-4082-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-11782", "CVE-2019-0203"], "modified": "2023-05-11T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libsvn1", "p-cpe:/a:canonical:ubuntu_linux:subversion", "cpe:/o:canonical:ubuntu_linux:16.04"], "id": "UBUNTU_USN-4082-1.NASL", "href": "https://www.tenable.com/plugins/nessus/127799", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-4082-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(127799);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/11\");\n\n script_cve_id(\"CVE-2018-11782\", \"CVE-2019-0203\");\n script_xref(name:\"USN\", value:\"4082-1\");\n\n script_name(english:\"Ubuntu 16.04 LTS : Subversion vulnerabilities (USN-4082-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Ace Olszowka discovered that Subversion incorrectly handled certain\nsvnserve requests. A remote attacker could possibly use this issue to\ncause svnserver to crash, resulting in a denial of service.\n(CVE-2018-11782)\n\nTomas Bortoli discovered that Subversion incorrectly handled certain\nsvnserve requests. A remote attacker could possibly use this issue to\ncause svnserver to crash, resulting in a denial of service.\n(CVE-2019-0203).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/4082-1/\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected libsvn1 and / or subversion packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libsvn1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:subversion\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2019-2023 Canonical, Inc. / NASL script (C) 2019-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(16\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 16.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nvar flag = 0;\n\nif (ubuntu_check(osver:\"16.04\", pkgname:\"libsvn1\", pkgver:\"1.9.3-2ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"subversion\", pkgver:\"1.9.3-2ubuntu1.3\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libsvn1 / subversion\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:27:25", "description": "This update for subversion to version 1.10.6 fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2018-11782: Fixed a remote denial of service in svnserve 'get-deleted-rev' (bsc#1142743).\n\nCVE-2019-0203: Fixed a remote, unauthenticated denial of service in svnserve (bsc#1142721).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-08-12T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : subversion (SUSE-SU-2019:2031-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-11782", "CVE-2019-0203"], "modified": "2021-01-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libsvn_auth_gnome_keyring-1", "p-cpe:/a:novell:suse_linux:libsvn_auth_gnome_keyring-1-0-debuginfo", "p-cpe:/a:novell:suse_linux:subversion", "p-cpe:/a:novell:suse_linux:subversion-debuginfo", "p-cpe:/a:novell:suse_linux:subversion-debugsource", "p-cpe:/a:novell:suse_linux:subversion-devel", "p-cpe:/a:novell:suse_linux:subversion-perl", "p-cpe:/a:novell:suse_linux:subversion-perl-debuginfo", "p-cpe:/a:novell:suse_linux:subversion-python", "p-cpe:/a:novell:suse_linux:subversion-python-ctypes", "p-cpe:/a:novell:suse_linux:subversion-python-debuginfo", "p-cpe:/a:novell:suse_linux:subversion-ruby", "p-cpe:/a:novell:suse_linux:subversion-ruby-debuginfo", "p-cpe:/a:novell:suse_linux:subversion-server", "p-cpe:/a:novell:suse_linux:subversion-server-debuginfo", "p-cpe:/a:novell:suse_linux:subversion-tools", "p-cpe:/a:novell:suse_linux:subversion-tools-debuginfo", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2019-2031-1.NASL", "href": "https://www.tenable.com/plugins/nessus/127760", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:2031-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(127760);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2018-11782\", \"CVE-2019-0203\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : subversion (SUSE-SU-2019:2031-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for subversion to version 1.10.6 fixes the following\nissues :\n\nSecurity issues fixed :\n\nCVE-2018-11782: Fixed a remote denial of service in svnserve\n'get-deleted-rev' (bsc#1142743).\n\nCVE-2019-0203: Fixed a remote, unauthenticated denial of service in\nsvnserve (bsc#1142721).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1142721\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1142743\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-11782/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-0203/\"\n );\n # https://www.suse.com/support/update/announcement/2019/suse-su-20192031-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?277a40da\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for Server Applications 15-SP1:zypper in\n-t patch SUSE-SLE-Module-Server-Applications-15-SP1-2019-2031=1\n\nSUSE Linux Enterprise Module for Server Applications 15:zypper in -t\npatch SUSE-SLE-Module-Server-Applications-15-2019-2031=1\n\nSUSE Linux Enterprise Module for Open Buildservice Development Tools\n15-SP1:zypper in -t patch\nSUSE-SLE-Module-Development-Tools-OBS-15-SP1-2019-2031=1\n\nSUSE Linux Enterprise Module for Open Buildservice Development Tools\n15:zypper in -t patch\nSUSE-SLE-Module-Development-Tools-OBS-15-2019-2031=1\n\nSUSE Linux Enterprise Module for Development Tools 15-SP1:zypper in -t\npatch SUSE-SLE-Module-Development-Tools-15-SP1-2019-2031=1\n\nSUSE Linux Enterprise Module for Development Tools 15:zypper in -t\npatch SUSE-SLE-Module-Development-Tools-15-2019-2031=1\n\nSUSE Linux Enterprise Module for Basesystem 15-SP1:zypper in -t patch\nSUSE-SLE-Module-Basesystem-15-SP1-2019-2031=1\n\nSUSE Linux Enterprise Module for Basesystem 15:zypper in -t patch\nSUSE-SLE-Module-Basesystem-15-2019-2031=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsvn_auth_gnome_keyring-1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsvn_auth_gnome_keyring-1-0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:subversion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:subversion-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:subversion-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:subversion-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:subversion-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:subversion-perl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:subversion-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:subversion-python-ctypes\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:subversion-python-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:subversion-ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:subversion-ruby-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:subversion-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:subversion-server-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:subversion-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:subversion-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(0|1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP0/1\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(0|1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP0/1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libsvn_auth_gnome_keyring-1-0-1.10.6-3.6.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libsvn_auth_gnome_keyring-1-0-debuginfo-1.10.6-3.6.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"subversion-1.10.6-3.6.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"subversion-debuginfo-1.10.6-3.6.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"subversion-debugsource-1.10.6-3.6.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"subversion-devel-1.10.6-3.6.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"subversion-perl-1.10.6-3.6.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"subversion-perl-debuginfo-1.10.6-3.6.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"subversion-python-1.10.6-3.6.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"subversion-python-ctypes-1.10.6-3.6.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"subversion-python-debuginfo-1.10.6-3.6.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"subversion-ruby-1.10.6-3.6.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"subversion-ruby-debuginfo-1.10.6-3.6.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"subversion-server-1.10.6-3.6.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"subversion-server-debuginfo-1.10.6-3.6.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"subversion-tools-1.10.6-3.6.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"subversion-tools-debuginfo-1.10.6-3.6.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsvn_auth_gnome_keyring-1-0-1.10.6-3.6.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsvn_auth_gnome_keyring-1-0-debuginfo-1.10.6-3.6.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"subversion-1.10.6-3.6.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"subversion-debuginfo-1.10.6-3.6.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"subversion-debugsource-1.10.6-3.6.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"subversion-devel-1.10.6-3.6.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"subversion-perl-1.10.6-3.6.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"subversion-perl-debuginfo-1.10.6-3.6.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"subversion-python-1.10.6-3.6.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"subversion-python-ctypes-1.10.6-3.6.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"subversion-python-debuginfo-1.10.6-3.6.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"subversion-ruby-1.10.6-3.6.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"subversion-ruby-debuginfo-1.10.6-3.6.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"subversion-server-1.10.6-3.6.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"subversion-server-debuginfo-1.10.6-3.6.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"subversion-tools-1.10.6-3.6.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"subversion-tools-debuginfo-1.10.6-3.6.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libsvn_auth_gnome_keyring-1-0-1.10.6-3.6.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libsvn_auth_gnome_keyring-1-0-debuginfo-1.10.6-3.6.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"subversion-1.10.6-3.6.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"subversion-debuginfo-1.10.6-3.6.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"subversion-debugsource-1.10.6-3.6.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"subversion-devel-1.10.6-3.6.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"subversion-perl-1.10.6-3.6.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"subversion-perl-debuginfo-1.10.6-3.6.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"subversion-python-1.10.6-3.6.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"subversion-python-ctypes-1.10.6-3.6.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"subversion-python-debuginfo-1.10.6-3.6.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"subversion-ruby-1.10.6-3.6.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"subversion-ruby-debuginfo-1.10.6-3.6.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"subversion-tools-1.10.6-3.6.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"subversion-tools-debuginfo-1.10.6-3.6.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsvn_auth_gnome_keyring-1-0-1.10.6-3.6.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsvn_auth_gnome_keyring-1-0-debuginfo-1.10.6-3.6.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"subversion-1.10.6-3.6.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"subversion-debuginfo-1.10.6-3.6.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"subversion-debugsource-1.10.6-3.6.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"subversion-devel-1.10.6-3.6.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"subversion-perl-1.10.6-3.6.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"subversion-perl-debuginfo-1.10.6-3.6.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"subversion-python-1.10.6-3.6.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"subversion-python-ctypes-1.10.6-3.6.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"subversion-python-debuginfo-1.10.6-3.6.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"subversion-ruby-1.10.6-3.6.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"subversion-ruby-debuginfo-1.10.6-3.6.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"subversion-tools-1.10.6-3.6.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"subversion-tools-debuginfo-1.10.6-3.6.2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"subversion\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T14:27:53", "description": "This update for subversion to version 1.10.6 fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2018-11782: Fixed a remote denial of service in svnserve 'get-deleted-rev' (bsc#1142743).\n\n - CVE-2019-0203: Fixed a remote, unauthenticated denial of service in svnserve (bsc#1142721).\n\nThis update was imported from the SUSE:SLE-15:Update update project.", "cvss3": {}, "published": "2019-08-20T00:00:00", "type": "nessus", "title": "openSUSE Security Update : subversion (openSUSE-2019-1910)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-11782", "CVE-2019-0203"], "modified": "2020-09-23T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libsvn_auth_gnome_keyring-1-0", "p-cpe:/a:novell:opensuse:libsvn_auth_gnome_keyring-1-0-debuginfo", "p-cpe:/a:novell:opensuse:libsvn_auth_kwallet-1-0", "p-cpe:/a:novell:opensuse:libsvn_auth_kwallet-1-0-debuginfo", "p-cpe:/a:novell:opensuse:subversion", "p-cpe:/a:novell:opensuse:subversion-bash-completion", "p-cpe:/a:novell:opensuse:subversion-debuginfo", "p-cpe:/a:novell:opensuse:subversion-debugsource", "p-cpe:/a:novell:opensuse:subversion-devel", "p-cpe:/a:novell:opensuse:subversion-perl", "p-cpe:/a:novell:opensuse:subversion-perl-debuginfo", "p-cpe:/a:novell:opensuse:subversion-python", "p-cpe:/a:novell:opensuse:subversion-python-ctypes", "p-cpe:/a:novell:opensuse:subversion-python-debuginfo", "p-cpe:/a:novell:opensuse:subversion-ruby", "p-cpe:/a:novell:opensuse:subversion-ruby-debuginfo", "p-cpe:/a:novell:opensuse:subversion-server", "p-cpe:/a:novell:opensuse:subversion-server-debuginfo", "p-cpe:/a:novell:opensuse:subversion-tools", "p-cpe:/a:novell:opensuse:subversion-tools-debuginfo", "cpe:/o:novell:opensuse:15.1"], "id": "OPENSUSE-2019-1910.NASL", "href": "https://www.tenable.com/plugins/nessus/128002", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-1910.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(128002);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/09/23\");\n\n script_cve_id(\"CVE-2018-11782\", \"CVE-2019-0203\");\n\n script_name(english:\"openSUSE Security Update : subversion (openSUSE-2019-1910)\");\n script_summary(english:\"Check for the openSUSE-2019-1910 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for subversion to version 1.10.6 fixes the following\nissues :\n\nSecurity issues fixed :\n\n - CVE-2018-11782: Fixed a remote denial of service in\n svnserve 'get-deleted-rev' (bsc#1142743).\n\n - CVE-2019-0203: Fixed a remote, unauthenticated denial of\n service in svnserve (bsc#1142721).\n\nThis update was imported from the SUSE:SLE-15:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1142721\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1142743\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected subversion packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsvn_auth_gnome_keyring-1-0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsvn_auth_gnome_keyring-1-0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsvn_auth_kwallet-1-0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsvn_auth_kwallet-1-0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-bash-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-perl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-python-ctypes\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-python-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-ruby-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-server-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/20\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libsvn_auth_gnome_keyring-1-0-1.10.6-lp151.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libsvn_auth_gnome_keyring-1-0-debuginfo-1.10.6-lp151.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libsvn_auth_kwallet-1-0-1.10.6-lp151.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libsvn_auth_kwallet-1-0-debuginfo-1.10.6-lp151.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"subversion-1.10.6-lp151.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"subversion-bash-completion-1.10.6-lp151.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"subversion-debuginfo-1.10.6-lp151.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"subversion-debugsource-1.10.6-lp151.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"subversion-devel-1.10.6-lp151.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"subversion-perl-1.10.6-lp151.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"subversion-perl-debuginfo-1.10.6-lp151.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"subversion-python-1.10.6-lp151.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"subversion-python-ctypes-1.10.6-lp151.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"subversion-python-debuginfo-1.10.6-lp151.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"subversion-ruby-1.10.6-lp151.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"subversion-ruby-debuginfo-1.10.6-lp151.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"subversion-server-1.10.6-lp151.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"subversion-server-debuginfo-1.10.6-lp151.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"subversion-tools-1.10.6-lp151.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"subversion-tools-debuginfo-1.10.6-lp151.4.3.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libsvn_auth_gnome_keyring-1-0 / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:27:50", "description": "Several vulnerabilities were discovered in Subversion, a version control system. The Common Vulnerabilities and Exposures project identifies the following problems :\n\nCVE-2018-11782\n\nAce Olszowka reported that the Subversion's svnserve server process may exit when a well-formed read-only request produces a particular answer, leading to a denial of service.\n\nCVE-2019-0203\n\nTomas Bortoli reported that the Subversion's svnserve server process may exit when a client sends certain sequences of protocol commands.\nIf the server is configured with anonymous access enabled this could lead to a remote unauthenticated denial of service.\n\nFor Debian 8 'Jessie', these problems have been fixed in version 1.8.10-6+deb8u7.\n\nWe recommend that you upgrade your subversion packages.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-08-30T00:00:00", "type": "nessus", "title": "Debian DLA-1903-1 : subversion security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-11782", "CVE-2019-0203"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libapache2-mod-svn", "p-cpe:/a:debian:debian_linux:libapache2-svn", "p-cpe:/a:debian:debian_linux:libsvn-dev", "p-cpe:/a:debian:debian_linux:libsvn-doc", "p-cpe:/a:debian:debian_linux:libsvn-java", "p-cpe:/a:debian:debian_linux:libsvn-perl", "p-cpe:/a:debian:debian_linux:libsvn-ruby1.8", "p-cpe:/a:debian:debian_linux:libsvn1", "p-cpe:/a:debian:debian_linux:python-subversion", "p-cpe:/a:debian:debian_linux:ruby-svn", "p-cpe:/a:debian:debian_linux:subversion", "p-cpe:/a:debian:debian_linux:subversion-dbg", "p-cpe:/a:debian:debian_linux:subversion-tools", "cpe:/o:debian:debian_linux:8.0"], "id": "DEBIAN_DLA-1903.NASL", "href": "https://www.tenable.com/plugins/nessus/128395", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-1903-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(128395);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2018-11782\", \"CVE-2019-0203\");\n\n script_name(english:\"Debian DLA-1903-1 : subversion security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities were discovered in Subversion, a version\ncontrol system. The Common Vulnerabilities and Exposures project\nidentifies the following problems :\n\nCVE-2018-11782\n\nAce Olszowka reported that the Subversion's svnserve server process\nmay exit when a well-formed read-only request produces a particular\nanswer, leading to a denial of service.\n\nCVE-2019-0203\n\nTomas Bortoli reported that the Subversion's svnserve server process\nmay exit when a client sends certain sequences of protocol commands.\nIf the server is configured with anonymous access enabled this could\nlead to a remote unauthenticated denial of service.\n\nFor Debian 8 'Jessie', these problems have been fixed in version\n1.8.10-6+deb8u7.\n\nWe recommend that you upgrade your subversion packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2019/08/msg00037.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/subversion\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libapache2-mod-svn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libapache2-svn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libsvn-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libsvn-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libsvn-java\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libsvn-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libsvn-ruby1.8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libsvn1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python-subversion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ruby-svn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:subversion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:subversion-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:subversion-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/30\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"libapache2-mod-svn\", reference:\"1.8.10-6+deb8u7\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libapache2-svn\", reference:\"1.8.10-6+deb8u7\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libsvn-dev\", reference:\"1.8.10-6+deb8u7\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libsvn-doc\", reference:\"1.8.10-6+deb8u7\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libsvn-java\", reference:\"1.8.10-6+deb8u7\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libsvn-perl\", reference:\"1.8.10-6+deb8u7\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libsvn-ruby1.8\", reference:\"1.8.10-6+deb8u7\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libsvn1\", reference:\"1.8.10-6+deb8u7\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"python-subversion\", reference:\"1.8.10-6+deb8u7\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ruby-svn\", reference:\"1.8.10-6+deb8u7\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"subversion\", reference:\"1.8.10-6+deb8u7\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"subversion-dbg\", reference:\"1.8.10-6+deb8u7\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"subversion-tools\", reference:\"1.8.10-6+deb8u7\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:18:11", "description": "This update fixes the following security issues :\n\n - CVE-2015-5343: Possible remotely triggerable heap overflow and out-of-bounds read in mod_dav_svn caused by integer overflow when parsing skel-encoded request bodies. (bsc#958300)\n\n - CVE-2015-3184: mod_authz_svn information leak information in mixed anonymous/authenticated httpd (dav) configurations (bsc#939514)\n\n - CVE-2015-3187: hidden paths leaked by path-based authz (bsc#939517)", "cvss3": {}, "published": "2015-12-29T00:00:00", "type": "nessus", "title": "openSUSE Security Update : subversion (openSUSE-2015-949)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-3184", "CVE-2015-3187", "CVE-2015-5343"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libsvn_auth_gnome_keyring-1-0", "p-cpe:/a:novell:opensuse:libsvn_auth_gnome_keyring-1-0-debuginfo", "p-cpe:/a:novell:opensuse:libsvn_auth_kwallet-1-0", "p-cpe:/a:novell:opensuse:libsvn_auth_kwallet-1-0-debuginfo", "p-cpe:/a:novell:opensuse:subversion", "p-cpe:/a:novell:opensuse:subversion-bash-completion", "p-cpe:/a:novell:opensuse:subversion-debuginfo", "p-cpe:/a:novell:opensuse:subversion-debugsource", "p-cpe:/a:novell:opensuse:subversion-devel", "p-cpe:/a:novell:opensuse:subversion-perl", "p-cpe:/a:novell:opensuse:subversion-perl-debuginfo", "p-cpe:/a:novell:opensuse:subversion-python", "p-cpe:/a:novell:opensuse:subversion-python-debuginfo", "p-cpe:/a:novell:opensuse:subversion-ruby", "p-cpe:/a:novell:opensuse:subversion-ruby-debuginfo", "p-cpe:/a:novell:opensuse:subversion-server", "p-cpe:/a:novell:opensuse:subversion-server-debuginfo", "p-cpe:/a:novell:opensuse:subversion-tools", "p-cpe:/a:novell:opensuse:subversion-tools-debuginfo", "cpe:/o:novell:opensuse:42.1"], "id": "OPENSUSE-2015-949.NASL", "href": "https://www.tenable.com/plugins/nessus/87624", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2015-949.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87624);\n script_version(\"2.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2015-3184\", \"CVE-2015-3187\", \"CVE-2015-5343\");\n\n script_name(english:\"openSUSE Security Update : subversion (openSUSE-2015-949)\");\n script_summary(english:\"Check for the openSUSE-2015-949 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes the following security issues :\n\n - CVE-2015-5343: Possible remotely triggerable heap\n overflow and out-of-bounds read in mod_dav_svn caused by\n integer overflow when parsing skel-encoded request\n bodies. (bsc#958300)\n\n - CVE-2015-3184: mod_authz_svn information leak\n information in mixed anonymous/authenticated httpd (dav)\n configurations (bsc#939514)\n\n - CVE-2015-3187: hidden paths leaked by path-based authz\n (bsc#939517)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=939514\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=939517\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=958300\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected subversion packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsvn_auth_gnome_keyring-1-0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsvn_auth_gnome_keyring-1-0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsvn_auth_kwallet-1-0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsvn_auth_kwallet-1-0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-bash-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-perl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-python-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-ruby-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-server-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:subversion-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libsvn_auth_gnome_keyring-1-0-1.8.10-6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libsvn_auth_gnome_keyring-1-0-debuginfo-1.8.10-6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libsvn_auth_kwallet-1-0-1.8.10-6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libsvn_auth_kwallet-1-0-debuginfo-1.8.10-6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"subversion-1.8.10-6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"subversion-bash-completion-1.8.10-6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"subversion-debuginfo-1.8.10-6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"subversion-debugsource-1.8.10-6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"subversion-devel-1.8.10-6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"subversion-perl-1.8.10-6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"subversion-perl-debuginfo-1.8.10-6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"subversion-python-1.8.10-6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"subversion-python-debuginfo-1.8.10-6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"subversion-ruby-1.8.10-6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"subversion-ruby-debuginfo-1.8.10-6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"subversion-server-1.8.10-6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"subversion-server-debuginfo-1.8.10-6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"subversion-tools-1.8.10-6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"subversion-tools-debuginfo-1.8.10-6.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libsvn_auth_gnome_keyring-1-0 / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:23:11", "description": "Lieven Govaerts discovered that the Subversion mod_dav_svn module incorrectly handled certain request methods when SVNListParentPath was enabled. A remote attacker could use this issue to cause the server to crash, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS. (CVE-2014-0032)\n\nBen Reser discovered that Subversion did not correctly validate SSL certificates containing wildcards. A remote attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications. (CVE-2014-3522)\n\nBert Huijben discovered that Subversion did not properly handle cached credentials. A malicious server could possibly use this issue to obtain credentials cached for a different server. (CVE-2014-3528).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2014-08-15T00:00:00", "type": "nessus", "title": "Ubuntu 12.04 LTS / 14.04 LTS : subversion vulnerabilities (USN-2316-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-0032", "CVE-2014-3522", "CVE-2014-3528"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libapache2-svn", "p-cpe:/a:canonical:ubuntu_linux:libsvn1", "p-cpe:/a:canonical:ubuntu_linux:subversion", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "UBUNTU_USN-2316-1.NASL", "href": "https://www.tenable.com/plugins/nessus/77219", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2316-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(77219);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2014-0032\", \"CVE-2014-3522\", \"CVE-2014-3528\");\n script_bugtraq_id(65434, 68995, 69237);\n script_xref(name:\"USN\", value:\"2316-1\");\n\n script_name(english:\"Ubuntu 12.04 LTS / 14.04 LTS : subversion vulnerabilities (USN-2316-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Lieven Govaerts discovered that the Subversion mod_dav_svn module\nincorrectly handled certain request methods when SVNListParentPath was\nenabled. A remote attacker could use this issue to cause the server to\ncrash, resulting in a denial of service. This issue only affected\nUbuntu 12.04 LTS. (CVE-2014-0032)\n\nBen Reser discovered that Subversion did not correctly validate SSL\ncertificates containing wildcards. A remote attacker could exploit\nthis to perform a man in the middle attack to view sensitive\ninformation or alter encrypted communications. (CVE-2014-3522)\n\nBert Huijben discovered that Subversion did not properly handle cached\ncredentials. A malicious server could possibly use this issue to\nobtain credentials cached for a different server. (CVE-2014-3528).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2316-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected libapache2-svn, libsvn1 and / or subversion\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libapache2-svn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libsvn1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:subversion\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/02/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/08/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/08/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2014-2020 Canonical, Inc. / NASL script (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(12\\.04|14\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04 / 14.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"libapache2-svn\", pkgver:\"1.6.17dfsg-3ubuntu3.4\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"libsvn1\", pkgver:\"1.6.17dfsg-3ubuntu3.4\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"subversion\", pkgver:\"1.6.17dfsg-3ubuntu3.4\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"libsvn1\", pkgver:\"1.8.8-1ubuntu3.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"subversion\", pkgver:\"1.8.8-1ubuntu3.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libapache2-svn / libsvn1 / subversion\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}], "mageia": [{"lastseen": "2023-06-03T15:12:47", "description": "Updated subversion packages fix security vulnerabilities: Daniel Shahaf and James McCoy discovered that an implementation error in the authentication against the Cyrus SASL library would permit a remote user to specify a realm string which is a prefix of the expected realm string and potentially allowing a user to authenticate using the wrong realm (CVE-2016-2167). Ivan Zhakov of VisualSVN discovered a remotely triggerable denial of service vulnerability in the mod_authz_svn module during COPY or MOVE authorization check. An authenticated remote attacker could take advantage of this flaw to cause a denial of service (Subversion server crash) via COPY or MOVE requests with specially crafted header (CVE-2016-2168). \n", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 6.8, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2016-05-05T09:05:33", "type": "mageia", "title": "Updated subversion packages fix security vulnerabilities\n", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.9, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2167", "CVE-2016-2168"], "modified": "2016-05-05T09:05:33", "id": "MGASA-2016-0161", "href": "https://advisories.mageia.org/MGASA-2016-0161.html", "cvss": {"score": 4.9, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:N"}}, {"lastseen": "2023-06-03T15:12:47", "description": "Subversion's mod_dontdothat module and clients using http(s):// are vulnerable to a denial-of-service attack caused by exponential XML entity expansion. The attack, otherwise known as the \"billion laughs attack\", targets XML parsers and can cause the targeted process to consume an excessive amount of CPU resources or memory (CVE-2016-8734). \n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2017-01-07T21:39:59", "type": "mageia", "title": "Updated subversion packages fix security vulnerability\n", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8734"], "modified": "2017-01-07T21:39:59", "id": "MGASA-2017-0009", "href": "https://advisories.mageia.org/MGASA-2017-0009.html", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2023-09-09T12:40:39", "description": "Updated subversion packages fix security vulnerability: Subversion's httpd servers are vulnerable to a remotely triggerable heap-based buffer overflow and out-of-bounds read caused by an integer overflow when parsing skel-encoded request bodies (CVE-2015-5343). This allows remote attackers with write access to a repository to cause a denial of service or possibly execute arbitrary code under the context of the httpd process. 32-bit server versions are vulnerable to both the denial-of-service attack and possible arbitrary code execution. 64-bit server versions are only vulnerable to the denial-of-service attack. \n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "LOW", "baseScore": 7.6, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 4.7}, "published": "2015-12-28T19:23:26", "type": "mageia", "title": "Updated subversion packages fix security vulnerabilities\n", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "COMPLETE", "integrityImpact": "PARTIAL", "baseScore": 8.0, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 8.5, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-5343"], "modified": "2015-12-28T19:23:26", "id": "MGASA-2015-0490", "href": "https://advisories.mageia.org/MGASA-2015-0490.html", "cvss": {"score": 8.0, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:C"}}, {"lastseen": "2023-09-28T09:09:51", "description": "Updated serf packages fix security vulnerability: Ben Reser discovered that serf did not correctly handle SSL certificates with NUL bytes in the CommonName or SubjectAltNames fields. A remote attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications (CVE-2014-3504). \n", "cvss3": {}, "published": "2014-08-26T23:04:56", "type": "mageia", "title": "Updated serf packages fix CVE-2014-3504\n", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.0, "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3504"], "modified": "2014-08-26T23:04:56", "id": "MGASA-2014-0353", "href": "https://advisories.mageia.org/MGASA-2014-0353.html", "cvss": {"score": 4.0, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-09-28T09:09:51", "description": "Updated subversion packages fix security vulnerabilities: Ben Reser discovered that Subversion did not correctly validate SSL certificates containing wildcards. A remote attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications (CVE-2014-3522). Bert Huijben discovered that Subversion did not properly handle cached credentials. A malicious server could possibly use this issue to obtain credentials cached for a different server (CVE-2014-3528). The subversion package has been updated to 1.8.10 to fix these issues and other bugs. \n", "cvss3": {}, "published": "2014-08-21T09:36:13", "type": "mageia", "title": "Updated subversion packages fix security vulnerabilities\n", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.0, "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3522", "CVE-2014-3528"], "modified": "2014-08-21T09:36:13", "id": "MGASA-2014-0339", "href": "https://advisories.mageia.org/MGASA-2014-0339.html", "cvss": {"score": 4.0, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-07-16T16:33:27", "description": "Updated subversion packages fix security vulnerabilities: Subversion's svnserve server process may exit when a well-formed read-only request produces a particular answer (CVE-2018-11782). Subversion's svnserve server process may exit when a client sends certain sequences of protocol commands (CVE-2019-0203). \n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-09-06T21:09:08", "type": "mageia", "title": "Updated subversion packages fix security vulnerabilities\n", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-11782", "CVE-2019-0203"], "modified": "2019-08-31T15:49:48", "id": "MGASA-2019-0243", "href": "https://advisories.mageia.org/MGASA-2019-0243.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "amazon": [{"lastseen": "2023-06-03T15:24:51", "description": "**Issue Overview:**\n\nThe canonicalize_username function in svnserve/cyrus_auth.c in Apache Subversion before 1.8.16 and 1.9.x before 1.9.4, when Cyrus SASL authentication is used, allows remote attackers to authenticate and bypass intended access restrictions via a realm string that is a prefix of an expected repository realm string. (CVE-2016-2167)\n\nThe req_check_access function in the mod_authz_svn module in the httpd server in Apache Subversion before 1.8.16 and 1.9.x before 1.9.4 allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) via a crafted header in a (1) MOVE or (2) COPY request, involving an authorization check. (CVE-2016-2168)\n\n \n**Affected Packages:** \n\n\nsubversion\n\n \n**Issue Correction:** \nRun _yum update subversion_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n i686: \n \u00a0\u00a0\u00a0 subversion-perl-1.9.4-2.54.amzn1.i686 \n \u00a0\u00a0\u00a0 subversion-1.9.4-2.54.amzn1.i686 \n \u00a0\u00a0\u00a0 subversion-javahl-1.9.4-2.54.amzn1.i686 \n \u00a0\u00a0\u00a0 subversion-devel-1.9.4-2.54.amzn1.i686 \n \u00a0\u00a0\u00a0 subversion-python26-1.9.4-2.54.amzn1.i686 \n \u00a0\u00a0\u00a0 subversion-tools-1.9.4-2.54.amzn1.i686 \n \u00a0\u00a0\u00a0 subversion-ruby-1.9.4-2.54.amzn1.i686 \n \u00a0\u00a0\u00a0 subversion-debuginfo-1.9.4-2.54.amzn1.i686 \n \u00a0\u00a0\u00a0 mod24_dav_svn-1.9.4-2.54.amzn1.i686 \n \u00a0\u00a0\u00a0 subversion-python27-1.9.4-2.54.amzn1.i686 \n \u00a0\u00a0\u00a0 subversion-libs-1.9.4-2.54.amzn1.i686 \n \n src: \n \u00a0\u00a0\u00a0 subversion-1.9.4-2.54.amzn1.src \n \n x86_64: \n \u00a0\u00a0\u00a0 subversion-python27-1.9.4-2.54.amzn1.x86_64 \n \u00a0\u00a0\u00a0 subversion-ruby-1.9.4-2.54.amzn1.x86_64 \n \u00a0\u00a0\u00a0 subversion-tools-1.9.4-2.54.amzn1.x86_64 \n \u00a0\u00a0\u00a0 subversion-debuginfo-1.9.4-2.54.amzn1.x86_64 \n \u00a0\u00a0\u00a0 subversion-1.9.4-2.54.amzn1.x86_64 \n \u00a0\u00a0\u00a0 subversion-perl-1.9.4-2.54.amzn1.x86_64 \n \u00a0\u00a0\u00a0 subversion-javahl-1.9.4-2.54.amzn1.x86_64 \n \u00a0\u00a0\u00a0 subversion-devel-1.9.4-2.54.amzn1.x86_64 \n \u00a0\u00a0\u00a0 subversion-libs-1.9.4-2.54.amzn1.x86_64 \n \u00a0\u00a0\u00a0 subversion-python26-1.9.4-2.54.amzn1.x86_64 \n \u00a0\u00a0\u00a0 mod24_dav_svn-1.9.4-2.54.amzn1.x86_64 \n \n \n\n### Additional References\n\nRed Hat: [CVE-2016-2167](<https://access.redhat.com/security/cve/CVE-2016-2167>), [CVE-2016-2168](<https://access.redhat.com/security/cve/CVE-2016-2168>)\n\nMitre: [CVE-2016-2167](<https://vulners.com/cve/CVE-2016-2167>), [CVE-2016-2168](<https://vulners.com/cve/CVE-2016-2168>)\n", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 6.8, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2016-06-02T18:08:00", "type": "amazon", "title": "Medium: subversion", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.9, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2167", "CVE-2016-2168"], "modified": "2016-06-03T19:46:00", "id": "ALAS-2016-709", "href": "https://alas.aws.amazon.com/ALAS-2016-709.html", "cvss": {"score": 4.9, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:N"}}, {"lastseen": "2023-06-03T15:24:49", "description": "**Issue Overview:**\n\nThe canonicalize_username function in svnserve/cyrus_auth.c in Apache Subversion before 1.8.16 and 1.9.x before 1.9.4, when Cyrus SASL authentication is used, allows remote attackers to authenticate and bypass intended access restrictions via a realm string that is a prefix of an expected repository realm string. (CVE-2016-2167)\n\nThe req_check_access function in the mod_authz_svn module in the httpd server in Apache Subversion before 1.8.16 and 1.9.x before 1.9.4 allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) via a crafted header in a (1) MOVE or (2) COPY request, involving an authorization check. (CVE-2016-2168)\n\n \n**Affected Packages:** \n\n\nmod_dav_svn\n\n \n**Issue Correction:** \nRun _yum update mod_dav_svn_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n i686: \n \u00a0\u00a0\u00a0 mod_dav_svn-debuginfo-1.9.4-2.52.amzn1.i686 \n \u00a0\u00a0\u00a0 mod_dav_svn-1.9.4-2.52.amzn1.i686 \n \n src: \n \u00a0\u00a0\u00a0 mod_dav_svn-1.9.4-2.52.amzn1.src \n \n x86_64: \n \u00a0\u00a0\u00a0 mod_dav_svn-1.9.4-2.52.amzn1.x86_64 \n \u00a0\u00a0\u00a0 mod_dav_svn-debuginfo-1.9.4-2.52.amzn1.x86_64 \n \n \n\n### Additional References\n\nRed Hat: [CVE-2016-2167](<https://access.redhat.com/security/cve/CVE-2016-2167>), [CVE-2016-2168](<https://access.redhat.com/security/cve/CVE-2016-2168>)\n\nMitre: [CVE-2016-2167](<https://vulners.com/cve/CVE-2016-2167>), [CVE-2016-2168](<https://vulners.com/cve/CVE-2016-2168>)\n", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 6.8, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2016-06-02T18:09:00", "type": "amazon", "title": "Medium: mod_dav_svn", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.9, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2167", "CVE-2016-2168"], "modified": "2016-06-03T19:46:00", "id": "ALAS-2016-710", "href": "https://alas.aws.amazon.com/ALAS-2016-710.html", "cvss": {"score": 4.9, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:N"}}, {"lastseen": "2023-09-28T09:54:56", "description": "**Issue Overview:**\n\nThe (1) serf_ssl_cert_issuer, (2) serf_ssl_cert_subject, and (3) serf_ssl_cert_certificate functions in Serf 0.2.0 through 1.3.x before 1.3.7 does not properly handle a NUL byte in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority.\n\n \n**Affected Packages:** \n\n\nlibserf\n\n \n**Issue Correction:** \nRun _yum update libserf_ to update your system.\n\n \n\n\n**New Packages:**\n \n \n i686: \n \u00a0\u00a0\u00a0 libserf-debuginfo-1.3.7-1.6.amzn1.i686 \n \u00a0\u00a0\u00a0 libserf-devel-1.3.7-1.6.amzn1.i686 \n \u00a0\u00a0\u00a0 libserf-1.3.7-1.6.amzn1.i686 \n \n src: \n \u00a0\u00a0\u00a0 libserf-1.3.7-1.6.amzn1.src \n \n x86_64: \n \u00a0\u00a0\u00a0 libserf-1.3.7-1.6.amzn1.x86_64 \n \u00a0\u00a0\u00a0 libserf-devel-1.3.7-1.6.amzn1.x86_64 \n \u00a0\u00a0\u00a0 libserf-debuginfo-1.3.7-1.6.amzn1.x86_64 \n \n \n\n### Additional References\n\nRed Hat: [CVE-2014-3504](<https://access.redhat.com/security/cve/CVE-2014-3504>)\n\nMitre: [CVE-2014-3504](<https://vulners.com/cve/CVE-2014-3504>)\n", "cvss3": {}, "published": "2014-09-03T14:37:00", "type": "amazon", "title": "Medium: libserf", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.0, "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3504"], "modified": "2014-09-19T11:49:00", "id": "ALAS-2014-397", "href": "https://alas.aws.amazon.com/ALAS-2014-397.html", "cvss": {"score": 4.0, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-06-03T15:22:12", "description": "**Issue Overview:**\n\nIt was discovered that Subversion's mod_dontdothat module and Subversion clients using http(s):// are vulnerable to a denial-of-service attack caused by exponential XML entity expansion. An authenticated remote attacker can cause denial-of-service conditions on the server using mod_dontdothat by sending a specially crafted REPORT request. The attack does not require access to a particular repository.\n\n \n**Affected Packages:** \n\n\nsubversion, mod_dav_svn\n\n \n**Issue Correction:** \nRun _yum update subversion_ to update your system. \nRun _yum update mod_dav_svn_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n i686: \n \u00a0\u00a0\u00a0 mod_dav_svn-debuginfo-1.9.5-2.53.amzn1.i686 \n \u00a0\u00a0\u00a0 mod_dav_svn-1.9.5-2.53.amzn1.i686 \n \u00a0\u00a0\u00a0 subversion-1.9.5-1.56.amzn1.i686 \n \u00a0\u00a0\u00a0 subversion-devel-1.9.5-1.56.amzn1.i686 \n \u00a0\u00a0\u00a0 mod24_dav_svn-1.9.5-1.56.amzn1.i686 \n \u00a0\u00a0\u00a0 subversion-ruby-1.9.5-1.56.amzn1.i686 \n \u00a0\u00a0\u00a0 subversion-perl-1.9.5-1.56.amzn1.i686 \n \u00a0\u00a0\u00a0 subversion-debuginfo-1.9.5-1.56.amzn1.i686 \n \u00a0\u00a0\u00a0 subversion-python27-1.9.5-1.56.amzn1.i686 \n \u00a0\u00a0\u00a0 subversion-javahl-1.9.5-1.56.amzn1.i686 \n \u00a0\u00a0\u00a0 subversion-libs-1.9.5-1.56.amzn1.i686 \n \u00a0\u00a0\u00a0 subversion-tools-1.9.5-1.56.amzn1.i686 \n \u00a0\u00a0\u00a0 subversion-python26-1.9.5-1.56.amzn1.i686 \n \n src: \n \u00a0\u00a0\u00a0 mod_dav_svn-1.9.5-2.53.amzn1.src \n \u00a0\u00a0\u00a0 subversion-1.9.5-1.56.amzn1.src \n \n x86_64: \n \u00a0\u00a0\u00a0 mod_dav_svn-debuginfo-1.9.5-2.53.amzn1.x86_64 \n \u00a0\u00a0\u00a0 mod_dav_svn-1.9.5-2.53.amzn1.x86_64 \n \u00a0\u00a0\u00a0 subversion-libs-1.9.5-1.56.amzn1.x86_64 \n \u00a0\u00a0\u00a0 mod24_dav_svn-1.9.5-1.56.amzn1.x86_64 \n \u00a0\u00a0\u00a0 subversion-python26-1.9.5-1.56.amzn1.x86_64 \n \u00a0\u00a0\u00a0 subversion-ruby-1.9.5-1.56.amzn1.x86_64 \n \u00a0\u00a0\u00a0 subversion-1.9.5-1.56.amzn1.x86_64 \n \u00a0\u00a0\u00a0 subversion-perl-1.9.5-1.56.amzn1.x86_64 \n \u00a0\u00a0\u00a0 subversion-debuginfo-1.9.5-1.56.amzn1.x86_64 \n \u00a0\u00a0\u00a0 subversion-python27-1.9.5-1.56.amzn1.x86_64 \n \u00a0\u00a0\u00a0 subversion-devel-1.9.5-1.56.amzn1.x86_64 \n \u00a0\u00a0\u00a0 subversion-tools-1.9.5-1.56.amzn1.x86_64 \n \u00a0\u00a0\u00a0 subversion-javahl-1.9.5-1.56.amzn1.x86_64 \n \n \n\n### Additional References\n\nRed Hat: [CVE-2016-8734](<https://access.redhat.com/security/cve/CVE-2016-8734>)\n\nMitre: [CVE-2016-8734](<https://vulners.com/cve/CVE-2016-8734>)\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2017-02-06T18:00:00", "type": "amazon", "title": "Medium: subversion, mod_dav_svn", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8734"], "modified": "2017-02-06T18:00:00", "id": "ALAS-2017-794", "href": "https://alas.aws.amazon.com/ALAS-2017-794.html", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2023-09-28T09:50:08", "description": "**Issue Overview:**\n\nThe Serf RA layer in Apache Subversion 1.4.0 through 1.7.x before 1.7.18 and 1.8.x before 1.8.10 does not properly handle wildcards in the Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof servers via a crafted certificate.\n\n \n**Affected Packages:** \n\n\nsubversion\n\n \n**Issue Correction:** \nRun _yum update subversion_ to update your system.\n\n \n\n\n**New Packages:**\n \n \n i686: \n \u00a0\u00a0\u00a0 subversion-tools-1.8.10-1.44.amzn1.i686 \n \u00a0\u00a0\u00a0 subversion-1.8.10-1.44.amzn1.i686 \n \u00a0\u00a0\u00a0 subversion-libs-1.8.10-1.44.amzn1.i686 \n \u00a0\u00a0\u00a0 subversion-ruby-1.8.10-1.44.amzn1.i686 \n \u00a0\u00a0\u00a0 mod_dav_svn-1.8.10-1.44.amzn1.i686 \n \u00a0\u00a0\u00a0 subversion-javahl-1.8.10-1.44.amzn1.i686 \n \u00a0\u00a0\u00a0 subversion-python-1.8.10-1.44.amzn1.i686 \n \u00a0\u00a0\u00a0 subversion-perl-1.8.10-1.44.amzn1.i686 \n \u00a0\u00a0\u00a0 subversion-devel-1.8.10-1.44.amzn1.i686 \n \u00a0\u00a0\u00a0 subversion-debuginfo-1.8.10-1.44.amzn1.i686 \n \n src: \n \u00a0\u00a0\u00a0 subversion-1.8.10-1.44.amzn1.src \n \n x86_64: \n \u00a0\u00a0\u00a0 subversion-javahl-1.8.10-1.44.amzn1.x86_64 \n \u00a0\u00a0\u00a0 subversion-devel-1.8.10-1.44.amzn1.x86_64 \n \u00a0\u00a0\u00a0 subversion-libs-1.8.10-1.44.amzn1.x86_64 \n \u00a0\u00a0\u00a0 subversion-python-1.8.10-1.44.amzn1.x86_64 \n \u00a0\u00a0\u00a0 subversion-perl-1.8.10-1.44.amzn1.x86_64 \n \u00a0\u00a0\u00a0 subversion-debuginfo-1.8.10-1.44.amzn1.x86_64 \n \u00a0\u00a0\u00a0 subversion-ruby-1.8.10-1.44.amzn1.x86_64 \n \u00a0\u00a0\u00a0 mod_dav_svn-1.8.10-1.44.amzn1.x86_64 \n \u00a0\u00a0\u00a0 subversion-tools-1.8.10-1.44.amzn1.x86_64 \n \u00a0\u00a0\u00a0 subversion-1.8.10-1.44.amzn1.x86_64 \n \n \n\n### Additional References\n\nRed Hat: [CVE-2014-3522](<https://access.redhat.com/security/cve/CVE-2014-3522>)\n\nMitre: [CVE-2014-3522](<https://vulners.com/cve/CVE-2014-3522>)\n", "cvss3": {}, "published": "2014-09-17T21:48:00", "type": "amazon", "title": "Medium: subversion", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.0, "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3522"], "modified": "2014-09-19T12:09:00", "id": "ALAS-2014-413", "href": "https://alas.aws.amazon.com/ALAS-2014-413.html", "cvss": {"score": 4.0, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-07-16T17:38:15", "description": "**Issue Overview:**\n\nIn Apache Subversion versions up to and including 1.9.10, 1.10.4, 1.12.0, Subversion's svnserve server process may exit when a well-formed read-only request produces a particular answer. This can lead to disruption for users of the server.(CVE-2018-11782)\n\nIn Apache Subversion versions up to and including 1.9.10, 1.10.4, 1.12.0, Subversion's svnserve server process may exit when a client sends certain sequences of protocol commands. This can lead to disruption for users of the server.(CVE-2019-0203)\n\n \n**Affected Packages:** \n\n\nsubversion\n\n \n**Issue Correction:** \nRun _yum update subversion_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n i686: \n \u00a0\u00a0\u00a0 subversion-devel-1.9.7-1.60.amzn1.i686 \n \u00a0\u00a0\u00a0 subversion-javahl-1.9.7-1.60.amzn1.i686 \n \u00a0\u00a0\u00a0 mod24_dav_svn-1.9.7-1.60.amzn1.i686 \n \u00a0\u00a0\u00a0 subversion-libs-1.9.7-1.60.amzn1.i686 \n \u00a0\u00a0\u00a0 subversion-python26-1.9.7-1.60.amzn1.i686 \n \u00a0\u00a0\u00a0 subversion-tools-1.9.7-1.60.amzn1.i686 \n \u00a0\u00a0\u00a0 subversion-python27-1.9.7-1.60.amzn1.i686 \n \u00a0\u00a0\u00a0 subversion-1.9.7-1.60.amzn1.i686 \n \u00a0\u00a0\u00a0 subversion-perl-1.9.7-1.60.amzn1.i686 \n \u00a0\u00a0\u00a0 subversion-debuginfo-1.9.7-1.60.amzn1.i686 \n \u00a0\u00a0\u00a0 subversion-ruby-1.9.7-1.60.amzn1.i686 \n \n src: \n \u00a0\u00a0\u00a0 subversion-1.9.7-1.60.amzn1.src \n \n x86_64: \n \u00a0\u00a0\u00a0 mod24_dav_svn-1.9.7-1.60.amzn1.x86_64 \n \u00a0\u00a0\u00a0 subversion-python27-1.9.7-1.60.amzn1.x86_64 \n \u00a0\u00a0\u00a0 subversion-tools-1.9.7-1.60.amzn1.x86_64 \n \u00a0\u00a0\u00a0 subversion-perl-1.9.7-1.60.amzn1.x86_64 \n \u00a0\u00a0\u00a0 subversion-1.9.7-1.60.amzn1.x86_64 \n \u00a0\u00a0\u00a0 subversion-ruby-1.9.7-1.60.amzn1.x86_64 \n \u00a0\u00a0\u00a0 subversion-devel-1.9.7-1.60.amzn1.x86_64 \n \u00a0\u00a0\u00a0 subversion-debuginfo-1.9.7-1.60.amzn1.x86_64 \n \u00a0\u00a0\u00a0 subversion-libs-1.9.7-1.60.amzn1.x86_64 \n \u00a0\u00a0\u00a0 subversion-python26-1.9.7-1.60.amzn1.x86_64 \n \u00a0\u00a0\u00a0 subversion-javahl-1.9.7-1.60.amzn1.x86_64 \n \n \n\n### Additional References\n\nRed Hat: [CVE-2018-11782](<https://access.redhat.com/security/cve/CVE-2018-11782>), [CVE-2019-0203](<https://access.redhat.com/security/cve/CVE-2019-0203>)\n\nMitre: [CVE-2018-11782](<https://vulners.com/cve/CVE-2018-11782>), [CVE-2019-0203](<https://vulners.com/cve/CVE-2019-0203>)\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-11-04T18:16:00", "type": "amazon", "title": "Important: subversion", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-11782", "CVE-2019-0203"], "modified": "2019-11-07T00:23:00", "id": "ALAS-2019-1317", "href": "https://alas.aws.amazon.com/ALAS-2019-1317.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "osv": [{"lastseen": "2023-06-28T06:32:07", "description": "\nSeveral vulnerabilities were discovered in Subversion, a version control\nsystem. The Common Vulnerabilities and Exposures project identifies the\nfollowing problems:\n\n\n* [CVE-2016-2167](https://security-tracker.debian.org/tracker/CVE-2016-2167)\nDaniel Shahaf and James McCoy discovered that an implementation\n error in the authentication against the Cyrus SASL library would\n permit a remote user to specify a realm string which is a prefix of\n the expected realm string and potentially allowing a user to\n authenticate using the wrong realm.\n* [CVE-2016-2168](https://security-tracker.debian.org/tracker/CVE-2016-2168)\nIvan Zhakov of VisualSVN discovered a remotely triggerable denial\n of service vulnerability in the mod\\_authz\\_svn module during COPY or\n MOVE authorization check. An authenticated remote attacker could\n take advantage of this flaw to cause a denial of service\n (Subversion server crash) via COPY or MOVE requests with specially\n crafted header.\n\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 1.8.10-6+deb8u4.\n\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 1.9.4-1.\n\n\nWe recommend that you upgrade your subversion packages.\n\n\n", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 6.8, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2016-04-29T00:00:00", "type": "osv", "title": "subversion - security update", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.9, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2167", "CVE-2016-2168"], "modified": "2023-06-28T06:32:04", "id": "OSV:DSA-3561-1", "href": "https://osv.dev/vulnerability/DSA-3561-1", "cvss": {"score": 4.9, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:N"}}, {"lastseen": "2023-06-28T06:34:44", "description": "\n* [CVE-2016-2167](https://security-tracker.debian.org/tracker/CVE-2016-2167)\nsvnserve, the svn:// protocol server, can optionally use the Cyrus\n SASL library for authentication, integrity protection, and encryption.\n Due to a programming oversight, authentication against Cyrus SASL\n would permit the remote user to specify a realm string which is\n a prefix of the expected realm string.\n* [CVE-2016-2168](https://security-tracker.debian.org/tracker/CVE-2016-2168)\nSubversion's httpd servers are vulnerable to a remotely triggerable crash\n in the mod\\_authz\\_svn module. The crash can occur during an authorization\n check for a COPY or MOVE request with a specially crafted header value.\n\n\nThis allows remote attackers to cause a denial of service.\n\n\nFor Debian 7 Wheezy, these issues have been fixed in subversion version 1.6.17dfsg-4+deb7u11\n\n\n", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 6.8, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2016-05-01T00:00:00", "type": "osv", "title": "subversion - security update", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.9, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2167", "CVE-2016-2168"], "modified": "2023-06-28T06:34:04", "id": "OSV:DLA-448-1", "href": "https://osv.dev/vulnerability/DLA-448-1", "cvss": {"score": 4.9, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:N"}}, {"lastseen": "2023-04-11T01:40:25", "description": "Subversion Plugin connects to a user-specified Subversion repository as part of form validation (e.g. to retrieve a list of tags). This functionality improperly checked permissions, allowing any user with Item/Build permission (but not Item/Configure) to connect to any web server or Subversion server and send credentials with a known ID, thereby possibly capturing them. Additionally, this functionality did not require POST requests be used, thereby allowing the above to be performed without direct access to Jenkins via Cross-Site Request Forgery attacks. As of version 2.9, this functionality properly checks permissions and is only available via POST.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2022-05-17T00:29:00", "type": "osv", "title": "Jenkins Subversion Plugin Cross-Site Request Forgery vulnerability", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-1000085"], "modified": "2023-04-11T01:40:19", "id": "OSV:GHSA-HRWC-PQFM-G6QF", "href": "https://osv.dev/vulnerability/GHSA-hrwc-pqfm-g6qf", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-07-21T08:26:23", "description": "\nIvan Zhakov discovered an integer overflow in mod\\_dav\\_svn, which allows\nan attacker with write access to the server to execute arbitrary code or\ncause a denial of service.\n\n\nThe oldstable distribution (wheezy) is not affected.\n\n\nFor the stable distribution (jessie), this problem has been fixed in\nversion 1.8.10-6+deb8u2.\n\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1.9.3-1.\n\n\nWe recommend that you upgrade your subversion packages.\n\n\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "LOW", "baseScore": 7.6, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 4.7}, "published": "2015-12-16T00:00:00", "type": "osv", "title": "subversion - security update", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "COMPLETE", "integrityImpact": "PARTIAL", "baseScore": 8.0, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": true, "impactScore": 8.5, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-5343"], "modified": "2022-07-21T05:48:53", "id": "OSV:DSA-3424-1", "href": "https://osv.dev/vulnerability/DSA-3424-1", "cvss": {"score": 8.0, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:C"}}, {"lastseen": "2023-04-11T01:28:01", "description": "An improper authorization vulnerability exists in Jenkins Subversion Plugin version 2.10.2 and earlier in `SubversionStatus.java` and `SubversionRepositoryStatus.java` that allows an attacker with network access to obtain a list of nodes and users. As of version 2.10.3, the class handling requests to /subversion/ no longer extends the class handling requests to the \u2026/search/ sub-path, therefore any such requests will fail.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2022-05-13T01:48:32", "type": "osv", "title": "Jenkins Subversion Plugin Incorrect Authorization vulnerability", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1000111"], "modified": "2023-04-11T01:27:58", "id": "OSV:GHSA-W9GQ-8Q35-3JCC", "href": "https://osv.dev/vulnerability/GHSA-w9gq-8q35-3jcc", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-03-28T05:45:37", "description": "Subversion Plugin 2.13.1 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.\n\nThis allows attackers able to control an agent process to have Jenkins parse a crafted changelog file that uses external entities for extraction of secrets from the Jenkins controller or server-side request forgery.\n\nSubversion Plugin 2.13.2 disables external entity resolution for its XML parser.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-05-24T17:33:07", "type": "osv", "title": "XXE vulnerability in Jenkins Subversion Plugin", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-2304"], "modified": "2023-03-28T05:45:31", "id": "OSV:GHSA-VP5F-8JGW-J53C", "href": "https://osv.dev/vulnerability/GHSA-vp5f-8jgw-j53c", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2023-03-28T05:28:58", "description": "Jenkins Subversion Plugin 2.13.0 and earlier does not escape the error message for the Project Repository Base URL field form validation, resulting in a stored cross-site scripting vulnerability. Subversion Plugin 2.13.1 escapes the affected part of the error message.", "cvss3": {"exploitabilityScore": 2.3, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "baseScore": 5.4, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2022-05-24T17:08:46", "type": "osv", "title": "Subversion Plugin stored XSS vulnerability before v2.13.1", "bulletinFamily": "software", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 3.5, "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-2111"], "modified": "2023-03-28T05:28:41", "id": "OSV:GHSA-X3PR-FCGM-WJGC", "href": "https://osv.dev/vulnerability/GHSA-x3pr-fcgm-wjgc", "cvss": {"score": 3.5, "vector": "AV:N/AC:M/Au:S/C:N/I:P/A:N"}}, {"lastseen": "2023-06-28T06:50:35", "description": "\nSeveral problems were discovered in Subversion, a centralised version\ncontrol system.\n\n\n* [CVE-2016-8734](https://security-tracker.debian.org/tracker/CVE-2016-8734)\n(jessie only)\n\n\nSubversion's mod\\_dontdothat server module and Subversion clients\n using http(s):// were vulnerable to a denial-of-service attack\n caused by exponential XML entity expansion.\n* [CVE-2017-9800](https://security-tracker.debian.org/tracker/CVE-2017-9800)\nJoern Schneeweisz discovered that Subversion did not correctly\n handle maliciously constructed svn+ssh:// URLs. This allowed an\n attacker to run an arbitrary shell command, for instance via\n svn:externals properties or when using svnsync sync.\n\n\nFor the oldstable distribution (jessie), these problems have been fixed\nin version 1.8.10-6+deb8u5.\n\n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 1.9.5-1+deb9u1.\n\n\nWe recommend that you upgrade your subversion packages.\n\n\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-08-10T00:00:00", "type": "osv", "title": "subversion - security update", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8734", "CVE-2017-9800"], "modified": "2023-06-28T06:50:06", "id": "OSV:DSA-3932-1", "href": "https://osv.dev/vulnerability/DSA-3932-1", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-05T05:18:35", "description": "\nSeveral vulnerabilities were discovered in Subversion, a version control\nsystem. The Common Vulnerabilities and Exposures project identifies the\nfollowing problems:\n\n\n* [CVE-2018-11782](https://security-tracker.debian.org/tracker/CVE-2018-11782)\nAce Olszowka reported that the Subversion's svnserve server process\n may exit when a well-formed read-only request produces a particular\n answer, leading to a denial of service.\n* [CVE-2019-0203](https://security-tracker.debian.org/tracker/CVE-2019-0203)\nTomas Bortoli reported that the Subversion's svnserve server process\n may exit when a client sends certain sequences of protocol commands.\n If the server is configured with anonymous access enabled this could\n lead to a remote unauthenticated denial of service.\n\n\nFor Debian 8 Jessie, these problems have been fixed in version\n1.8.10-6+deb8u7.\n\n\nWe recommend that you upgrade your subversion packages.\n\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: <https://wiki.debian.org/LTS>\n\n\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2019-08-29T00:00:00", "type": "osv", "title": "subversion - security update", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0203", "CVE-2018-11782"], "modified": "2022-08-05T05:18:33", "id": "OSV:DLA-1903-1", "href": "https://osv.dev/vulnerability/DLA-1903-1", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-06-28T06:52:11", "description": "\nSeveral vulnerabilities were discovered in Subversion, a version control\nsystem. The Common Vulnerabilities and Exposures project identifies the\nfollowing problems:\n\n\n* [CVE-2018-11782](https://security-tracker.debian.org/tracker/CVE-2018-11782)\nAce Olszowka reported that the Subversion's svnserve server process\n may exit when a well-formed read-only request produces a particular\n answer, leading to a denial of service.\n* [CVE-2019-0203](https://security-tracker.debian.org/tracker/CVE-2019-0203)\nTomas Bortoli reported that the Subversion's svnserve server process\n may exit when a client sends certain sequences of protocol commands.\n If the server is configured with anonymous access enabled this could\n lead to a remote unauthenticated denial of service.\n\n\nFor the oldstable distribution (stretch), these problems have been fixed\nin version 1.9.5-1+deb9u4.\n\n\nFor the stable distribution (buster), these problems have been fixed in\nversion 1.10.4-1+deb10u1.\n\n\nWe recommend that you upgrade your subversion packages.\n\n\nFor the detailed security status of subversion please refer to its\nsecurity tracker page at:\n<https://security-tracker.debian.org/tracker/subversion>\n\n\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-08-01T00:00:00", "type": "osv", "title": "subversion - security update", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-11782", "CVE-2019-0203"], "modified": "2023-06-28T06:51:08", "id": "OSV:DSA-4490-1", "href": "https://osv.dev/vulnerability/DSA-4490-1", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "freebsd": [{"lastseen": "2023-06-03T15:04:39", "description": "\n\nSubversion project reports:\n\nsvnserve, the svn:// protocol server, can optionally use the Cyrus\n\t SASL library for authentication, integrity protection, and encryption.\n\t Due to a programming oversight, authentication against Cyrus SASL\n\t would permit the remote user to specify a realm string which is\n\t a prefix of the expected realm string.\n\n\nSubversion's httpd servers are vulnerable to a remotely triggerable crash\n\t in the mod_authz_svn module. The crash can occur during an authorization\n\t check for a COPY or MOVE request with a specially crafted header value.\nThis allows remote attackers to cause a denial of service.\n\n\n", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 6.8, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2016-04-21T00:00:00", "type": "freebsd", "title": "subversion -- multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.9, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2167", "CVE-2016-2168"], "modified": "2016-04-21T00:00:00", "id": "C8174B63-0D3A-11E6-B06E-D43D7EED0CE2", "href": "https://vuxml.freebsd.org/freebsd/c8174b63-0d3a-11e6-b06e-d43d7eed0ce2.html", "cvss": {"score": 4.9, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:N"}}, {"lastseen": "2023-06-03T15:04:39", "description": "\n\nThe Apache Software Foundation reports:\n\nThe mod_dontdothat module of subversion and subversion clients using\n\t http(s):// are vulnerable to a denial-of-service attack, caused by\n\t exponential XML entity expansion. The attack targets XML parsers\n\t causing targeted process to consume excessive amounts of resources.\n\t The attack is also known as the \"billions of laughs attack.\"\n\n\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2016-11-29T00:00:00", "type": "freebsd", "title": "subversion -- Unrestricted XML entity expansion in mod_dontdothat and Subversionclients using http(s)", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8734"], "modified": "2016-11-29T00:00:00", "id": "AC256985-B6A9-11E6-A3BF-206A8A720317", "href": "https://vuxml.freebsd.org/freebsd/ac256985-b6a9-11e6-a3bf-206a8a720317.html", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2023-09-28T08:56:19", "description": "\n\nserf Development list reports:\n\nSerf provides APIs to retrieve information about a certificate. These\n\t APIs return the information as NUL terminated strings (commonly called C\n\t strings). X.509 uses counted length strings which may include a NUL byte.\n\t This means that a library user will interpret any information as ending\n\t upon seeing this NUL byte and will only see a partial value for that field.\n\t \nAttackers could exploit this vulnerability to create a certificate that a\n\t client will accept for a different hostname than the full certificate is\n\t actually for by embedding a NUL byte in the certificate.\nThis can lead to a man-in-the-middle attack. There are no known instances\n\t of this problem being exploited in the wild and in practice it should be\n\t difficult to actually exploit this vulnerability.\n\n\n", "cvss3": {}, "published": "2014-08-06T00:00:00", "type": "freebsd", "title": "serf -- SSL Certificate Null Byte Poisoning", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.0, "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3504"], "modified": "2014-08-06T00:00:00", "id": "69048656-2187-11E4-802C-20CF30E32F6D", "href": "https://vuxml.freebsd.org/freebsd/69048656-2187-11e4-802c-20cf30e32f6d.html", "cvss": {"score": 4.0, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-09-09T12:37:19", "description": "\n\nSubversion Project reports:\n\nRemotely triggerable heap overflow and out-of-bounds read caused\n\t by integer overflow in the svn:// protocol parser.\nRemotely triggerable heap overflow and out-of-bounds read in\n\t mod_dav_svn caused by integer overflow when parsing skel-encoded\n\t request bodies.\n\n\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 8.6, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 4.7}, "published": "2015-11-14T00:00:00", "type": "freebsd", "title": "subversion -- multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "COMPLETE", "integrityImpact": "PARTIAL", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 8.5, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-5259", "CVE-2015-5343"], "modified": "2015-11-14T00:00:00", "id": "DAADEF86-A366-11E5-8B40-20CF30E32F6D", "href": "https://vuxml.freebsd.org/freebsd/daadef86-a366-11e5-8b40-20cf30e32f6d.html", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:C"}}, {"lastseen": "2023-09-28T08:56:19", "description": "\n\nSubversion Project reports:\n\nUsing the Serf RA layer of Subversion for HTTPS uses the apr_fnmatch API\n\t to handle matching wildcards in certificate Common Names and Subject\n\t Alternate Names. However, apr_fnmatch is not designed for this purpose.\n\t Instead it is designed to behave like common shell globbing. In particular\n\t this means that '*' is not limited to a single label within a hostname\n\t (i.e. it will match '.'). But even further apr_fnmatch supports '?' and\n\t character classes (neither of which are part of the RFCs defining how\n\t certificate validation works).\nSubversion stores cached credentials by an MD5 hash based on the URL and\n\t the authentication realm of the server the credentials are cached for.\n\t MD5 has been shown to be subject to chosen plaintext hash collisions.\n\t This means it may be possible to generate an authentication realm which\n\t results in the same MD5 hash for a different URL.\n\n\n", "cvss3": {}, "published": "2014-08-06T00:00:00", "type": "freebsd", "title": "subversion -- several vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.0, "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3522", "CVE-2014-3528"], "modified": "2014-08-06T00:00:00", "id": "83A418CC-2182-11E4-802C-20CF30E32F6D", "href": "https://vuxml.freebsd.org/freebsd/83a418cc-2182-11e4-802c-20cf30e32f6d.html", "cvss": {"score": 4.0, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:N"}}], "fedora": [{"lastseen": "2020-12-21T08:17:53", "description": "Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. Subversion only stores the differences between versions, instead of every complete file. Subversion is intended to be a compelling replacement for CVS. ", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "baseScore": 6.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.2}, "published": "2016-05-10T11:50:37", "type": "fedora", "title": "[SECURITY] Fedora 24 Update: subversion-1.9.4-1.fc24", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.9, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2167", "CVE-2016-2168"], "modified": "2016-05-10T11:50:37", "id": "FEDORA:4499A605712E", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/RE5JP2JU46BL44WYB5GUNJUJDLJ6VXYW/", "cvss": {"score": 4.9, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:N"}}, {"lastseen": "2020-12-21T08:17:53", "description": "Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. Subversion only stores the differences between versions, instead of every complete file. Subversion is intended to be a compelling replacement for CVS. ", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "baseScore": 6.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.2}, "published": "2016-05-12T07:32:42", "type": "fedora", "title": "[SECURITY] Fedora 23 Update: subversion-1.9.4-1.fc23", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.9, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2167", "CVE-2016-2168"], "modified": "2016-05-12T07:32:42", "id": "FEDORA:F2C4A6133CC5", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/KU6GUCBJZFZBNPS32NSO2WQIDNCHGC56/", "cvss": {"score": 4.9, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:N"}}, {"lastseen": "2020-12-21T08:17:53", "description": "Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. Subversion only stores the differences between versions, instead of every complete file. Subversion is intended to be a compelling replacement for CVS. ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 6.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2017-01-06T07:53:57", "type": "fedora", "title": "[SECURITY] Fedora 25 Update: subversion-1.9.5-1.fc25", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8734"], "modified": "2017-01-06T07:53:57", "id": "FEDORA:612B46093936", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/H2SWPD4GI3BJOKUQA6XOPBR4LVLJPTMY/", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2020-12-21T08:17:52", "description": "The serf library is a C-based HTTP client library built upon the Apache Portable Runtime (APR) library. It multiplexes connections, running the read/write communication asynchronously. Memory copies and transformations are kept to a minimum to provide high performance operation. ", "cvss3": {}, "published": "2014-08-23T01:59:00", "type": "fedora", "title": "[SECURITY] Fedora 20 Update: libserf-1.3.7-1.fc20", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.0, "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3504"], "modified": "2014-08-23T01:59:00", "id": "FEDORA:C829623572", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/EEBIL3YVNWV642UWBXYL7W2IOUKV2EEM/", "cvss": {"score": 4.0, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2020-12-21T08:17:52", "description": "Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. Subversion only stores the differences between versions, instead of every complete file. Subversion is intended to be a compelling replacement for CVS. ", "cvss3": {}, "published": "2014-08-28T15:33:58", "type": "fedora", "title": "[SECURITY] Fedora 20 Update: subversion-1.8.10-1.fc20", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.0, "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3522"], "modified": "2014-08-28T15:33:58", "id": "FEDORA:1A4CA237F1", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/KVX46REGSEUBQAFXSLKUZ5OV6D344LFA/", "cvss": {"score": 4.0, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2020-12-21T08:17:53", "description": "Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. Subversion only stores the differences between versions, instead of every complete file. Subversion is intended to be a compelling replacement for CVS. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "LOW", "baseScore": 8.6, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 4.7}, "published": "2015-12-22T22:09:43", "type": "fedora", "title": "[SECURITY] Fedora 23 Update: subversion-1.9.3-1.fc23", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "COMPLETE", "integrityImpact": "PARTIAL", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 8.5, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-5259", "CVE-2015-5343"], "modified": "2015-12-22T22:09:43", "id": "FEDORA:89A8F601CFB9", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/RL6D5STRTJJZSIISEEPAFL37Q5W3YKLU/", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:C"}}, {"lastseen": "2021-07-28T14:46:51", "description": "Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. Subversion only stores the differences between versions, instead of every complete file. Subversion is intended to be a compelling replacement for CVS. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2019-08-06T01:19:43", "type": "fedora", "title": "[SECURITY] Fedora 30 Update: subversion-1.12.2-1.fc30", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-11782", "CVE-2019-0203"], "modified": "2019-08-06T01:19:43", "id": "FEDORA:6162D6076968", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/JJTOZLIYIINAM3ZQORMBF275VXCUBYAS/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "archlinux": [{"lastseen": "2016-09-02T18:44:41", "description": "- CVE-2016-2167 (authentication restriction bypass)\n\nThe canonicalize_username function in svnserve/cyrus_auth.c, when Cyrus\nSASL authentication is used, allows remote attackers to authenticate\nand bypass intended access restrictions via a realm string that is a\nprefix of an expected repository realm string.\n\n- CVE-2016-2168 (denial of service)\n\nThe req_check_access function in the mod_authz_svn module in the httpd\nserver allows remote authenticated users to cause a denial of service\n(NULL pointer dereference and crash) via a crafted header in a (1) MOVE\nor (2) COPY request, involving an authorization check.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "baseScore": 6.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.2}, "published": "2016-06-08T00:00:00", "type": "archlinux", "title": "subversion: multiple issues", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.9, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2168", "CVE-2016-2167"], "modified": "2016-06-08T00:00:00", "id": "ASA-201606-6", "href": "https://lists.archlinux.org/pipermail/arch-security/2016-June/000641.html", "cvss": {"score": 4.9, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:NONE/"}}, {"lastseen": "2023-07-16T15:12:13", "description": "Arch Linux Security Advisory ASA-201908-10\n==========================================\n\nSeverity: High\nDate : 2019-08-16\nCVE-ID : CVE-2018-11782 CVE-2019-0203\nPackage : subversion\nType : denial of service\nRemote : Yes\nLink : https://security.archlinux.org/AVG-1016\n\nSummary\n=======\n\nThe package subversion before version 1.12.2-1 is vulnerable to denial\nof service.\n\nResolution\n==========\n\nUpgrade to 1.12.2-1.\n\n# pacman -Syu \"subversion>=1.12.2-1\"\n\nThe problems have been fixed upstream in version 1.12.2.\n\nWorkaround\n==========\n\nNone.\n\nDescription\n===========\n\n- CVE-2018-11782 (denial of service)\n\nSubversion svn:// connections, including svn+ssh:// and\nsvn+<custom>://, use a custom network protocol [1] with Lisp-like\nsyntax. The code implementing the protocol has dedicated codepaths for\nserialization of revision numbers into protocol integers. A particular\nclient query could cause the server to attempt to reply with a revision\nnumber whose value is the invalid revision number constant\n`SVN_INVALID_REVNUM`, thereby triggering an assertion failure in the\nthe serialization layer.\n\n- CVE-2019-0203 (denial of service)\n\nA null-pointer-dereference has been found in svnserve that results in a\nremote unauthenticated Denial-of-Service in some server configurations.\nThe vulnerability can be triggered by an unauthenticated user if the\nserver is configured with anonymous access enabled.\n\nImpact\n======\n\nA remote attacker is able to cause a denial of service by sending a\nspecial packet.\n\nReferences\n==========\n\nhttp://subversion.apache.org/security/CVE-2018-11782-advisory.txt\nhttp://subversion.apache.org/security/CVE-2019-0203-advisory.txt\nhttps://security.archlinux.org/CVE-2018-11782\nhttps://security.archlinux.org/CVE-2019-0203", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-08-16T00:00:00", "type": "archlinux", "title": "[ASA-201908-10] subversion: denial of service", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-11782", "CVE-2019-0203"], "modified": "2019-08-16T00:00:00", "id": "ASA-201908-10", "href": "https://security.archlinux.org/ASA-201908-10", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "debian": [{"lastseen": "2023-05-02T16:09:37", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3561-1 security@debian.org\nhttps://www.debian.org/security/ Salvatore Bonaccorso\nApril 29, 2016 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : subversion\nCVE ID : CVE-2016-2167 CVE-2016-2168\n\nSeveral vulnerabilities were discovered in Subversion, a version control\nsystem. The Common Vulnerabilities and Exposures project identifies the\nfollowing problems:\n\nCVE-2016-2167\n\n Daniel Shahaf and James McCoy discovered that an implementation\n error in the authentication against the Cyrus SASL library would\n permit a remote user to specify a realm string which is a prefix of\n the expected realm string and potentially allowing a user to\n authenticate using the wrong realm.\n\nCVE-2016-2168\n\n Ivan Zhakov of VisualSVN discovered a remotely triggerable denial\n of service vulnerability in the mod_authz_svn module during COPY or\n MOVE authorization check. An authenticated remote attacker could\n take advantage of this flaw to cause a denial of service\n (Subversion server crash) via COPY or MOVE requests with specially\n crafted header.\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 1.8.10-6+deb8u4.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 1.9.4-1.\n\nWe recommend that you upgrade your subversion packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 6.8, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2016-04-29T13:04:16", "type": "debian", "title": "[SECURITY] [DSA 3561-1] subversion security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.9, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2167", "CVE-2016-2168"], "modified": "2016-04-29T13:04:16", "id": "DEBIAN:DSA-3561-1:D3809", "href": "https://lists.debian.org/debian-security-announce/2016/msg00137.html", "cvss": {"score": 4.9, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:N"}}, {"lastseen": "2021-12-06T04:35:18", "description": "Package : subversion\nVersion : 1.6.17dfsg-4+deb7u11\nCVE ID : CVE-2016-2167 CVE-2016-2168\n\nCVE-2016-2167\n\n svnserve, the svn:// protocol server, can optionally use the Cyrus\n SASL library for authentication, integrity protection, and encryption.\n Due to a programming oversight, authentication against Cyrus SASL\n would permit the remote user to specify a realm string which is\n a prefix of the expected realm string.\n\n\nCVE-2016-2168\n\n Subversion's httpd servers are vulnerable to a remotely triggerable crash\n in the mod_authz_svn module. The crash can occur during an authorization\n check for a COPY or MOVE request with a specially crafted header value.\n\n This allows remote attackers to cause a denial of service.\n\n-- \nJames\nGPG Key: 4096R/331BA3DB 2011-12-05 James McCoy <jamessan@debian.org>\nAttachment:\nsignature.asc\nDescription: PGP signature\n", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "baseScore": 6.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.2}, "published": "2016-05-01T02:26:52", "type": "debian", "title": "[SECURITY] [DLA 448-1] subversion security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.9, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2167", "CVE-2016-2168"], "modified": "2016-05-01T02:26:52", "id": "DEBIAN:DLA-448-1:46817", "href": "https://lists.debian.org/debian-lts-announce/2016/05/msg00000.html", "cvss": {"score": 4.9, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:N"}}, {"lastseen": "2021-10-21T22:15:24", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3561-1 security@debian.org\nhttps://www.debian.org/security/ Salvatore Bonaccorso\nApril 29, 2016 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : subversion\nCVE ID : CVE-2016-2167 CVE-2016-2168\n\nSeveral vulnerabilities were discovered in Subversion, a version control\nsystem. The Common Vulnerabilities and Exposures project identifies the\nfollowing problems:\n\nCVE-2016-2167\n\n Daniel Shahaf and James McCoy discovered that an implementation\n error in the authentication against the Cyrus SASL library would\n permit a remote user to specify a realm string which is a prefix of\n the expected realm string and potentially allowing a user to\n authenticate using the wrong realm.\n\nCVE-2016-2168\n\n Ivan Zhakov of VisualSVN discovered a remotely triggerable denial\n of service vulnerability in the mod_authz_svn module during COPY or\n MOVE authorization check. An authenticated remote attacker could\n take advantage of this flaw to cause a denial of service\n (Subversion server crash) via COPY or MOVE requests with specially\n crafted header.\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 1.8.10-6+deb8u4.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 1.9.4-1.\n\nWe recommend that you upgrade your subversion packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "baseScore": 6.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.2}, "published": "2016-04-29T13:04:16", "type": "debian", "title": "[SECURITY] [DSA 3561-1] subversion security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.9, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2167", "CVE-2016-2168"], "modified": "2016-04-29T13:04:16", "id": "DEBIAN:DSA-3561-1:A2BC9", "href": "https://lists.debian.org/debian-security-announce/2016/msg00137.html", "cvss": {"score": 4.9, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:N"}}, {"lastseen": "2023-05-02T16:28:25", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3424-1 security@debian.org\nhttps://www.debian.org/security/ Moritz Muehlenhoff\nDecember 16, 2015 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : subversion\nCVE ID : CVE-2015-5343\n\nIvan Zhakov discovered an integer overflow in mod_dav_svn, which allows\nan attacker with write access to the server to execute arbitrary code or\ncause a denial of service.\n\nThe oldstable distribution (wheezy) is not affected.\n\nFor the stable distribution (jessie), this problem has been fixed in\nversion 1.8.10-6+deb8u2.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1.9.3-1.\n\nWe recommend that you upgrade your subversion packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "LOW", "baseScore": 7.6, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 4.7}, "published": "2015-12-16T22:36:40", "type": "debian", "title": "[SECURITY] [DSA 3424-1] subversion security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "COMPLETE", "integrityImpact": "PARTIAL", "baseScore": 8.0, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 8.5, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-5343"], "modified": "2015-12-16T22:36:40", "id": "DEBIAN:DSA-3424-1:19C68", "href": "https://lists.debian.org/debian-security-announce/2015/msg00329.html", "cvss": {"score": 8.0, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:C"}}, {"lastseen": "2023-05-02T16:01:02", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3932-1 security@debian.org\nhttps://www.debian.org/security/ Sebastien Delafond\nAugust 10, 2017 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : subversion\nCVE ID : CVE-2016-8734 CVE-2017-9800\n\nSeveral problems were discovered in Subversion, a centralised version\ncontrol system.\n\nCVE-2016-8734 (jessie only)\n\n Subversion's mod_dontdothat server module and Subversion clients\n using http(s):// were vulnerable to a denial-of-service attack\n caused by exponential XML entity expansion.\n\nCVE-2017-9800\n\n Joern Schneeweisz discovered that Subversion did not correctly\n handle maliciously constructed svn+ssh:// URLs. This allowed an\n attacker to run an arbitrary shell command, for instance via\n svn:externals properties or when using 'svnsync sync'.\n\nFor the oldstable distribution (jessie), these problems have been fixed\nin version 1.8.10-6+deb8u5.\n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 1.9.5-1+deb9u1.\n\nWe recommend that you upgrade your subversion packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-08-10T18:49:53", "type": "debian", "title": "[SECURITY] [DSA 3932-1] subversion security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8734", "CVE-2017-9800"], "modified": "2017-08-10T18:49:53", "id": "DEBIAN:DSA-3932-1:A3186", "href": "https://lists.debian.org/debian-security-announce/2017/msg00194.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-21T21:57:32", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3932-1 security@debian.org\nhttps://www.debian.org/security/ Sebastien Delafond\nAugust 10, 2017 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : subversion\nCVE ID : CVE-2016-8734 CVE-2017-9800\n\nSeveral problems were discovered in Subversion, a centralised version\ncontrol system.\n\nCVE-2016-8734 (jessie only)\n\n Subversion's mod_dontdothat server module and Subversion clients\n using http(s):// were vulnerable to a denial-of-service attack\n caused by exponential XML entity expansion.\n\nCVE-2017-9800\n\n Joern Schneeweisz discovered that Subversion did not correctly\n handle maliciously constructed svn+ssh:// URLs. This allowed an\n attacker to run an arbitrary shell command, for instance via\n svn:externals properties or when using 'svnsync sync'.\n\nFor the oldstable distribution (jessie), these problems have been fixed\nin version 1.8.10-6+deb8u5.\n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 1.9.5-1+deb9u1.\n\nWe recommend that you upgrade your subversion packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-08-10T18:49:53", "type": "debian", "title": "[SECURITY] [DSA 3932-1] subversion security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8734", "CVE-2017-9800"], "modified": "2017-08-10T18:49:53", "id": "DEBIAN:DSA-3932-1:2FDE9", "href": "https://lists.debian.org/debian-security-announce/2017/msg00194.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-05T22:36:15", "description": "Package : subversion\nVersion : 1.8.10-6+deb8u7\nCVE ID : CVE-2018-11782 CVE-2019-0203\n\n\nSeveral vulnerabilities were discovered in Subversion, a version control\nsystem. The Common Vulnerabilities and Exposures project identifies the\nfollowing problems:\n\nCVE-2018-11782\n\n Ace Olszowka reported that the Subversion's svnserve server process\n may exit when a well-formed read-only request produces a particular\n answer, leading to a denial of service.\n\nCVE-2019-0203\n\n Tomas Bortoli reported that the Subversion's svnserve server process\n may exit when a client sends certain sequences of protocol commands.\n If the server is configured with anonymous access enabled this could\n lead to a remote unauthenticated denial of service.\n\nFor Debian 8 "Jessie", these problems have been fixed in version\n1.8.10-6+deb8u7.\n\nWe recommend that you upgrade your subversion packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\nAttachment:\nsignature.asc\nDescription: PGP signature\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-08-29T21:14:54", "type": "debian", "title": "[SECURITY] [DLA 1903-1] subversion security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-11782", "CVE-2019-0203"], "modified": "2019-08-29T21:14:54", "id": "DEBIAN:DLA-1903-1:C00A6", "href": "https://lists.debian.org/debian-lts-announce/2019/08/msg00037.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-10-21T18:39:23", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4490-1 security@debian.org\nhttps://www.debian.org/security/ Salvatore Bonaccorso\nAugust 01, 2019 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : subversion\nCVE ID : CVE-2018-11782 CVE-2019-0203\n\nSeveral vulnerabilities were discovered in Subversion, a version control\nsystem. The Common Vulnerabilities and Exposures project identifies the\nfollowing problems:\n\nCVE-2018-11782\n\n Ace Olszowka reported that the Subversion's svnserve server process\n may exit when a well-formed read-only request produces a particular\n answer, leading to a denial of service.\n\nCVE-2019-0203\n\n Tomas Bortoli reported that the Subversion's svnserve server process\n may exit when a client sends certain sequences of protocol commands.\n If the server is configured with anonymous access enabled this could\n lead to a remote unauthenticated denial of service.\n\nFor the oldstable distribution (stretch), these problems have been fixed\nin version 1.9.5-1+deb9u4.\n\nFor the stable distribution (buster), these problems have been fixed in\nversion 1.10.4-1+deb10u1.\n\nWe recommend that you upgrade your subversion packages.\n\nFor the detailed security status of subversion please refer to its\nsecurity tracker page at:\nhttps://security-tracker.debian.org/tracker/subversion\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2019-07-31T22:07:24", "type": "debian", "title": "[SECURITY] [DSA 4490-1] subversion security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-11782", "CVE-2019-0203"], "modified": "2019-07-31T22:07:24", "id": "DEBIAN:DSA-4490-1:D05C2", "href": "https://lists.debian.org/debian-security-announce/2019/msg00138.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-06-26T15:04:42", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4490-1 security@debian.org\nhttps://www.debian.org/security/ Salvatore Bonaccorso\nAugust 01, 2019 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : subversion\nCVE ID : CVE-2018-11782 CVE-2019-0203\n\nSeveral vulnerabilities were discovered in Subversion, a version control\nsystem. The Common Vulnerabilities and Exposures project identifies the\nfollowing problems:\n\nCVE-2018-11782\n\n Ace Olszowka reported that the Subversion's svnserve server process\n may exit when a well-formed read-only request produces a particular\n answer, leading to a denial of service.\n\nCVE-2019-0203\n\n Tomas Bortoli reported that the Subversion's svnserve server process\n may exit when a client sends certain sequences of protocol commands.\n If the server is configured with anonymous access enabled this could\n lead to a remote unauthenticated denial of service.\n\nFor the oldstable distribution (stretch), these problems have been fixed\nin version 1.9.5-1+deb9u4.\n\nFor the stable distribution (buster), these problems have been fixed in\nversion 1.10.4-1+deb10u1.\n\nWe recommend that you upgrade your subversion packages.\n\nFor the detailed security status of subversion please refer to its\nsecurity tracker page at:\nhttps://security-tracker.debian.org/tracker/subversion\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-07-31T22:07:24", "type": "debian", "title": "[SECURITY] [DSA 4490-1] subversion security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-11782", "CVE-2019-0203"], "modified": "2019-07-31T22:07:24", "id": "DEBIAN:DSA-4490-1:715F8", "href": "https://lists.debian.org/debian-security-announce/2019/msg00138.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "kaspersky": [{"lastseen": "2023-06-03T15:32:35", "description": "### *Detect date*:\n05/05/2016\n\n### *Severity*:\nWarning\n\n### *Description*:\nMultiple serious vulnerabilities have been found in Apache Subversion. Malicious users can exploit these vulnerabilities to cause denial of service or bypass security restrictions.\n\n### *Affected products*:\nApache Subversions versions earlier than 1.8.16 \nApache Subversions 1.9 versions earlier than 1.9.4\n\n### *Solution*:\nUpdate to the latest version \n[Apache Subversion download page](<http://subversion.apache.org/download.cgi>)\n\n### *Original advisories*:\n[Apache advisory 2168](<http://subversion.apache.org/security/CVE-2016-2168-advisory.txt>) \n[Apache advisory 2167](<http://subversion.apache.org/security/CVE-2016-2167-advisory.txt>) \n\n\n### *Impacts*:\nDoS \n\n### *Related products*:\n[Apache Subversion](<https://threats.kaspersky.com/en/product/Apache-Subversion/>)\n\n### *CVE-IDS*:\n[CVE-2016-2167](<https://vulners.com/cve/CVE-2016-2167>)4.9Warning \n[CVE-2016-2168](<https://vulners.com/cve/CVE-2016-2168>)4.0Warning", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 6.8, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2016-05-05T00:00:00", "type": "kaspersky", "title": "KLA10808 Multiple vulnerabilities in Apache Subversion", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.9, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2167", "CVE-2016-2168"], "modified": "2020-06-03T00:00:00", "id": "KLA10808", "href": "https://threats.kaspersky.com/en/vulnerability/KLA10808/", "cvss": {"score": 4.9, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:N"}}, {"lastseen": "2023-09-10T22:10:06", "description": "### *Detect date*:\n01/14/2016\n\n### *Severity*:\nCritical\n\n### *Description*:\nAn integer overflow was found in Apache Subversion. By exploiting this vulnerability malicious authenticated users can cause denial of service or possibly execute arbitrary code. This vulnerability can be exploited remotely via a specially designed request.\n\n### *Affected products*:\nApache Subversion versions earlier than 1.8.15 \nApache Subversion 1.9 versions earlier than 1.9.3\n\n### *Solution*:\nUpdate to the latest version \n[Get Apache Subversion](<http://subversion.apache.org/packages.html>)\n\n### *Original advisories*:\n[Apache advisory](<http://subversion.apache.org/security/CVE-2015-5259-advisory.txt>) \n\n\n### *Impacts*:\nDoS \n\n### *Related products*:\n[Apache Subversion](<https://threats.kaspersky.com/en/product/Apache-Subversion/>)\n\n### *CVE-IDS*:\n[CVE-2015-5343](<https://vulners.com/cve/CVE-2015-5343>)8.0Critical", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 8.6, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 4.7}, "published": "2016-01-14T00:00:00", "type": "kaspersky", "title": "KLA10792 Denial of service vulnerability in Apache Subversion", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "COMPLETE", "integrityImpact": "PARTIAL", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 8.5, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-5259", "CVE-2015-5343"], "modified": "2020-06-03T00:00:00", "id": "KLA10792", "href": "https://threats.kaspersky.com/en/vulnerability/KLA10792/", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:C"}}], "slackware": [{"lastseen": "2023-06-03T14:53:55", "description": "New subversion packages are available for Slackware 14.0, 14.1, and -current to\nfix security issues.\n\n\nHere are the details from the Slackware 14.1 ChangeLog:\n\npatches/packages/subversion-1.7.22-i486-2_slack14.1.txz: Rebuilt.\n This update patches two security issues:\n CVE-2016-2167: svnserve/sasl may authenticate users using the wrong realm.\n CVE-2016-2168: Remotely triggerable DoS vulnerability in mod_authz_svn\n during COPY/MOVE authorization check.\n For more information, see:\n http://subversion.apache.org/security/CVE-2016-2167-advisory.txt\n http://subversion.apache.org/security/CVE-2016-2168-advisory.txt\n https://vulners.com/cve/CVE-2016-2167\n https://vulners.com/cve/CVE-2016-2168\n (* Security fix *)\n\nWhere to find the new packages:\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated package for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/subversion-1.7.22-i486-2_slack14.0.txz\n\nUpdated package for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/subversion-1.7.22-x86_64-2_slack14.0.txz\n\nUpdated package for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/subversion-1.7.22-i486-2_slack14.1.txz\n\nUpdated package for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/subversion-1.7.22-x86_64-2_slack14.1.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/d/subversion-1.9.4-i586-1.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/d/subversion-1.9.4-x86_64-1.txz\n\n\nMD5 signatures:\n\nSlackware 14.0 package:\n5f59cf151153f86cd61f2c2219a81f80 subversion-1.7.22-i486-2_slack14.0.txz\n\nSlackware x86_64 14.0 package:\n93712ed45e78c515c40162b85021278d subversion-1.7.22-x86_64-2_slack14.0.txz\n\nSlackware 14.1 package:\nb9e7c9e0cd91fc47e0e5e7ed858253b7 subversion-1.7.22-i486-2_slack14.1.txz\n\nSlackware x86_64 14.1 package:\naf62bdf7009eb35f99d44a9dfc2214cc subversion-1.7.22-x86_64-2_slack14.1.txz\n\nSlackware -current package:\n28b16d0ab7a43837bfce9f4c8d1b3d67 d/subversion-1.9.4-i586-1.txz\n\nSlackware x86_64 -current package:\n91c1f0d9733150b4ad7e51efd33c4634 d/subversion-1.9.4-x86_64-1.txz\n\n\nInstallation instructions:\n\nUpgrade the package as root:\n > upgradepkg subversion-1.7.22-i486-2_slack14.1.txz", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 6.8, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2016-04-30T20:34:18", "type": "slackware", "title": "[slackware-security] subversion", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.9, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2167", "CVE-2016-2168"], "modified": "2016-04-30T20:34:18", "id": "SSA-2016-121-01", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.417496", "cvss": {"score": 4.9, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:N"}}, {"lastseen": "2023-09-09T12:39:45", "description": "New subversion packages are available for Slackware 14.0, 14.1, and -current to\nfix security issues.\n\n\nHere are the details from the Slackware 14.1 ChangeLog:\n\npatches/packages/subversion-1.7.22-i486-1_slack14.1.txz: Upgraded.\n Subversion servers and clients are vulnerable to a remotely triggerable\n heap-based buffer overflow and out-of-bounds read that may allow remote\n attackers to cause a denial of service or possibly execute arbitrary code\n under the context of the targeted process.\n For more information, see:\n https://vulners.com/cve/CVE-2015-5343\n (* Security fix *)\n\nWhere to find the new packages:\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated package for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/subversion-1.7.22-i486-1_slack14.0.txz\n\nUpdated package for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/subversion-1.7.22-x86_64-1_slack14.0.txz\n\nUpdated package for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/subversion-1.7.22-i486-1_slack14.1.txz\n\nUpdated package for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/subversion-1.7.22-x86_64-1_slack14.1.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/d/subversion-1.9.3-i586-1.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/d/subversion-1.9.3-x86_64-1.txz\n\n\nMD5 signatures:\n\nSlackware 14.0 package:\n53279c2f041b612a6ca4335251077429 subversion-1.7.22-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 package:\nec95cc6199fac28e97d4da10c81aaaa7 subversion-1.7.22-x86_64-1_slack14.0.txz\n\nSlackware 14.1 package:\n3c45b34f17e5023c7ba10b59b36a68c9 subversion-1.7.22-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 package:\n91a71f907100aa8d2e341bdc670b7b40 subversion-1.7.22-x86_64-1_slack14.1.txz\n\nSlackware -current package:\n18ac4b37b203dc0a8bc1f6534c89d4e2 d/subversion-1.9.3-i586-1.txz\n\nSlackware x86_64 -current package:\n81ce97396cde969b5ffc2b6d1c8935e9 d/subversion-1.9.3-x86_64-1.txz\n\n\nInstallation instructions:\n\nUpgrade the package as root:\n > upgradepkg subversion-1.7.22-i486-1_slack14.1.txz", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "LOW", "baseScore": 7.6, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 4.7}, "published": "2016-04-06T05:07:52", "type": "slackware", "title": "[slackware-security] subversion", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "COMPLETE", "integrityImpact": "PARTIAL", "baseScore": 8.0, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 8.5, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-5343"], "modified": "2016-04-06T05:07:52", "id": "SSA-2016-097-01", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.405261", "cvss": {"score": 8.0, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:C"}}], "ubuntu": [{"lastseen": "2023-07-25T00:59:06", "description": "## Releases\n\n * Ubuntu 17.04 \n * Ubuntu 16.04 ESM\n * Ubuntu 14.04 ESM\n\n## Packages\n\n * subversion \\- Advanced version control system\n\nJoern Schneeweisz discovered that Subversion did not properly handle \nhost names in 'svn+ssh://' URLs. A remote attacker could use this \nto construct a subversion repository that when accessed could run \narbitrary code with the privileges of the user. (CVE-2017-9800)\n\nDaniel Shahaf and James McCoy discovered that Subversion did not \nproperly verify realms when using Cyrus SASL authentication. A \nremote attacker could use this to possibly bypass intended access \nrestrictions. This issue only affected Ubuntu 14.04 LTS and Ubuntu \n16.04 LTS. (CVE-2016-2167)\n\nFlorian Weimer discovered that Subversion clients did not properly \nrestrict XML entity expansion when accessing http(s):// URLs. A remote \nattacker could use this to cause a denial of service. This issue only \naffected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2016-8734)\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-08-11T00:00:00", "type": "ubuntu", "title": "Subversion vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2167", "CVE-2016-8734", "CVE-2017-9800"], "modified": "2017-08-11T00:00:00", "id": "USN-3388-1", "href": "https://ubuntu.com/security/notices/USN-3388-1", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-05T15:37:08", "description": "## Releases\n\n * Ubuntu 12.04 \n\n## Packages\n\n * subversion \\- Advanced version control system\n\nUSN-3388-1 fixed several vulnerabilities in Subversion. This update \nprovides the corresponding update for Ubuntu 12.04 ESM.\n\nIvan Zhakov discovered that Subversion did not properly handle \nsome requests. A remote attacker could use this to cause a \ndenial of service. (CVE-2016-2168)\n\nOriginal advisory details:\n\nJoern Schneeweisz discovered that Subversion did not properly handle \nhost names in 'svn+ssh://' URLs. A remote attacker could use this \nto construct a subversion repository that when accessed could run \narbitrary code with the privileges of the user. (CVE-2017-9800)\n\nDaniel Shahaf and James McCoy discovered that Subversion did not \nproperly verify realms when using Cyrus SASL authentication. A \nremote attacker could use this to possibly bypass intended access \nrestrictions. (CVE-2016-2167)\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-10-24T00:00:00", "type": "ubuntu", "title": "Subversion vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2167", "CVE-2016-2168", "CVE-2017-9800"], "modified": "2017-10-24T00:00:00", "id": "USN-3388-2", "href": "https://ubuntu.com/security/notices/USN-3388-2", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-09-18T08:31:53", "description": "## Releases\n\n * Ubuntu 14.04 ESM\n * Ubuntu 12.04 \n\n## Packages\n\n * serf \\- high-performance asynchronous HTTP client library\n\nBen Reser discovered that serf did not correctly handle SSL certificates \nwith NUL bytes in the CommonName or SubjectAltNames fields. A remote \nattacker could exploit this to perform a machine-in-the-middle attack to view \nsensitive information or alter encrypted communications.\n", "cvss3": {}, "published": "2014-08-14T00:00:00", "type": "ubuntu", "title": "serf vulnerability", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.0, "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3504"], "modified": "2014-08-14T00:00:00", "id": "USN-2315-1", "href": "https://ubuntu.com/security/notices/USN-2315-1", "cvss": {"score": 4.0, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-07-16T17:44:44", "description": "## Releases\n\n * Ubuntu 12.04 \n\n## Packages\n\n * subversion \\- Advanced version control system\n\nUSN-4082-1 fixed several vulnerabilities in Subversion. This update provides \nthe corresponding update for Ubuntu 12.04 ESM.\n\nOriginal advisory details:\n\nAce Olszowka discovered that Subversion incorrectly handled certain \nsvnserve requests. A remote attacker could possibly use this issue to \ncause svnserver to crash, resulting in a denial of service. \n(CVE-2018-11782)\n\nTomas Bortoli discovered that Subversion incorrectly handled certain \nsvnserve requests. A remote attacker could possibly use this issue to \ncause svnserver to crash, resulting in a denial of service. (CVE-2019-0203)\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-07-31T00:00:00", "type": "ubuntu", "title": "Subversion vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-11782", "CVE-2019-0203"], "modified": "2019-07-31T00:00:00", "id": "USN-4082-2", "href": "https://ubuntu.com/security/notices/USN-4082-2", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-07-16T17:44:50", "description": "## Releases\n\n * Ubuntu 16.04 ESM\n\n## Packages\n\n * subversion \\- Advanced version control system\n\nAce Olszowka discovered that Subversion incorrectly handled certain \nsvnserve requests. A remote attacker could possibly use this issue to \ncause svnserver to crash, resulting in a denial of service. \n(CVE-2018-11782)\n\nTomas Bortoli discovered that Subversion incorrectly handled certain \nsvnserve requests. A remote attacker could possibly use this issue to \ncause svnserver to crash, resulting in a denial of service. (CVE-2019-0203)\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-07-31T00:00:00", "type": "ubuntu", "title": "Subversion vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-11782", "CVE-2019-0203"], "modified": "2019-07-31T00:00:00", "id": "USN-4082-1", "href": "https://ubuntu.com/security/notices/USN-4082-1", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-09-18T08:32:15", "description": "## Releases\n\n * Ubuntu 14.04 ESM\n * Ubuntu 12.04 \n\n## Packages\n\n * subversion \\- Advanced version control system\n\nLieven Govaerts discovered that the Subversion mod_dav_svn module \nincorrectly handled certain request methods when SVNListParentPath was \nenabled. A remote attacker could use this issue to cause the server to \ncrash, resulting in a denial of service. This issue only affected Ubuntu \n12.04 LTS. (CVE-2014-0032)\n\nBen Reser discovered that Subversion did not correctly validate SSL \ncertificates containing wildcards. A remote attacker could exploit this to \nperform a machine-in-the-middle attack to view sensitive information or alter \nencrypted communications. (CVE-2014-3522)\n\nBert Huijben discovered that Subversion did not properly handle cached \ncredentials. A malicious server could possibly use this issue to obtain \ncredentials cached for a different server. (CVE-2014-3528)\n", "cvss3": {}, "published": "2014-08-14T00:00:00", "type": "ubuntu", "title": "Subversion vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-0032", "CVE-2014-3522", "CVE-2014-3528"], "modified": "2014-08-14T00:00:00", "id": "USN-2316-1", "href": "https://ubuntu.com/security/notices/USN-2316-1", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}], "cloudfoundry": [{"lastseen": "2023-06-05T20:31:01", "description": "# \n\n# Severity\n\nMedium\n\n# Vendor\n\nCanonical Ubuntu\n\n# Versions Affected\n\n * Canonical Ubuntu 14.04\n\n# Description\n\nJoern Schneeweisz discovered that Subversion did not properly handle host names in \u2018svn+ssh://\u2019 URLs. A remote attacker could use this to construct a subversion repository that when accessed could run arbitrary code with the privileges of the user. ([CVE-2017-9800](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-9800>))\n\nDaniel Shahaf and James McCoy discovered that Subversion did not properly verify realms when using Cyrus SASL authentication. A remote attacker could use this to possibly bypass intended access restrictions. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. ([CVE-2016-2167](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-2167>))\n\nFlorian Weimer discovered that Subversion clients did not properly restrict XML entity expansion when accessing http(s):// URLs. A remote attacker could use this to cause a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. ([CVE-2016-8734](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-8734>))\n\n# Affected Cloud Foundry Products and Versions\n\n_Severity is medium unless otherwise noted._\n\n * All versions of Cloud Foundry cflinuxfs2 prior to 1.147.0\n\n# Mitigation\n\nOSS users are strongly encouraged to follow one of the mitigations below:\n\n * The Cloud Foundry project recommends that Cloud Foundry deployments run with cflinuxfs2 version 1.147.0 or later.\n\n# References\n\n * [USN-3388-1](<http://www.ubuntu.com/usn/usn-3388-1/>)\n * [CVE-2017-9800](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-9800>)\n * [CVE-2016-2167](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-2167>)\n * [CVE-2016-8734](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-8734>)\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-08-17T00:00:00", "type": "cloudfoundry", "title": "USN-3388-1: Subversion vulnerabilities | Cloud Foundry", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2167", "CVE-2016-8734", "CVE-2017-9800"], "modified": "2017-08-17T00:00:00", "id": "CFOUNDRY:D21D51A50EB896BB75DB194B9CF9D65F", "href": "https://www.cloudfoundry.org/blog/usn-3388-1/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "suse": [{"lastseen": "2017-08-17T17:07:39", "description": "This update for subversion fixes the following issues:\n\n\n - CVE-2017-9800: A malicious, compromised server or MITM may cause svn\n client to execute arbitrary commands by sending repository content with\n svn:externals definitions pointing to crafted svn+ssh URLs. (bsc#1051362)\n\n - Malicious user may commit SHA-1 collisions and cause repository\n inconsistencies (bsc#1026936)\n\n - CVE-2016-8734: Unrestricted XML entity expansion in mod_dontdothat and\n Subversion clients using http(s):// could lead to denial of service\n (bsc#1011552)\n\n - CVE-2016-2167: svnserve/sasl may authenticate users using the wrong\n realm (bsc#976849)\n\n - CVE-2016-2168: Remotely triggerable DoS vulnerability in mod_authz_svn\n during COPY/MOVE authorization check (bsc#976850)\n\n - mod_authz_svn: fix authz with mod_auth_kerb/mod_auth_ntlm (bsc#977424)\n\n - make the subversion package conflict with KWallet and Gnome Keyring\n packages with do not require matching subversion versions in SLE 12 and\n openSUSE Leap 42.1 and thus break the main package upon partial upgrade.\n (bsc#969159)\n\n - CVE-2015-5343: Remotely triggerable heap overflow and out-of-bounds read\n in mod_dav_svn caused by integer overflow when parsing skel-encoded\n request bodies. (bsc#958300)\n\n - Avoid recommending 180+ new pkgs for installation on minimal setup due\n subversion-password-store (bsc#942819)\n\n - CVE-2015-3184: mod_authz_svn: mixed anonymous/authenticated httpd (dav)\n configurations could lead to information leak (bsc#939514)\n\n - CVE-2015-3187: do not leak paths that were hidden by path-based authz\n (bsc#939517)\n\n - CVE-2015-0202: Subversion HTTP servers with FSFS repositories were\n vulnerable to a remotely triggerable excessive memory use with certain\n REPORT requests. (bsc#923793)\n\n - CVE-2015-0248: Subversion mod_dav_svn and svnserve were vulnerable to a\n remotely triggerable assertion DoS vulnerability for certain requests\n with dynamically evaluated revision numbers. (bsc#923794)\n\n - CVE-2015-0251: Subversion HTTP servers allow spoofing svn:author\n property values for new revisions (bsc#923795)\n\n - fix sample configuration comments in subversion.conf (bsc#916286)\n\n - fix sysconfig file generation (bsc#911620)\n\n - CVE-2014-3580: mod_dav_svn invalid REPORT requests could lead to denial\n of service (bsc#909935)\n\n - CVE-2014-8108: mod_dav_svn use of invalid transaction names could lead\n to denial of service (bsc#909935)\n\n - INSTALL#SQLite says 'Subversion 1.8 requires SQLite version 3.7.12 or\n above'; therefore I lowered the sqlite requirement to make the\n subversion run on\n older system versions, tooi. [bsc#897033]\n\n", "cvss3": {}, "published": "2017-08-17T12:10:12", "type": "suse", "title": "Security update for subversion (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2016-2168", "CVE-2015-0248", "CVE-2015-3187", "CVE-2015-0251", "CVE-2015-0202", "CVE-2016-2167", "CVE-2015-5343", "CVE-2016-8734", "CVE-2017-9800", "CVE-2015-3184", "CVE-2014-3580", "CVE-2014-8108"], "modified": "2017-08-17T12:10:12", "id": "SUSE-SU-2017:2200-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2017-08/msg00055.html", "cvss": {"score": 8.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:COMPLETE/"}}, {"lastseen": "2017-08-14T21:07:34", "description": "This update for subversion fixes the following issue:\n\n - CVE-2016-8734: Unrestricted XML entity expansion in mod_dontdothat and\n Subversion clients using http(s):// (bsc#1011552).\n\n - CVE-2017-9800: client code execution via argument injection in SSH URL\n (bnc#1051362)\n\n", "cvss3": {}, "published": "2017-08-14T18:08:39", "type": "suse", "title": "Security update for subversion (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2016-8734", "CVE-2017-9800"], "modified": "2017-08-14T18:08:39", "id": "SUSE-SU-2017:2163-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2017-08/msg00045.html", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-04-18T12:41:49", "description": "An update that fixes two vulnerabilities is now available.\n\nDescription:\n\n This update for subversion to version 1.10.6 fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2018-11782: Fixed a remote denial of service in svnserve\n 'get-deleted-rev' (bsc#1142743).\n - CVE-2019-0203: Fixed a remote, unauthenticated denial of service in\n svnserve (bsc#1142721).\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.1:\n\n zypper in -t patch openSUSE-2019-1910=1\n\n - openSUSE Leap 15.0:\n\n zypper in -t patch openSUSE-2019-1910=1", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-08-15T00:00:00", "type": "suse", "title
Advisory ROSA-SA-2021-1979
