Executive Summary
Summary | |
---|---|
Title | Subversion vulnerabilities |
Informations | |||
---|---|---|---|
Name | USN-1053-1 | First vendor Publication | 2011-02-01 |
Vendor | Ubuntu | Last vendor Modification | 2011-02-01 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:S/C:N/I:N/A:C) | |||
---|---|---|---|
Cvss Base Score | 6.8 | Attack Range | Network |
Cvss Impact Score | 6.9 | Attack Complexity | Low |
Cvss Expoit Score | 8 | Authentication | Requires single instance |
Calculate full CVSS 2.0 Vectors scores |
Detail
A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 8.04 LTS Ubuntu 9.10 Ubuntu 10.04 LTS Ubuntu 10.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: Ubuntu 8.04 LTS: Ubuntu 9.10: Ubuntu 10.04 LTS: Ubuntu 10.10: After a standard system update you need to restart any applications that use Subversion, such as Apache when using mod_dav_svn, to make all the necessary changes. Details follow: It was discovered that Subversion incorrectly handled certain 'partial access' privileges in rare scenarios. Remote authenticated users could use this flaw to obtain sensitive information (revision properties). This issue only applied to Ubuntu 6.06 LTS. (CVE-2007-2448) It was discovered that the Subversion mod_dav_svn module for Apache did not properly handle a named repository as a rule scope. Remote authenticated users could use this flaw to bypass intended restrictions. This issue only applied to Ubuntu 9.10, 10.04 LTS, and 10.10. (CVE-2010-3315) It was discovered that the Subversion mod_dav_svn module for Apache incorrectly handled the walk function. Remote authenticated users could use this flaw to cause the service to crash, leading to a denial of service. (CVE-2010-4539) It was discovered that Subversion incorrectly handled certain memory operations. Remote authenticated users could use this flaw to consume large quantities of memory and cause the service to crash, leading to a denial of service. This issue only applied to Ubuntu 9.10, 10.04 LTS, and 10.10. (CVE-2010-4644) |
Original Source
Url : http://www.ubuntu.com/usn/USN-1053-1 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
67 % | CWE-399 | Resource Management Errors |
33 % | CWE-16 | Configuration |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:11774 | |||
Oval ID: | oval:org.mitre.oval:def:11774 | ||
Title: | DSA-2118-1 subversion -- logic flaw | ||
Description: | Kamesh Jayachandran and C. Michael Pilat discovered that the mod_dav_svn module of subversion, a version control system, is not properly enforcing access rules which are scope-limited to named repositories. If the SVNPathAuthz option is set to "short_circuit" set this may enable an unprivileged attacker to bypass intended access restrictions and disclose or modify repository content. As a workaround it is also possible to set SVNPathAuthz to "on" but be advised that this can result in a performance decrease for large repositories. For the stable distribution, this problem has been fixed in version 1.5.1dfsg1-5. For the testing distribution, this problem has been fixed in version 1.6.12dfsg-2. For the unstable distribution, this problem has been fixed in version 1.6.12dfsg-2. We recommend that you upgrade your samba packages. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2118-1 CVE-2010-3315 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 | Product(s): | subversion |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19007 | |||
Oval ID: | oval:org.mitre.oval:def:19007 | ||
Title: | Apache Subversion vulnerability 1.5.x before 1.5.8 and 1.6.x before 1.6.13 in VisualSVN Server (CVE-2010-3315) | ||
Description: | authz.c in the mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x before 1.5.8 and 1.6.x before 1.6.13, when SVNPathAuthz short_circuit is enabled, does not properly handle a named repository as a rule scope, which allows remote authenticated users to bypass intended access restrictions via svn commands. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-3315 | Version: | 5 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | VisualSVN Server |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21915 | |||
Oval ID: | oval:org.mitre.oval:def:21915 | ||
Title: | RHSA-2011:0257: subversion security update (Moderate) | ||
Description: | Multiple memory leaks in rev_hunt.c in Apache Subversion before 1.6.15 allow remote authenticated users to cause a denial of service (memory consumption and daemon crash) via the -g option to the blame command. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2011:0257-01 CESA-2011:0257 CVE-2010-4539 CVE-2010-4644 | Version: | 29 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | subversion |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23029 | |||
Oval ID: | oval:org.mitre.oval:def:23029 | ||
Title: | ELSA-2011:0257: subversion security update (Moderate) | ||
Description: | Multiple memory leaks in rev_hunt.c in Apache Subversion before 1.6.15 allow remote authenticated users to cause a denial of service (memory consumption and daemon crash) via the -g option to the blame command. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2011:0257-01 CVE-2010-4539 CVE-2010-4644 | Version: | 13 |
Platform(s): | Oracle Linux 5 | Product(s): | subversion |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27213 | |||
Oval ID: | oval:org.mitre.oval:def:27213 | ||
Title: | DEPRECATED: ELSA-2011-0257 -- subversion security update (moderate) | ||
Description: | [1.6.11-7.1] - add security fixes for CVE-2010-4644, CVE-2010-4539 (#672676) | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2011-0257 CVE-2010-4539 CVE-2010-4644 | Version: | 4 |
Platform(s): | Oracle Linux 5 | Product(s): | subversion |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2012-07-30 | Name : CentOS Update for mod_dav_svn CESA-2011:0257 centos5 x86_64 File : nvt/gb_CESA-2011_0257_mod_dav_svn_centos5_x86_64.nasl |
2012-06-05 | Name : RedHat Update for subversion RHSA-2011:0258-01 File : nvt/gb_RHSA-2011_0258-01_subversion.nasl |
2011-08-26 | Name : Mac OS X v10.6.6 Multiple Vulnerabilities (2011-001) File : nvt/secpod_macosx_su11-001.nasl |
2011-08-09 | Name : CentOS Update for mod_dav_svn CESA-2011:0257 centos5 i386 File : nvt/gb_CESA-2011_0257_mod_dav_svn_centos5_i386.nasl |
2011-02-18 | Name : RedHat Update for subversion RHSA-2011:0257-01 File : nvt/gb_RHSA-2011_0257-01_subversion.nasl |
2011-02-04 | Name : Ubuntu Update for subversion vulnerabilities USN-1053-1 File : nvt/gb_ubuntu_USN_1053_1.nasl |
2011-01-24 | Name : FreeBSD Ports: subversion File : nvt/freebsd_subversion2.nasl |
2011-01-21 | Name : Fedora Update for subversion FEDORA-2011-0099 File : nvt/gb_fedora_2011_0099_subversion_fc14.nasl |
2011-01-21 | Name : Mandriva Update for subversion MDVSA-2011:006 (subversion) File : nvt/gb_mandriva_MDVSA_2011_006.nasl |
2010-12-02 | Name : Fedora Update for subversion FEDORA-2010-16148 File : nvt/gb_fedora_2010_16148_subversion_fc14.nasl |
2010-11-17 | Name : Debian Security Advisory DSA 2118-1 (subversion) File : nvt/deb_2118_1.nasl |
2010-11-04 | Name : Fedora Update for subversion FEDORA-2010-16115 File : nvt/gb_fedora_2010_16115_subversion_fc12.nasl |
2010-11-04 | Name : Fedora Update for subversion FEDORA-2010-16136 File : nvt/gb_fedora_2010_16136_subversion_fc13.nasl |
2010-10-19 | Name : Mandriva Update for subversion MDVSA-2010:199 (subversion) File : nvt/gb_mandriva_MDVSA_2010_199.nasl |
2009-02-27 | Name : Fedora Update for subversion FEDORA-2007-2635 File : nvt/gb_fedora_2007_2635_subversion_fc7.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
70333 | Apache Subversion rev_hunt.c blame Command Multiple Memory Leak Remote DoS Apache Subversion contains a flaw that may allow a remote denial of service. The issue is triggered when multiple memory leaks in 'rev_hunt.c' occur, allowing a remote authenticated attacker to cause a denial of service by memory consumption via the -g option to the blame command. |
70332 | Apache Subversion Apache HTTP Server mod_dav_svn repos.c walk FunctionSVNPare... Apache Subversion contains a flaw that may allow a remote denial of service. The issue is triggered when the 'walk' function in 'repos.c' in the 'mod_dav_svn' module allows a remote, authenticated attacker to cause a NULL pointer dereference denial of service via vectors that trigger the walking of SVNParentPath collections. |
68328 | Subversion mod_dav_svn Module authz.c svn Command Access Restriction Bypass Subversion contains a flaw related to 'authz.c' in the 'mod_dav_svn' module. The issue is triggered when SVNPathAuthz short_circuit is enabled and fails to properly handle a named repository as a rule scope. This may allow a remote authenticated attacker to use svn commands to bypass intended access restrictions and gain access to a restricted part of the repository. |
36070 | Subversion (SVN) partial access Privilege Remote Information Disclosure Subversion (SVN) contains a flaw that may allow a remote attacker to gain access to sensitive information. The issue is due to the "partial access" privilege not being implemented correctly. This allows remote authenticated users to obtain sensitive information such as revision properties via the "svn propget", "svn proplist" and "svn propedit" commands. |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_libsvn_auth_gnome_keyring-1-0-110119.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_libsvn_auth_gnome_keyring-1-0-101029.nasl - Type : ACT_GATHER_INFO |
2013-09-24 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201309-11.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0257.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0258.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110215_subversion_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110215_subversion_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2011-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_libsvn_auth_gnome_keyring-1-0-110119.nasl - Type : ACT_GATHER_INFO |
2011-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_libsvn_auth_gnome_keyring-1-0-101029.nasl - Type : ACT_GATHER_INFO |
2011-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_libsvn_auth_gnome_keyring-1-0-101028.nasl - Type : ACT_GATHER_INFO |
2011-04-15 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2011-0257.nasl - Type : ACT_GATHER_INFO |
2011-03-22 | Name : The remote host is missing a Mac OS X update that fixes several security issues. File : macosx_10_6_7.nasl - Type : ACT_GATHER_INFO |
2011-03-01 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_cvs2svn-7319.nasl - Type : ACT_GATHER_INFO |
2011-02-16 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0257.nasl - Type : ACT_GATHER_INFO |
2011-02-16 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0258.nasl - Type : ACT_GATHER_INFO |
2011-02-02 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1053-1.nasl - Type : ACT_GATHER_INFO |
2011-01-28 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2011-006.nasl - Type : ACT_GATHER_INFO |
2011-01-19 | Name : The remote Fedora host is missing a security update. File : fedora_2011-0099.nasl - Type : ACT_GATHER_INFO |
2011-01-14 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_716120991e9311e0a587001b77d09812.nasl - Type : ACT_GATHER_INFO |
2010-10-29 | Name : The remote Fedora host is missing a security update. File : fedora_2010-16115.nasl - Type : ACT_GATHER_INFO |
2010-10-29 | Name : The remote Fedora host is missing a security update. File : fedora_2010-16136.nasl - Type : ACT_GATHER_INFO |
2010-10-29 | Name : The remote Fedora host is missing a security update. File : fedora_2010-16148.nasl - Type : ACT_GATHER_INFO |
2010-10-14 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-199.nasl - Type : ACT_GATHER_INFO |
2010-10-11 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2118.nasl - Type : ACT_GATHER_INFO |
2007-11-06 | Name : The remote Fedora host is missing a security update. File : fedora_2007-2635.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:58:15 |
|