oval:org.mitre.oval:def:11774

Definition Id: oval:org.mitre.oval:def:11774

Oval ID:	oval:org.mitre.oval:def:11774
Title:	DSA-2118-1 subversion -- logic flaw
Description:	Kamesh Jayachandran and C. Michael Pilat discovered that the mod_dav_svn module of subversion, a version control system, is not properly enforcing access rules which are scope-limited to named repositories. If the SVNPathAuthz option is set to "short_circuit" set this may enable an unprivileged attacker to bypass intended access restrictions and disclose or modify repository content. As a workaround it is also possible to set SVNPathAuthz to "on" but be advised that this can result in a performance decrease for large repositories. For the stable distribution, this problem has been fixed in version 1.5.1dfsg1-5. For the testing distribution, this problem has been fixed in version 1.6.12dfsg-2. For the unstable distribution, this problem has been fixed in version 1.6.12dfsg-2. We recommend that you upgrade your samba packages.
Family:	unix	Class:	patch
Reference(s):	DSA-2118-1 CVE-2010-3315	Version:	5
Platform(s):	Debian GNU/Linux 5.0	Product(s):	subversion
Definition Synopsis:
Debian GNU/Linux 5.0 is installed Architecture section Architecture independet section Installed architecture is all AND Packages section subversion-tools DPKG is earlier than 1.5.1dfsg1-5 AND libsvn-doc DPKG is earlier than 1.5.1dfsg1-5 AND libsvn-ruby DPKG is earlier than 1.5.1dfsg1-5 AND libsvn-dev DPKG is earlier than 1.5.1dfsg1-5 AND libapache2-svn DPKG is earlier than 1.5.1dfsg1-5 AND libsvn-ruby1.8 DPKG is earlier than 1.5.1dfsg1-5 AND python-subversion DPKG is earlier than 1.5.1dfsg1-5 AND libsvn1 DPKG is earlier than 1.5.1dfsg1-5 AND subversion DPKG is earlier than 1.5.1dfsg1-5 AND libsvn-perl DPKG is earlier than 1.5.1dfsg1-5 OR Architecture depended section Supported architectures section Installed architecture is s390 AND Installed architecture is amd64 AND Installed architecture is i386 AND Installed architecture is powerpc AND Installed architecture is sparc AND Installed architecture is armel AND Installed architecture is ia64 AND libsvn-java DPKG is earlier than 1.5.1dfsg1-5

Definition Id: oval:org.mitre.oval:def:6513

Oval ID:	oval:org.mitre.oval:def:6513
Title:	Debian GNU/Linux 5.0 is installed
Description:	Debian GNU/Linux 5.0 (lenny) is installed
Family:	unix	Class:	inventory
Reference(s):	cpe:/o:debian:debian_gnu/linux:5.0	Version:	7
Platform(s):	Debian GNU/Linux 5.0	Product(s):
Definition Synopsis:
Debian GNU/Linux 5.0 is installed
Referenced By:
oval:org.mitre.oval:def:11774

Copyright Security-Database 2006-2024 - Powered by themself ;) in 0.0389s

Facebook rss twitter linkedin mail