Test Kennung:	1.3.6.1.4.1.25623.1.0.68819
Kategorie:	FreeBSD Local Security Checks
Titel:	FreeBSD Ports: subversion
Zusammenfassung:	The remote host is missing an update to the system; as announced in the referenced advisory.
Beschreibung:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following packages are affected: subversion subversion-freebsd CVE-2010-4539 The walk function in repos.c in the mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.15, allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via vectors that trigger the walking of SVNParentPath collections. CVE-2010-4644 Multiple memory leaks in rev_hunt.c in Apache Subversion before 1.6.15 allow remote authenticated users to cause a denial of service (memory consumption and daemon crash) via the -g option to the blame command. Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 6.8 CVSS Vector: AV:N/AC:L/Au:S/C:N/I:N/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2010-4539 1024934 http://www.securitytracker.com/id?1024934 42780 http://secunia.com/advisories/42780 42969 http://secunia.com/advisories/42969 43115 http://secunia.com/advisories/43115 43139 http://secunia.com/advisories/43139 43346 http://secunia.com/advisories/43346 45655 http://www.securityfocus.com/bid/45655 ADV-2011-0015 http://www.vupen.com/english/advisories/2011/0015 ADV-2011-0103 http://www.vupen.com/english/advisories/2011/0103 ADV-2011-0162 http://www.vupen.com/english/advisories/2011/0162 ADV-2011-0264 http://www.vupen.com/english/advisories/2011/0264 FEDORA-2011-0099 http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053230.html MDVSA-2011:006 http://www.mandriva.com/security/advisories?name=MDVSA-2011:006 RHSA-2011:0257 http://www.redhat.com/support/errata/RHSA-2011-0257.html RHSA-2011:0258 http://www.redhat.com/support/errata/RHSA-2011-0258.html SUSE-SR:2011:005 http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html USN-1053-1 http://www.ubuntu.com/usn/USN-1053-1 [oss-security] 20110102 CVE request for subversion http://openwall.com/lists/oss-security/2011/01/02/1 [oss-security] 20110103 Re: CVE request for subversion http://openwall.com/lists/oss-security/2011/01/03/9 [oss-security] 20110104 Re: CVE request for subversion http://openwall.com/lists/oss-security/2011/01/04/10 http://openwall.com/lists/oss-security/2011/01/04/8 [oss-security] 20110105 Re: CVE request for subversion http://openwall.com/lists/oss-security/2011/01/05/4 [subversion-users] 20101104 apache coredump in mod_dav_svn http://mail-archives.apache.org/mod_mbox/subversion-users/201011.mbox/%3C3923B919-C2BE-41AD-84ED-7207837FAD1A%40ncsa.illinois.edu%3E [www-announce] 20101124 Apache Subversion 1.6.15 Released http://mail-archives.apache.org/mod_mbox/www-announce/201011.mbox/%3CAANLkTi=5+NOi-Cp=fKCx6mAW-TofFVW=ikEQkXgQB8Bt%40mail.gmail.com%3E http://svn.apache.org/repos/asf/subversion/tags/1.6.15/CHANGES http://svn.apache.org/viewvc?view=revision&revision=1033166 https://bugzilla.redhat.com/show_bug.cgi?id=667407 subversion-walk-dos(64472) https://exchange.xforce.ibmcloud.com/vulnerabilities/64472 Common Vulnerability Exposure (CVE) ID: CVE-2010-4644 1024935 http://www.securitytracker.com/id?1024935 [dev] 20101104 "svn blame -g" causing svnserve to hang & mem usage to hit 2GB http://svn.haxx.se/dev/archive-2010-11/0102.shtml [subversion-users] 20101104 svnserve.exe (Win32) using 2GB of memory and then crashing? http://mail-archives.apache.org/mod_mbox/subversion-users/201011.mbox/%3C4CD33B61.7030203%40thepond.com%3E http://svn.apache.org/viewvc?view=revision&revision=1032808 subversion-blameg-dos(64473) https://exchange.xforce.ibmcloud.com/vulnerabilities/64473
Copyright	Copyright (C) 2011 E-Soft Inc.

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.