Gentoo Local Security Checks : Gentoo Security Advisory GLSA 200405-14 (subversion)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.54574

Categoría: Gentoo Local Security Checks

Título: Gentoo Security Advisory GLSA 200405-14 (subversion)

Resumen: The remote host is missing updates announced in;advisory GLSA 200405-14.

Descripción: Summary:
The remote host is missing updates announced in
advisory GLSA 200405-14.

Vulnerability Insight:
There is a vulnerability in the Subversion date parsing code which may lead
to denial of service attacks, or execution of arbitrary code. Both the
client and server are vulnerable.

Solution:
All Subversion users should upgrade to the latest stable version:

# emerge sync

# emerge -pv '>=dev-util/subversion-1.0.3'
# emerge '>=dev-util/subversion-1.0.3'

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2004-0397
BugTraq ID: 10386
http://www.securityfocus.com/bid/10386
Bugtraq: 20040519 Advisory 08/2004: Subversion remote vulnerability (Google Search)
http://marc.info/?l=bugtraq&m=108498676517697&w=2
Bugtraq: 20040519 [OpenPKG-SA-2004.023] OpenPKG Security Advisory (subversion) (Google Search)
http://www.securityfocus.com/archive/1/363814
http://www.linuxsecurity.com/advisories/fedora_advisory-4373.html
https://bugzilla.fedora.us/show_bug.cgi?id=1748
http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021737.html
http://www.gentoo.org/security/en/glsa/glsa-200405-14.xml
http://security.e-matters.de/advisories/082004.html
http://www.osvdb.org/6301
http://secunia.com/advisories/11642
http://secunia.com/advisories/11675
XForce ISS Database: subversion-date-parsing-command-execution(16191)
https://exchange.xforce.ibmcloud.com/vulnerabilities/16191

Copyright Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.54574
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 200405-14 (subversion)
Resumen:	The remote host is missing updates announced in;advisory GLSA 200405-14.
Descripción:	Summary: The remote host is missing updates announced in advisory GLSA 200405-14. Vulnerability Insight: There is a vulnerability in the Subversion date parsing code which may lead to denial of service attacks, or execution of arbitrary code. Both the client and server are vulnerable. Solution: All Subversion users should upgrade to the latest stable version: # emerge sync # emerge -pv '>=dev-util/subversion-1.0.3' # emerge '>=dev-util/subversion-1.0.3' CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2004-0397 BugTraq ID: 10386 http://www.securityfocus.com/bid/10386 Bugtraq: 20040519 Advisory 08/2004: Subversion remote vulnerability (Google Search) http://marc.info/?l=bugtraq&m=108498676517697&w=2 Bugtraq: 20040519 [OpenPKG-SA-2004.023] OpenPKG Security Advisory (subversion) (Google Search) http://www.securityfocus.com/archive/1/363814 http://www.linuxsecurity.com/advisories/fedora_advisory-4373.html https://bugzilla.fedora.us/show_bug.cgi?id=1748 http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021737.html http://www.gentoo.org/security/en/glsa/glsa-200405-14.xml http://security.e-matters.de/advisories/082004.html http://www.osvdb.org/6301 http://secunia.com/advisories/11642 http://secunia.com/advisories/11675 XForce ISS Database: subversion-date-parsing-command-execution(16191) https://exchange.xforce.ibmcloud.com/vulnerabilities/16191
Copyright	Copyright (C) 2008 E-Soft Inc.