Búsqueda de    
Vulnerabilidad   
    Buscar 219043 Descripciones CVE y
99761 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.831366
Categoría:Mandrake Local Security Checks
Título:Mandriva Update for subversion MDVSA-2011:067 (subversion)
Resumen:The remote host is missing an update for the 'subversion'; package(s) announced via the referenced advisory.
Descripción:Summary:
The remote host is missing an update for the 'subversion'
package(s) announced via the referenced advisory.

Vulnerability Insight:
A vulnerability was discovered and corrected in subversion:

The mod_dav_svn module for the Apache HTTP Server, as distributed in
Apache Subversion before 1.6.16, allows remote attackers to cause a
denial of service (NULL pointer dereference and daemon crash) via a
request that contains a lock token (CVE-2011-0715).

Additionally for Corporate Server 4 and Enterprise Server 5 subversion
have been upgraded to the 1.6.16 version due to of numerous upstream
fixes and new features, the serf packages has also been upgraded to
the now required 0.3.0 version.

Packages for 2009.0 are provided as of the Extended Maintenance
Program. The updated packages have been upgraded to the 1.6.16 version which
is not vulnerable to this issue.

Affected Software/OS:
subversion on Mandriva Linux 2009.0,
Mandriva Linux 2009.0/X86_64,
Mandriva Linux 2010.0,
Mandriva Linux 2010.0/X86_64,
Mandriva Linux 2010.1,
Mandriva Linux 2010.1/X86_64,
Mandriva Enterprise Server 5,
Mandriva Enterprise Server 5/X86_64

Solution:
Please Install the Updated Packages.

CVSS Score:
4.3

CVSS Vector:
AV:N/AC:M/Au:N/C:N/I:N/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2011-0715
http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html
BugTraq ID: 46734
http://www.securityfocus.com/bid/46734
Debian Security Information: DSA-2181 (Google Search)
http://www.debian.org/security/2011/dsa-2181
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056071.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056072.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056736.html
http://www.mandriva.com/security/advisories?name=MDVSA-2011:067
http://svn.haxx.se/dev/archive-2011-03/0122.shtml
http://www.osvdb.org/70964
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18967
RedHat Security Advisories: RHSA-2011:0327
https://rhn.redhat.com/errata/RHSA-2011-0327.html
RedHat Security Advisories: RHSA-2011:0328
https://rhn.redhat.com/errata/RHSA-2011-0328.html
http://securitytracker.com/id?1025161
http://secunia.com/advisories/43583
http://secunia.com/advisories/43603
http://secunia.com/advisories/43672
http://secunia.com/advisories/43794
http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.479953
SuSE Security Announcement: SUSE-SR:2011:005 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html
http://www.ubuntu.com/usn/USN-1096-1
http://www.vupen.com/english/advisories/2011/0567
http://www.vupen.com/english/advisories/2011/0568
http://www.vupen.com/english/advisories/2011/0624
http://www.vupen.com/english/advisories/2011/0660
http://www.vupen.com/english/advisories/2011/0684
http://www.vupen.com/english/advisories/2011/0776
http://www.vupen.com/english/advisories/2011/0885
XForce ISS Database: subversion-moddavsvn-dos(65876)
https://exchange.xforce.ibmcloud.com/vulnerabilities/65876
CopyrightCopyright (c) 2011 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.




© 1998-2024 E-Soft Inc. Todos los derechos reservados.