Vulnerability   
Search   
    Search 211766 CVE descriptions
and 97459 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.69791
Category:Red Hat Local Security Checks
Title:RedHat Security Advisory RHSA-2011:0861
Summary:NOSUMMARY
Description:Description:
The remote host is missing updates announced in
advisory RHSA-2011:0861.

Subversion (SVN) is a concurrent version control system which enables one
or more users to collaborate in developing and maintaining a hierarchy of
files and directories while keeping a history of all changes. The
mod_dav_svn module is used with the Apache HTTP Server to allow access to
Subversion repositories via HTTP.

A NULL pointer dereference flaw was found in the way the mod_dav_svn module
processed requests submitted against the URL of a baselined resource. A
malicious, remote user could use this flaw to cause the httpd process
serving the request to crash. (CVE-2011-1752)

Red Hat would like to thank the Apache Subversion project for reporting
this issue. Upstream acknowledges Joe Schaefer of the Apache Software
Foundation as the original reporter.

All Subversion users should upgrade to these updated packages, which
contain a backported patch to correct this issue. After installing the
updated packages, you must restart the httpd daemon, if you are using
mod_dav_svn, for the update to take effect.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2011-0861.html
http://subversion.apache.org/security/CVE-2011-1752-advisory.txt

Risk factor : Medium

CVSS Score:
5.0

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2011-1752
http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html
BugTraq ID: 48091
http://www.securityfocus.com/bid/48091
Debian Security Information: DSA-2251 (Google Search)
http://www.debian.org/security/2011/dsa-2251
http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062211.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061913.html
http://www.mandriva.com/security/advisories?name=MDVSA-2011:106
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18922
http://www.redhat.com/support/errata/RHSA-2011-0861.html
http://www.redhat.com/support/errata/RHSA-2011-0862.html
http://www.securitytracker.com/id?1025617
http://secunia.com/advisories/44633
http://secunia.com/advisories/44681
http://secunia.com/advisories/44849
http://secunia.com/advisories/44879
http://secunia.com/advisories/44888
http://secunia.com/advisories/45162
http://www.ubuntu.com/usn/USN-1144-1
CopyrightCopyright (c) 2011 E-Soft Inc. http://www.securityspace.com

This is only one of 97459 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.