Test ID:	1.3.6.1.4.1.25623.1.0.69958
Category:	Debian Local Security Checks
Title:	Debian: Security Advisory (DSA-2251-1)
Summary:	The remote host is missing an update for the Debian 'subversion' package(s) announced via the DSA-2251-1 advisory.
Description:	Summary: The remote host is missing an update for the Debian 'subversion' package(s) announced via the DSA-2251-1 advisory. Vulnerability Insight: Several vulnerabilities were discovered in Subversion, the version control system. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2011-1752 The mod_dav_svn Apache HTTPD server module can be crashed though when asked to deliver baselined WebDAV resources. CVE-2011-1783 The mod_dav_svn Apache HTTPD server module can trigger a loop which consumes all available memory on the system. CVE-2011-1921 The mod_dav_svn Apache HTTPD server module may leak to remote users the file contents of files configured to be unreadable by those users. For the oldstable distribution (lenny), this problem has been fixed in version 1.5.1dfsg1-7. For the stable distribution (squeeze), this problem has been fixed in version 1.6.12dfsg-6. For the unstable distribution (sid), this problem has been fixed in version 1.6.17dfsg-1. We recommend that you upgrade your subversion packages. Affected Software/OS: 'subversion' package(s) on Debian 5, Debian 6. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2011-1752 1025617 http://www.securitytracker.com/id?1025617 44633 http://secunia.com/advisories/44633 44681 http://secunia.com/advisories/44681 44849 http://secunia.com/advisories/44849 44879 http://secunia.com/advisories/44879 44888 http://secunia.com/advisories/44888 45162 http://secunia.com/advisories/45162 48091 http://www.securityfocus.com/bid/48091 APPLE-SA-2012-02-01-1 http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html DSA-2251 http://www.debian.org/security/2011/dsa-2251 FEDORA-2011-8341 http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062211.html FEDORA-2011-8352 http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061913.html MDVSA-2011:106 http://www.mandriva.com/security/advisories?name=MDVSA-2011:106 RHSA-2011:0861 http://www.redhat.com/support/errata/RHSA-2011-0861.html RHSA-2011:0862 http://www.redhat.com/support/errata/RHSA-2011-0862.html USN-1144-1 http://www.ubuntu.com/usn/USN-1144-1 http://subversion.apache.org/security/CVE-2011-1752-advisory.txt http://support.apple.com/kb/HT5130 http://svn.apache.org/repos/asf/subversion/tags/1.6.17/CHANGES https://bugzilla.redhat.com/show_bug.cgi?id=709111 oval:org.mitre.oval:def:18922 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18922 Common Vulnerability Exposure (CVE) ID: CVE-2011-1783 1025618 http://www.securitytracker.com/id?1025618 http://subversion.apache.org/security/CVE-2011-1783-advisory.txt https://bugzilla.redhat.com/show_bug.cgi?id=709112 oval:org.mitre.oval:def:18889 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18889 Common Vulnerability Exposure (CVE) ID: CVE-2011-1921 1025619 http://www.securitytracker.com/id?1025619 http://subversion.apache.org/security/CVE-2011-1921-advisory.txt https://bugzilla.redhat.com/show_bug.cgi?id=709114 oval:org.mitre.oval:def:18999 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18999 subversion-control-rules-info-disc(67804) https://exchange.xforce.ibmcloud.com/vulnerabilities/67804
Copyright	Copyright (C) 2011 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.