[Forgot Password]
Login  Register Subscribe

30481

 
 

423868

 
 

255116

 
 

909

 
 

198683

 
 

282

Paid content will be excluded from the download.


Download | Alert*


oval:org.secpod.oval:def:1164
Apache Subversion is installed (x86)

oval:org.secpod.oval:def:20663
The host is installed with Apache Subversion 1.8.0 before 1.8.2 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle a symlink attack. Successful exploitation could allow local users to gain privileges via a symlink attack on the ...

oval:org.secpod.oval:def:20664
The host is installed with Subversion 1.8.0 before 1.8.3 and is prone to a local privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle a symlink attack on the pid file. Successful exploitation could allow local users to gain privileges.

oval:org.secpod.oval:def:20722
The host is installed with Subversion 1.0.0 before 1.5.7 or 1.6.x before 1.6.4 and is prone to a heap based buffer overflow vulnerability. A flaw is present in the application, which fails to handle an svndiff stream with large windows. Successful exploitation could allow attackers to execute arbitr ...

oval:org.secpod.oval:def:20708
The host is installed with Apache Subversion 1.8.0 before 1.8.2 and is prone to a FSFS repository corruption vulnerability. A flaw is present in the application, which fails to proper edit revision properties. Successful exploitation could allow wrong file to get deleted.

oval:org.secpod.oval:def:22276
The host is installed with Apache Subversion 1.7.x before 1.7.19 or 1.8.x before 1.8.11 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a request for a URI that triggers a lookup for a virtual transaction name that does not exis ...

oval:org.secpod.oval:def:24061
The host is installed with Apache Subversion 1.5.0 through 1.7.19 or 1.8.0 through 1.8.11 and is prone to svn:author property spoofing vulnerability. A flaw is present in the application, which fails to handle crafted v1 HTTP protocol request sequences. Successful exploitation could allow attackers ...

oval:org.secpod.oval:def:24062
The host is installed with Apache Subversion 1.8.0 through 1.8.11 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a large number of REPORT requests. Successful exploitation could allow attackers to crash the service.

oval:org.secpod.oval:def:24063
The host is installed with Apache Subversion 1.6.0 through 1.7.19 or 1.8.0 through 1.8.11 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle crafted parameter combinations related to dynamically evaluated revision numbers. Successful exploi ...

oval:org.secpod.oval:def:34614
The host is installed with Apache Subversion 1.7.x, 1.8.x before 1.8.15 and is prone to an integer overflow vulnerability. A flaw is present in the application, which fails to handle a skel-encoded request body, which triggers an out-of-bounds read and heap-based buffer overflow. Successful exploita ...

oval:org.secpod.oval:def:33818
The host is installed with Apache Subversion 1.9.x before 1.9.3 and is prone to an integer overflow vulnerability. A flaw is present in the application, which fails to handle a svn:// protocol string which triggers a heap-based buffer overflow and an out-of-bounds read. Successful exploitation could ...

oval:org.secpod.oval:def:15918
The host is installed with Apache Subversion 1.4.0 through 1.7.12 or 1.8.0 through 1.8.1 and is prone to local privilege escalation vulnerability. The flaw is present in Svnserve in Apache Subversion, which fails to properly handle a symlink attack on the file specified by the --pid-file option. Suc ...

oval:org.secpod.oval:def:16222
The host is installed with Apache Subversion 1.4.0 through 1.7.13 or 1.8.0 through 1.8.4 and is prone to security bypass vulnerability. The flaw is present in is_this_legal function in mod_dontdothat in Apache Subversion, which fails to properly handle a relative URL in a REPORT request. Successful ...

oval:org.secpod.oval:def:26233
The host is installed with Apache Subversion before 1.7.21 or 1.8.x before 1.8.14 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle the history of a node that has been moved from a hidden path. Successful exploitation could allow att ...

oval:org.secpod.oval:def:1166
The host is installed with Apache Subversion and is prone to memory corruption vulnerability. A flaw is present in the application which is caused due to infinite loop error when the SVNPathAuthz short_circuit option is enabled. Successful exploitation allows remote attacker to cause denial of servi ...

oval:org.secpod.oval:def:1165
The host is installed with Apache Subversion and is prone to denial of service vulnerability. A flaw is present in the application which is caused by a NULL pointer dereference in the mod_dav_svn.so module when processing baselined WebDAV resources. Successful exploitation allows remote attacker to ...

oval:org.secpod.oval:def:1167
The host is installed with Apache Subversion and is prone to information disclosure Vulnerability. A flaw is present in the application which fails to properly enforce permissions for files, when the SVNPathAuthz short_circuit option is disabled. Successful exploitation allows remote attacker to obt ...

oval:org.secpod.oval:def:20719
The host is installed with Subversion before 1.5.0 before 1.5.8 or 1.6.0 before 1.6.15 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a via the -g Option to the Blame Command. Successful exploitation could allow attackers to crash the s ...

oval:org.secpod.oval:def:20721
The host is installed with Subversion 1.0.0 before 1.5.9 or 1.6.0 before 1.6.15 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a named repository as a rule scope. Successful exploitation could allow attackers to bypass intended access r ...

oval:org.secpod.oval:def:22277
The host is installed with Apache Subversion 1.7.x before 1.7.19 or 1.8.x before 1.8.11 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a REPORT request for a resource that does not exist. Successful exploitation could allow rem ...

oval:org.secpod.oval:def:20718
The host is installed with Subversion 1.2.0 before 1.6.16 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a request that contains a lock token. Successful exploitation could allow attackers to crash the service.

oval:org.secpod.oval:def:34612
The host is installed with Apache Subversion 1.0.x before 1.8.15 and is prone to a null pointer dereference vulnerability. A flaw is present in the application, which fails to handle a crafted header in a MOVE or COPY request. Successful exploitation could allow remote attackers to cause a denial of ...

oval:org.secpod.oval:def:20713
The host is installed with Subversion 1.7.0 through 1.7.8 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a log REPORT request with an invalid limit. Successful exploitation could allow attackers to crash the service.

oval:org.secpod.oval:def:20714
The host is installed with Subversion 1.6.x through 1.6.20 or 1.7.0 through 1.7.8 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a PROPFIND request for an activity URL. Successful exploitation could allow attackers to crash the service.

oval:org.secpod.oval:def:20711
The host is installed with Subversion before 1.6.23 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which improperly treats aborted connections as critical errors. Successful exploitation could allow attackers to crash the service.

oval:org.secpod.oval:def:20712
The host is installed with Subversion before 1.6.23 or 1.7.0 before 1.7.10 and is prone to a fsfs repository corruption vulnerability. A flaw is present in the application, which fails to properly handle a newline character in a file name. Successful exploitation could allow attackers to crash the s ...

oval:org.secpod.oval:def:20710
The host is installed with Subversion before 1.6.23 or 1.7.0 before 1.7.10 and is prone to a denial of service vulnerability. A flaw is present in the application, which improperly treats aborted connections as critical errors. Successful exploitation could allow attackers to crash the service.

oval:org.secpod.oval:def:17040
The host is installed with Apache Subversion before 1.7.15 or 1.8.x before 1.8.6 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle vectors related to the server root and request methods other than GET. Successful exploitation could allow a ...

oval:org.secpod.oval:def:20717
The host is installed with Subversion 1.0.0 through 1.6.20 or 1.7.0 through 1.7.8 and is prone to memory consumption vulnerability. A flaw is present in the application, which fails to handle (1) setting or (2) deleting a large number of properties for a file or directory. Successful exploitation co ...

oval:org.secpod.oval:def:20715
The host is installed with Subversion 1.6.x through 1.6.20 or 1.7.0 through 1.7.8 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle an anonymous LOCK for a URL that does not exist. Successful exploitation could allow attackers to crash the ...

oval:org.secpod.oval:def:20913
The host is installed with Apache Subversion 1.4.0 through 1.7.x before 1.7.18 or 1.8.x before 1.8.10 and is prone to a man-in-the-middle attack vulnerability. A flaw is present in the application, which fails to handle wildcards in the Common Name (CN) or subjectAltName field of the X.509 certific ...

oval:org.secpod.oval:def:20716
The host is installed with Subversion 1.0.0 through 1.6.20 or 1.7.0 through 1.7.8 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle an anonymous LOCK for a URL that does not exist. Successful exploitation could allow attackers to crash the ...

oval:org.secpod.oval:def:20914
The host is installed with Apache Subversion 1.0.0 through 1.7.x before 1.7.18 or 1.8.x before 1.8.10 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to properly handle a crafted authentication realm. Successful exploitation could allow remote serv ...

oval:org.secpod.oval:def:20720
The host is installed with Subversion before 1.5.0 before 1.5.8 or 1.6.0 before 1.6.15 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to handle a named repository as a rule scope. Successful exploitation could allow attackers to bypass intended acc ...

oval:org.secpod.oval:def:20709
The host is installed with Subversion 1.7.0 through 1.7.10 or 1.8.0 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a certain (1) COPY, (2) DELETE, or (3) MOVE request against a revision root. Successful exploitation could allow remote u ...

oval:org.secpod.oval:def:34613
The host is installed with Apache Subversion 1.5.x before 1.8.15 and is prone to an intended access restriction bypass vulnerability. A flaw is present in the application, which fails to handle a realm string that is a prefix of an expected repository realm string. Successful exploitation could allo ...

oval:org.secpod.oval:def:58785
The host is installed with Apache Subversion 1.9.x through 1.9.10, 1.10.x through 1.10.4 or 1.12.0 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a well-formed read-only request. Successful exploitation could allow remote attackers to c ...

oval:org.secpod.oval:def:58784
The host is installed with Apache Subversion 1.9.x through 1.9.10, 1.10.x through 1.10.4 or 1.12.0 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle certain sequences of protocol commands. Successful exploitation could allow remote attacke ...

oval:org.secpod.oval:def:16223
The host is installed with Apache Subversion 1.7.11 through 1.7.12 or 1.8.0 through 1.8.4 and is prone to denial of service vulnerability. The flaw is present in get_parent_resource function in repos.c in mod_dav_svn Apache HTTPD server module in Apache Subversion, which fails to properly handle a n ...

oval:org.secpod.oval:def:26234
The host is installed with Apache Subversion before 1.7.21, 1.8.x before 1.8.14 or Apache HTTP Server 2.4.x through 2.4.12 and is prone to an information disclosure vulnerability. A flaw is present in the applications, which fail to properly restrict anonymous access. Successful exploitation could a ...

*CPE
cpe:/a:apache:subversion:::x86

© SecPod Technologies