Download
| Alert*
oval:org.secpod.oval:def:201535
Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. The mod_dav_svn module is used with the Apache HTTP Server to allow access to Subversion reposi ... oval:org.secpod.oval:def:201559 Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. The mod_dav_svn module is used with the Apache HTTP Server to allow access to Subversion reposi ... oval:org.secpod.oval:def:22276 The host is installed with Apache Subversion 1.7.x before 1.7.19 or 1.8.x before 1.8.11 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a request for a URI that triggers a lookup for a virtual transaction name that does not exis ... oval:org.secpod.oval:def:24061 The host is installed with Apache Subversion 1.5.0 through 1.7.19 or 1.8.0 through 1.8.11 and is prone to svn:author property spoofing vulnerability. A flaw is present in the application, which fails to handle crafted v1 HTTP protocol request sequences. Successful exploitation could allow attackers ... oval:org.secpod.oval:def:501653 Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. The mod_dav_svn module is used with the Apache HTTP Server to allow access to Subversion reposi ... oval:org.secpod.oval:def:52558 subversion: Advanced version control system Several security issues were fixed in Subversion. oval:org.secpod.oval:def:1500911 Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. The mod_dav_svn module is used with the Apache HTTP Server to allow access to Subversion reposi ... oval:org.secpod.oval:def:15918 The host is installed with Apache Subversion 1.4.0 through 1.7.12 or 1.8.0 through 1.8.1 and is prone to local privilege escalation vulnerability. The flaw is present in Svnserve in Apache Subversion, which fails to properly handle a symlink attack on the file specified by the --pid-file option. Suc ... oval:org.secpod.oval:def:203728 Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. The mod_dav_svn module is used with the Apache HTTP Server to allow access to Subversion reposi ... oval:org.secpod.oval:def:1600198 The Serf RA layer in Apache Subversion 1.4.0 through 1.7.x before 1.7.18 and 1.8.x before 1.8.10 does not properly handle wildcards in the Common Name or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof servers via a crafted certificate. oval:org.secpod.oval:def:16222 The host is installed with Apache Subversion 1.4.0 through 1.7.13 or 1.8.0 through 1.8.4 and is prone to security bypass vulnerability. The flaw is present in is_this_legal function in mod_dontdothat in Apache Subversion, which fails to properly handle a relative URL in a REPORT request. Successful ... oval:org.secpod.oval:def:203558 Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. The mod_dav_svn module is used with the Apache HTTP Server to allow access to Subversion reposi ... oval:org.secpod.oval:def:600539 Several vulnerabilities were discovered in Subversion, the version control system. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2011-1752 The mod_dav_svn Apache HTTPD server module can be crashed though when asked to deliver baselined WebDAV resources. CVE- ... oval:org.secpod.oval:def:702721 subversion: Advanced version control system Several security issues were fixed in Subversion. oval:org.secpod.oval:def:600202 Philip Martin discovered that HTTP-based Subversion servers crash when processing lock requests on repositories which support unauthenticated read access. oval:org.secpod.oval:def:26232 subversion: Advanced version control system Several security issues were fixed in Subversion. oval:org.secpod.oval:def:105940 Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. Subversion only stores the differences between versions, instead of every complete file. Subvers ... oval:org.secpod.oval:def:1500910 Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. The mod_dav_svn module is used with the Apache HTTP Server to allow access to Subversion reposi ... oval:org.secpod.oval:def:26231 subversion: Advanced version control system Several security issues were fixed in Subversion. oval:org.secpod.oval:def:26792 Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. The mod_dav_svn module is used with the Apache HTTP Server to allow access to Subversion reposit ... oval:org.secpod.oval:def:201566 Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. The mod_dav_svn module is used with the Apache HTTP Server to allow access to Subversion reposi ... oval:org.secpod.oval:def:1166 The host is installed with Apache Subversion and is prone to memory corruption vulnerability. A flaw is present in the application which is caused due to infinite loop error when the SVNPathAuthz short_circuit option is enabled. Successful exploitation allows remote attacker to cause denial of servi ... oval:org.secpod.oval:def:1165 The host is installed with Apache Subversion and is prone to denial of service vulnerability. A flaw is present in the application which is caused by a NULL pointer dereference in the mod_dav_svn.so module when processing baselined WebDAV resources. Successful exploitation allows remote attacker to ... oval:org.secpod.oval:def:1167 The host is installed with Apache Subversion and is prone to information disclosure Vulnerability. A flaw is present in the application which fails to properly enforce permissions for files, when the SVNPathAuthz short_circuit option is disabled. Successful exploitation allows remote attacker to obt ... oval:org.secpod.oval:def:20719 The host is installed with Subversion before 1.5.0 before 1.5.8 or 1.6.0 before 1.6.15 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a via the -g Option to the Blame Command. Successful exploitation could allow attackers to crash the s ... oval:org.secpod.oval:def:500281 Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. The mod_dav_svn module is used with the Apache HTTP Server to allow access to Subversion reposi ... oval:org.secpod.oval:def:201491 Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. A server-side memory leak was found in the Subversion server. If a malicious, remote user perfo ... oval:org.secpod.oval:def:500052 Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. A server-side memory leak was found in the Subversion server. If a malicious, remote user perfo ... oval:org.secpod.oval:def:201440 Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. A server-side memory leak was found in the Subversion server. If a malicious, remote user perfo ... oval:org.secpod.oval:def:20721 The host is installed with Subversion 1.0.0 before 1.5.9 or 1.6.0 before 1.6.15 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a named repository as a rule scope. Successful exploitation could allow attackers to bypass intended access r ... oval:org.secpod.oval:def:108279 Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. Subversion only stores the differences between versions, instead of every complete file. Subvers ... oval:org.secpod.oval:def:501499 Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. The mod_dav_svn module is used with the Apache HTTP Server to allow access to Subversion reposi ... oval:org.secpod.oval:def:203559 Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. The mod_dav_svn module is used with the Apache HTTP Server to allow access to Subversion reposi ... oval:org.secpod.oval:def:108277 Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. Subversion only stores the differences between versions, instead of every complete file. Subvers ... oval:org.secpod.oval:def:1501151 Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. The mod_dav_svn module is used with the Apache HTTP Server to allow access to Subversion reposit ... oval:org.secpod.oval:def:203700 Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. The mod_dav_svn module is used with the Apache HTTP Server to allow access to Subversion reposi ... oval:org.secpod.oval:def:501500 Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. The mod_dav_svn module is used with the Apache HTTP Server to allow access to Subversion reposi ... oval:org.secpod.oval:def:501628 Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. The mod_dav_svn module is used with the Apache HTTP Server to allow access to Subversion reposi ... oval:org.secpod.oval:def:1200111 A NULL pointer dereference flaw was found in the way the mod_dav_svn module handled certain requests for URIs that trigger a lookup of a virtual transaction name. A remote, unauthenticated attacker could send a request for a virtual transaction name that does not exist, causing mod_dav_svn to crash. ... oval:org.secpod.oval:def:22277 The host is installed with Apache Subversion 1.7.x before 1.7.19 or 1.8.x before 1.8.11 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a REPORT request for a resource that does not exist. Successful exploitation could allow rem ... oval:org.secpod.oval:def:20718 The host is installed with Subversion 1.2.0 before 1.6.16 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a request that contains a lock token. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:500114 Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. The mod_dav_svn module is used with the Apache HTTP Server to allow access to Subversion reposi ... oval:org.secpod.oval:def:500254 Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. The mod_dav_svn module is used with the Apache HTTP Server to allow access to Subversion reposi ... oval:org.secpod.oval:def:200279 Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. The mod_dav_svn module is used with the Apache HTTP Server to allow access to Subversion reposi ... oval:org.secpod.oval:def:500226 Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. The mod_dav_svn module is used with the Apache HTTP Server to allow access to Subversion reposi ... oval:org.secpod.oval:def:20913 The host is installed with Apache Subversion 1.4.0 through 1.7.x before 1.7.18 or 1.8.x before 1.8.10 and is prone to a man-in-the-middle attack vulnerability. A flaw is present in the application, which fails to handle wildcards in the Common Name (CN) or subjectAltName field of the X.509 certific ... oval:org.secpod.oval:def:20914 The host is installed with Apache Subversion 1.0.0 through 1.7.x before 1.7.18 or 1.8.x before 1.8.10 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to properly handle a crafted authentication realm. Successful exploitation could allow remote serv ... oval:org.secpod.oval:def:602054 Several vulnerabilities were discovered in Subversion, a version control system. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2015-0248 Subversion mod_dav_svn and svnserve were vulnerable to a remotely triggerable assertion DoS vulnerability for certain req ... oval:org.secpod.oval:def:107396 Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. Subversion only stores the differences between versions, instead of every complete file. Subvers ... oval:org.secpod.oval:def:107425 Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. Subversion only stores the differences between versions, instead of every complete file. Subvers ... oval:org.secpod.oval:def:21799 The host is installed with Apache Subversion 1.0.0 through 1.7.x before 1.7.17 or 1.8.x before 1.8.10 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle a crafted authentication realm. Successful exploitation makes it easier ... oval:org.secpod.oval:def:52157 subversion: Advanced version control system Several security issues were fixed in Subversion. oval:org.secpod.oval:def:1200095 The mod_dav_svn server in Subversion 1.8.0 through 1.8.11 allows remote attackers to cause a denial of service via a large number of REPORT requests, which trigger the traversal of FSFS repository nodes. An assertion failure flaw was found in the way the SVN server processed certain requests with d ... oval:org.secpod.oval:def:109357 Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. Subversion only stores the differences between versions, instead of every complete file. Subvers ... oval:org.secpod.oval:def:20720 The host is installed with Subversion before 1.5.0 before 1.5.8 or 1.6.0 before 1.6.15 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to handle a named repository as a rule scope. Successful exploitation could allow attackers to bypass intended acc ... oval:org.secpod.oval:def:702159 subversion: Advanced version control system Several security issues were fixed in Subversion. oval:org.secpod.oval:def:53116 Several problems were discovered in Subversion, a centralised version control system. CVE-2017-9800 Joern Schneeweisz discovered that Subversion did not correctly handle maliciously constructed svn+ssh:// URLs. This allowed an attacker to run an arbitrary shell command, for instance via svn:external ... oval:org.secpod.oval:def:1800422 Subversion"s mod_dontdothat module and clients using are vulnerable to a denial-of-service attack caused by exponential XML entity expansion. The attack, otherwise known as the "billion laughs attack", targets XML parsers and can cause the targeted process to consume an excessive amount of CPU resou ... oval:org.secpod.oval:def:51870 subversion: Advanced version control system Several security issues were fixed in Subversion. oval:org.secpod.oval:def:106260 Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. Subversion only stores the differences between versions, instead of every complete file. Subvers ... oval:org.secpod.oval:def:1600224 The is_this_legal function in mod_dontdothat for Apache Subversion 1.4.0 through 1.7.13 and 1.8.0 through 1.8.4 allows remote attackers to bypass intended access restrictions and possibly cause a denial of service via a relative URL in a REPORT request.The get_parent_resource function in repos.c in ... oval:org.secpod.oval:def:106168 Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. Subversion only stores the differences between versions, instead of every complete file. Subvers ... |