Download
| Alert*
oval:org.secpod.oval:def:201559
Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. The mod_dav_svn module is used with the Apache HTTP Server to allow access to Subversion reposi ... oval:org.secpod.oval:def:201535 Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. The mod_dav_svn module is used with the Apache HTTP Server to allow access to Subversion reposi ... oval:org.secpod.oval:def:22276 The host is installed with Apache Subversion 1.7.x before 1.7.19 or 1.8.x before 1.8.11 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a request for a URI that triggers a lookup for a virtual transaction name that does not exis ... oval:org.secpod.oval:def:24061 The host is installed with Apache Subversion 1.5.0 through 1.7.19 or 1.8.0 through 1.8.11 and is prone to svn:author property spoofing vulnerability. A flaw is present in the application, which fails to handle crafted v1 HTTP protocol request sequences. Successful exploitation could allow attackers ... oval:org.secpod.oval:def:24063 The host is installed with Apache Subversion 1.6.0 through 1.7.19 or 1.8.0 through 1.8.11 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle crafted parameter combinations related to dynamically evaluated revision numbers. Successful exploi ... oval:org.secpod.oval:def:501653 Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. The mod_dav_svn module is used with the Apache HTTP Server to allow access to Subversion reposi ... oval:org.secpod.oval:def:52558 subversion: Advanced version control system Several security issues were fixed in Subversion. oval:org.secpod.oval:def:702721 subversion: Advanced version control system Several security issues were fixed in Subversion. oval:org.secpod.oval:def:600202 Philip Martin discovered that HTTP-based Subversion servers crash when processing lock requests on repositories which support unauthenticated read access. oval:org.secpod.oval:def:105940 Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. Subversion only stores the differences between versions, instead of every complete file. Subvers ... oval:org.secpod.oval:def:1500910 Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. The mod_dav_svn module is used with the Apache HTTP Server to allow access to Subversion reposi ... oval:org.secpod.oval:def:26792 Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. The mod_dav_svn module is used with the Apache HTTP Server to allow access to Subversion reposit ... oval:org.secpod.oval:def:1500911 Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. The mod_dav_svn module is used with the Apache HTTP Server to allow access to Subversion reposi ... oval:org.secpod.oval:def:15918 The host is installed with Apache Subversion 1.4.0 through 1.7.12 or 1.8.0 through 1.8.1 and is prone to local privilege escalation vulnerability. The flaw is present in Svnserve in Apache Subversion, which fails to properly handle a symlink attack on the file specified by the --pid-file option. Suc ... oval:org.secpod.oval:def:203728 Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. The mod_dav_svn module is used with the Apache HTTP Server to allow access to Subversion reposi ... oval:org.secpod.oval:def:1600198 The Serf RA layer in Apache Subversion 1.4.0 through 1.7.x before 1.7.18 and 1.8.x before 1.8.10 does not properly handle wildcards in the Common Name or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof servers via a crafted certificate. oval:org.secpod.oval:def:16222 The host is installed with Apache Subversion 1.4.0 through 1.7.13 or 1.8.0 through 1.8.4 and is prone to security bypass vulnerability. The flaw is present in is_this_legal function in mod_dontdothat in Apache Subversion, which fails to properly handle a relative URL in a REPORT request. Successful ... oval:org.secpod.oval:def:203558 Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. The mod_dav_svn module is used with the Apache HTTP Server to allow access to Subversion reposi ... oval:org.secpod.oval:def:600539 Several vulnerabilities were discovered in Subversion, the version control system. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2011-1752 The mod_dav_svn Apache HTTPD server module can be crashed though when asked to deliver baselined WebDAV resources. CVE- ... oval:org.secpod.oval:def:26232 subversion: Advanced version control system Several security issues were fixed in Subversion. oval:org.secpod.oval:def:26231 subversion: Advanced version control system Several security issues were fixed in Subversion. oval:org.secpod.oval:def:201566 Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. The mod_dav_svn module is used with the Apache HTTP Server to allow access to Subversion reposi ... oval:org.secpod.oval:def:1166 The host is installed with Apache Subversion and is prone to memory corruption vulnerability. A flaw is present in the application which is caused due to infinite loop error when the SVNPathAuthz short_circuit option is enabled. Successful exploitation allows remote attacker to cause denial of servi ... oval:org.secpod.oval:def:1165 The host is installed with Apache Subversion and is prone to denial of service vulnerability. A flaw is present in the application which is caused by a NULL pointer dereference in the mod_dav_svn.so module when processing baselined WebDAV resources. Successful exploitation allows remote attacker to ... oval:org.secpod.oval:def:1167 The host is installed with Apache Subversion and is prone to information disclosure Vulnerability. A flaw is present in the application which fails to properly enforce permissions for files, when the SVNPathAuthz short_circuit option is disabled. Successful exploitation allows remote attacker to obt ... oval:org.secpod.oval:def:500281 Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. The mod_dav_svn module is used with the Apache HTTP Server to allow access to Subversion reposi ... oval:org.secpod.oval:def:500052 Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. A server-side memory leak was found in the Subversion server. If a malicious, remote user perfo ... oval:org.secpod.oval:def:201440 Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. A server-side memory leak was found in the Subversion server. If a malicious, remote user perfo ... oval:org.secpod.oval:def:20721 The host is installed with Subversion 1.0.0 before 1.5.9 or 1.6.0 before 1.6.15 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a named repository as a rule scope. Successful exploitation could allow attackers to bypass intended access r ... oval:org.secpod.oval:def:20719 The host is installed with Subversion before 1.5.0 before 1.5.8 or 1.6.0 before 1.6.15 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a via the -g Option to the Blame Command. Successful exploitation could allow attackers to crash the s ... oval:org.secpod.oval:def:201491 Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. A server-side memory leak was found in the Subversion server. If a malicious, remote user perfo ... oval:org.secpod.oval:def:501499 Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. The mod_dav_svn module is used with the Apache HTTP Server to allow access to Subversion reposi ... oval:org.secpod.oval:def:1501151 Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. The mod_dav_svn module is used with the Apache HTTP Server to allow access to Subversion reposit ... oval:org.secpod.oval:def:1200111 A NULL pointer dereference flaw was found in the way the mod_dav_svn module handled certain requests for URIs that trigger a lookup of a virtual transaction name. A remote, unauthenticated attacker could send a request for a virtual transaction name that does not exist, causing mod_dav_svn to crash. ... oval:org.secpod.oval:def:108279 Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. Subversion only stores the differences between versions, instead of every complete file. Subvers ... oval:org.secpod.oval:def:203559 Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. The mod_dav_svn module is used with the Apache HTTP Server to allow access to Subversion reposi ... oval:org.secpod.oval:def:108277 Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. Subversion only stores the differences between versions, instead of every complete file. Subvers ... oval:org.secpod.oval:def:203700 Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. The mod_dav_svn module is used with the Apache HTTP Server to allow access to Subversion reposi ... oval:org.secpod.oval:def:501500 Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. The mod_dav_svn module is used with the Apache HTTP Server to allow access to Subversion reposi ... oval:org.secpod.oval:def:501628 Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. The mod_dav_svn module is used with the Apache HTTP Server to allow access to Subversion reposi ... oval:org.secpod.oval:def:22277 The host is installed with Apache Subversion 1.7.x before 1.7.19 or 1.8.x before 1.8.11 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a REPORT request for a resource that does not exist. Successful exploitation could allow rem ... oval:org.secpod.oval:def:20718 The host is installed with Subversion 1.2.0 before 1.6.16 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a request that contains a lock token. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:500114 Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. The mod_dav_svn module is used with the Apache HTTP Server to allow access to Subversion reposi ... oval:org.secpod.oval:def:500254 Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. The mod_dav_svn module is used with the Apache HTTP Server to allow access to Subversion reposi ... oval:org.secpod.oval:def:202664 Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. The mod_dav_svn module is used with the Apache HTTP Server to allow access to Subversion reposi ... oval:org.secpod.oval:def:202663 Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. The mod_dav_svn module is used with the Apache HTTP Server to allow access to Subversion reposi ... oval:org.secpod.oval:def:500226 Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. The mod_dav_svn module is used with the Apache HTTP Server to allow access to Subversion reposi ... oval:org.secpod.oval:def:200279 Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. The mod_dav_svn module is used with the Apache HTTP Server to allow access to Subversion reposi ... oval:org.secpod.oval:def:1500145 Updated subversion packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, a ... oval:org.secpod.oval:def:1500146 Updated subversion packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, a ... oval:org.secpod.oval:def:1600253 A NULL pointer dereference flaw was found in the way the mod_dav_svn module handled PROPFIND requests on activity URLs. A remote attacker could use this flaw to cause the httpd process serving the request to crash. A flaw was found in the way the mod_dav_svn module handled large numbers of propertie ... oval:org.secpod.oval:def:20913 The host is installed with Apache Subversion 1.4.0 through 1.7.x before 1.7.18 or 1.8.x before 1.8.10 and is prone to a man-in-the-middle attack vulnerability. A flaw is present in the application, which fails to handle wildcards in the Common Name (CN) or subjectAltName field of the X.509 certific ... oval:org.secpod.oval:def:20914 The host is installed with Apache Subversion 1.0.0 through 1.7.x before 1.7.18 or 1.8.x before 1.8.10 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to properly handle a crafted authentication realm. Successful exploitation could allow remote serv ... oval:org.secpod.oval:def:602054 Several vulnerabilities were discovered in Subversion, a version control system. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2015-0248 Subversion mod_dav_svn and svnserve were vulnerable to a remotely triggerable assertion DoS vulnerability for certain req ... oval:org.secpod.oval:def:107396 Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. Subversion only stores the differences between versions, instead of every complete file. Subvers ... oval:org.secpod.oval:def:107425 Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. Subversion only stores the differences between versions, instead of every complete file. Subvers ... oval:org.secpod.oval:def:21799 The host is installed with Apache Subversion 1.0.0 through 1.7.x before 1.7.17 or 1.8.x before 1.8.10 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle a crafted authentication realm. Successful exploitation makes it easier ... oval:org.secpod.oval:def:1200095 The mod_dav_svn server in Subversion 1.8.0 through 1.8.11 allows remote attackers to cause a denial of service via a large number of REPORT requests, which trigger the traversal of FSFS repository nodes. An assertion failure flaw was found in the way the SVN server processed certain requests with d ... oval:org.secpod.oval:def:109357 Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. Subversion only stores the differences between versions, instead of every complete file. Subvers ... oval:org.secpod.oval:def:501039 Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. The mod_dav_svn module is used with the Apache HTTP Server to allow access to Subversion reposi ... oval:org.secpod.oval:def:702159 subversion: Advanced version control system Several security issues were fixed in Subversion. oval:org.secpod.oval:def:20714 The host is installed with Subversion 1.6.x through 1.6.20 or 1.7.0 through 1.7.8 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a PROPFIND request for an activity URL. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:20711 The host is installed with Subversion before 1.6.23 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which improperly treats aborted connections as critical errors. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:20712 The host is installed with Subversion before 1.6.23 or 1.7.0 before 1.7.10 and is prone to a fsfs repository corruption vulnerability. A flaw is present in the application, which fails to properly handle a newline character in a file name. Successful exploitation could allow attackers to crash the s ... oval:org.secpod.oval:def:20710 The host is installed with Subversion before 1.6.23 or 1.7.0 before 1.7.10 and is prone to a denial of service vulnerability. A flaw is present in the application, which improperly treats aborted connections as critical errors. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:601049 Several vulnerabilities were discovered in Subversion, a version control system. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2013-1968 Subversion repositories with the FSFS repository data store format can be corrupted by newline characters in filenames. A ... oval:org.secpod.oval:def:20717 The host is installed with Subversion 1.0.0 through 1.6.20 or 1.7.0 through 1.7.8 and is prone to memory consumption vulnerability. A flaw is present in the application, which fails to handle (1) setting or (2) deleting a large number of properties for a file or directory. Successful exploitation co ... oval:org.secpod.oval:def:20715 The host is installed with Subversion 1.6.x through 1.6.20 or 1.7.0 through 1.7.8 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle an anonymous LOCK for a URL that does not exist. Successful exploitation could allow attackers to crash the ... oval:org.secpod.oval:def:20716 The host is installed with Subversion 1.0.0 through 1.6.20 or 1.7.0 through 1.7.8 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle an anonymous LOCK for a URL that does not exist. Successful exploitation could allow attackers to crash the ... oval:org.secpod.oval:def:1500402 Updated subversion packages that fix three security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are ... oval:org.secpod.oval:def:52157 subversion: Advanced version control system Several security issues were fixed in Subversion. oval:org.secpod.oval:def:501198 Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. The mod_dav_svn module is used with the Apache HTTP Server to allow access to Subversion reposi ... oval:org.secpod.oval:def:1500393 Updated subversion packages that fix three security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are ... oval:org.secpod.oval:def:53116 Several problems were discovered in Subversion, a centralised version control system. CVE-2017-9800 Joern Schneeweisz discovered that Subversion did not correctly handle maliciously constructed svn+ssh:// URLs. This allowed an attacker to run an arbitrary shell command, for instance via svn:external ... oval:org.secpod.oval:def:1800422 Subversion"s mod_dontdothat module and clients using are vulnerable to a denial-of-service attack caused by exponential XML entity expansion. The attack, otherwise known as the "billion laughs attack", targets XML parsers and can cause the targeted process to consume an excessive amount of CPU resou ... oval:org.secpod.oval:def:51870 subversion: Advanced version control system Several security issues were fixed in Subversion. oval:org.secpod.oval:def:1600224 The is_this_legal function in mod_dontdothat for Apache Subversion 1.4.0 through 1.7.13 and 1.8.0 through 1.8.4 allows remote attackers to bypass intended access restrictions and possibly cause a denial of service via a relative URL in a REPORT request.The get_parent_resource function in repos.c in ... oval:org.secpod.oval:def:106260 Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. Subversion only stores the differences between versions, instead of every complete file. Subvers ... oval:org.secpod.oval:def:106168 Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. Subversion only stores the differences between versions, instead of every complete file. Subvers ... |