[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

ALAS-2014-413 ---- subversion mod_dav_svn

ID: oval:org.secpod.oval:def:1600198Date: (C)2016-01-19   (M)2022-10-10
Class: PATCHFamily: unix




The Serf RA layer in Apache Subversion 1.4.0 through 1.7.x before 1.7.18 and 1.8.x before 1.8.10 does not properly handle wildcards in the Common Name or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof servers via a crafted certificate.

Platform:
Amazon Linux AMI
Product:
subversion
mod_dav_svn
Reference:
ALAS-2014-413
CVE-2014-3522
CVE    1
CVE-2014-3522
CPE    70
cpe:/a:apache:subversion:1.6.10
cpe:/o:amazon:linux
cpe:/a:apache:subversion:1.6.11
cpe:/a:apache:subversion:1.6.12
...

© SecPod Technologies