Subversion 1.8.x < 1.8.2 FSFS Repository Corruption

This script is Copyright (C) 2013 Tenable Network Security, Inc.


Synopsis :

The remote host has an application that is affected by a repository
corruption vulnerability.

Description :

The installed version of Subversion Server is affected by a repository
corruption vulnerability related to 'FileSystem atop the FileSystem'
(FSFS) repositories and handling packed revision properties editing.

See also :

http://subversion.apache.org/security/CVE-2013-4246-advisory.txt
http://svn.haxx.se/dev/archive-2013-08/0329.shtml

Solution :

Upgrade to Subversion Server 1.8.3 or later or apply the vendor patch
or workaround.

Note that version 1.8.2 was not publicly released, thus version 1.8.3 is
the recommended version.

Risk factor :

Medium / CVSS Base Score : 6.5
(CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P)

Family: Windows

Nessus Plugin ID: 71567 ()

Bugtraq ID:

CVE ID: CVE-2013-4246