Subversion 1.3.x - 1.7.14 / 1.8.x < 1.8.8 mod_dav_svn DoS

This script is Copyright (C) 2014 Tenable Network Security, Inc.


Synopsis :

The remote host has an application that is affected by a denial of
service vulnerability.

Description :

The installed version of Subversion Server is affected by an error
related to 'mod_dav_svn', the 'SVNListParentPath' configuration option
and handling 'OPTIONS' requests that could allow denial of service
attacks.

See also :

http://subversion.apache.org/security/CVE-2014-0032-advisory.txt
http://svn.apache.org/viewvc?view=revision&revision=1557320

Solution :

Upgrade to Subversion Server 1.7.16 / 1.8.8 or later or apply the
vendor-supplied patch or workaround.

Risk factor :

Medium / CVSS Base Score : 4.3
(CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P)
CVSS Temporal Score : 3.7
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : false

Family: Windows

Nessus Plugin ID: 72744 ()

Bugtraq ID: 65434

CVE ID: CVE-2014-0032