GLSA-200405-14 : Buffer overflow in Subversion

This script is Copyright (C) 2004-2014 Tenable Network Security, Inc.


Synopsis :

The remote Gentoo host is missing one or more security-related
patches.

Description :

The remote host is affected by the vulnerability described in GLSA-200405-14
(Buffer overflow in Subversion)

All releases of Subversion prior to 1.0.3 have a vulnerability in the
date-parsing code. This vulnerability may allow denial of service or
arbitrary code execution as the Subversion user. Both the client and
server are vulnerable, and write access is NOT required to the server's
repository.

Impact :

All servers and clients are vulnerable. Specifically, clients that
allow other users to write to administrative files in a working copy
may be exploited. Additionally all servers (whether they are httpd/DAV
or svnserve) are vulnerable. Write access to the server is not
required
public read-only Subversion servers are also exploitable.

Workaround :

There is no known workaround at this time. All users are encouraged to
upgrade to the latest available version.

See also :

http://subversion.tigris.org/servlets/ReadMsg?list=announce&msgNo=125
http://www.nessus.org/u?8a28c1fb
http://www.gentoo.org/security/en/glsa/glsa-200405-14.xml

Solution :

All Subversion users should upgrade to the latest stable version:
# emerge sync
# emerge -pv '>=dev-util/subversion-1.0.3'
# emerge '>=dev-util/subversion-1.0.3'

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
Public Exploit Available : true

Family: Gentoo Local Security Checks

Nessus Plugin ID: 14500 (gentoo_GLSA-200405-14.nasl)

Bugtraq ID:

CVE ID: CVE-2004-0397