This script is Copyright (C) 2004-2014 Tenable Network Security, Inc.
The remote Gentoo host is missing one or more security-related
The remote host is affected by the vulnerability described in GLSA-200407-20
(Subversion: Vulnerability in mod_authz_svn)
Users with write access to part of a Subversion repository may bypass
read restrictions on any part of that repository. This can be done
using an 'svn copy' command to copy the portion of a repository the
user wishes to read into an area where they have write access.
Since copies are versioned, any such copy attempts will be readily
This is a low-risk vulnerability. It affects only users of Subversion
who are running servers inside Apache and using mod_authz_svn.
Additionally, this vulnerability may be exploited only by users with
write access to some portion of a repository.
Keep sensitive content separated into different Subversion
repositories, or disable the Apache Subversion server and use svnserve
See also :
All Subversion users should upgrade to the latest available version:
# emerge sync
# emerge -pv '>=dev-util/subversion-1.0.6'
# emerve '>=dev-util/subversion-1.0.6'
Risk factor :
Low / CVSS Base Score : 2.1
Family: Gentoo Local Security Checks
Nessus Plugin ID: 14553 (gentoo_GLSA-200407-20.nasl)
CVE ID: CVE-2004-1438