Scientific Linux Security Update : subversion on SL6.x i386/x86_64

This script is Copyright (C) 2012 Tenable Network Security, Inc.


Synopsis :

The remote Scientific Linux host is missing one or more security
updates.

Description :

An access restriction bypass flaw was found in the mod_dav_svn module.
If the SVNPathAuthz directive was set to 'short_circuit', certain
access rules were not enforced, possibly allowing sensitive repository
data to be leaked to remote users. Note that SVNPathAuthz is set to
'On' by default. (CVE-2010-3315)

A server-side memory leak was found in the Subversion server. If a
malicious, remote user performed 'svn blame' or 'svn log' operations
on certain repository files, it could cause the Subversion server to
consume a large amount of system memory. (CVE-2010-4644)

A NULL pointer dereference flaw was found in the way the mod_dav_svn
module processed certain requests. If a malicious, remote user issued
a certain type of request to display a collection of Subversion
repositories on a host that has the SVNListParentPath directive
enabled, it could cause the httpd process serving the request to
crash. Note that SVNListParentPath is not enabled by default.
(CVE-2010-4539)

After installing the updated packages, the Subversion server must be
restarted for the update to take effect: restart httpd if you are
using mod_dav_svn, or restart svnserve if it is used.

See also :

http://www.nessus.org/u?e0285304

Solution :

Update the affected packages.

Risk factor :

Medium / CVSS Base Score : 6.8
(CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:C)

Family: Scientific Linux Local Security Checks

Nessus Plugin ID: 60955 ()

Bugtraq ID:

CVE ID: CVE-2010-3315
CVE-2010-4539
CVE-2010-4644