This script is Copyright (C) 2012 Tenable Network Security, Inc.
The remote Scientific Linux host is missing one or more security
A NULL pointer dereference flaw was found in the way the mod_dav_svn
module processed certain requests to lock working copy paths in a
repository. A remote attacker could issue a lock request that could
cause the httpd process serving the request to crash. (CVE-2011-0715)
This update also fixes the following bug :
- A regression was found in the handling of repositories
which do not have a 'db/fsfs.conf' file. The 'svnadmin
hotcopy' command would fail when trying to produce a
copy of such a repository. This command has been fixed
to ignore the absence of the 'fsfs.conf' file. The
'svnadmin hotcopy' command will now succeed for this
type of repository. (BZ#681522)
After installing the updated packages, you must restart the httpd
daemon, if you are using mod_dav_svn, for the update to take effect.
See also :
Update the affected packages.
Risk factor :
Medium / CVSS Base Score : 4.3
Family: Scientific Linux Local Security Checks
Nessus Plugin ID: 60982 ()
CVE ID: CVE-2011-0715
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.