This script is Copyright (C) 2014-2015 Tenable Network Security, Inc.
The remote Amazon Linux AMI host is missing a security update.
A flaw was found in the way the mod_dav_svn module handled OPTIONS
requests. A remote attacker with read access to an SVN repository
served via HTTP could use this flaw to cause the httpd process that
handled such a request to crash.
The get_resource function in repos.c in the mod_dav_svn module in
Apache Subversion before 1.7.15 and 1.8.x before 1.8.6, when
SVNListParentPath is enabled, allows remote attackers to cause a
denial of service (crash) via vectors related to the server root and
request methods other than GET, as demonstrated by the 'svn ls
See also :
Run 'yum update subversion' to update your system.
Risk factor :
Medium / CVSS Base Score : 4.3
Family: Amazon Linux Local Security Checks
Nessus Plugin ID: 73237 ()
CVE ID: CVE-2014-0032
Upgrade to Nessus Professional today!
Start your free Nessus Cloud trial now!
Begin Free Trial
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.