CVE-2009-2411

HIGH
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Multiple integer overflows in the libsvn_delta library in Subversion before 1.5.7, and 1.6.x before 1.6.4, allow remote authenticated users and remote Subversion servers to execute arbitrary code via an svndiff stream with large windows that trigger a heap-based buffer overflow, a related issue to CVE-2009-2412.

References

http://archives.neohapsis.com/archives/bugtraq/2009-08/0056.html

http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html

http://osvdb.org/56856

http://secunia.com/advisories/36184

http://secunia.com/advisories/36224

http://secunia.com/advisories/36232

http://secunia.com/advisories/36257

http://secunia.com/advisories/36262

http://subversion.tigris.org/security/CVE-2009-2411-advisory.txt

http://support.apple.com/kb/HT3937

http://svn.collab.net/repos/svn/tags/1.5.7/CHANGES

http://svn.collab.net/repos/svn/tags/1.6.4/CHANGES

http://svn.haxx.se/dev/archive-2009-08/0107.shtml

http://svn.haxx.se/dev/archive-2009-08/0108.shtml

http://svn.haxx.se/dev/archive-2009-08/0110.shtml

http://www.debian.org/security/2009/dsa-1855

http://www.mandriva.com/security/advisories?name=MDVSA-2009:199

http://www.redhat.com/support/errata/RHSA-2009-1203.html

http://www.securityfocus.com/bid/35983

http://www.securitytracker.com/id?1022697

http://www.ubuntu.com/usn/usn-812-1

http://www.vupen.com/english/advisories/2009/2180

http://www.vupen.com/english/advisories/2009/3184

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11465

https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00469.html

https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00485.html

Details

Source: MITRE

Published: 2009-08-07

Updated: 2017-09-19

Type: CWE-189

Risk Information

CVSS v2

Base Score: 8.5

Vector: AV:N/AC:M/Au:S/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 6.8

Severity: HIGH

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:subversion:subversion:0.22.1:*:*:*:*:*:*:*

cpe:2.3:a:subversion:subversion:0.23.0:*:*:*:*:*:*:*

cpe:2.3:a:subversion:subversion:0.24.0:*:*:*:*:*:*:*

cpe:2.3:a:subversion:subversion:0.24.1:*:*:*:*:*:*:*

cpe:2.3:a:subversion:subversion:0.24.2:*:*:*:*:*:*:*

cpe:2.3:a:subversion:subversion:0.25.0:*:*:*:*:*:*:*

cpe:2.3:a:subversion:subversion:0.27.0:*:*:*:*:*:*:*

cpe:2.3:a:subversion:subversion:0.28.0:*:*:*:*:*:*:*

cpe:2.3:a:subversion:subversion:0.28.1:*:*:*:*:*:*:*

cpe:2.3:a:subversion:subversion:0.28.2:*:*:*:*:*:*:*

cpe:2.3:a:subversion:subversion:0.29.0:*:*:*:*:*:*:*

cpe:2.3:a:subversion:subversion:0.30.0:*:*:*:*:*:*:*

cpe:2.3:a:subversion:subversion:0.31.0:*:*:*:*:*:*:*

cpe:2.3:a:subversion:subversion:0.32.0:*:*:*:*:*:*:*

cpe:2.3:a:subversion:subversion:0.32.1:*:*:*:*:*:*:*

cpe:2.3:a:subversion:subversion:0.33.0:*:*:*:*:*:*:*

cpe:2.3:a:subversion:subversion:0.33.1:*:*:*:*:*:*:*

cpe:2.3:a:subversion:subversion:0.34.0:*:*:*:*:*:*:*

cpe:2.3:a:subversion:subversion:0.35.0:*:*:*:*:*:*:*

cpe:2.3:a:subversion:subversion:0.35.1:*:*:*:*:*:*:*

cpe:2.3:a:subversion:subversion:0.36.0:*:*:*:*:*:*:*

cpe:2.3:a:subversion:subversion:0.37.0:*:*:*:*:*:*:*

cpe:2.3:a:subversion:subversion:1.0:*:*:*:*:*:*:*

cpe:2.3:a:subversion:subversion:1.0.0:*:*:*:*:*:*:*

cpe:2.3:a:subversion:subversion:1.0.1:*:*:*:*:*:*:*

cpe:2.3:a:subversion:subversion:1.0.2:*:*:*:*:*:*:*

cpe:2.3:a:subversion:subversion:1.0.3:*:*:*:*:*:*:*

cpe:2.3:a:subversion:subversion:1.0.4:*:*:*:*:*:*:*

cpe:2.3:a:subversion:subversion:1.0.5:*:*:*:*:*:*:*

cpe:2.3:a:subversion:subversion:1.0.6:*:*:*:*:*:*:*

cpe:2.3:a:subversion:subversion:1.0.7:*:*:*:*:*:*:*

cpe:2.3:a:subversion:subversion:1.0.8:*:*:*:*:*:*:*

cpe:2.3:a:subversion:subversion:1.0.9:*:*:*:*:*:*:*

cpe:2.3:a:subversion:subversion:1.1.0:*:*:*:*:*:*:*

cpe:2.3:a:subversion:subversion:1.1.0_rc1:*:*:*:*:*:*:*

cpe:2.3:a:subversion:subversion:1.1.0_rc2:*:*:*:*:*:*:*

cpe:2.3:a:subversion:subversion:1.1.0_rc3:*:*:*:*:*:*:*

cpe:2.3:a:subversion:subversion:1.1.1:*:*:*:*:*:*:*

cpe:2.3:a:subversion:subversion:1.1.2:*:*:*:*:*:*:*

cpe:2.3:a:subversion:subversion:1.1.3:*:*:*:*:*:*:*

cpe:2.3:a:subversion:subversion:1.1.4:*:*:*:*:*:*:*

cpe:2.3:a:subversion:subversion:1.2.0:*:*:*:*:*:*:*

cpe:2.3:a:subversion:subversion:1.2.1:*:*:*:*:*:*:*

cpe:2.3:a:subversion:subversion:1.2.2:*:*:*:*:*:*:*

cpe:2.3:a:subversion:subversion:1.2.3:*:*:*:*:*:*:*

cpe:2.3:a:subversion:subversion:1.3.0:*:*:*:*:*:*:*

cpe:2.3:a:subversion:subversion:1.3.1:*:*:*:*:*:*:*

cpe:2.3:a:subversion:subversion:1.3.2:*:*:*:*:*:*:*

cpe:2.3:a:subversion:subversion:1.4.0:*:*:*:*:*:*:*

cpe:2.3:a:subversion:subversion:1.4.1:*:*:*:*:*:*:*

cpe:2.3:a:subversion:subversion:1.4.2:*:*:*:*:*:*:*

cpe:2.3:a:subversion:subversion:1.4.3:*:*:*:*:*:*:*

cpe:2.3:a:subversion:subversion:1.4.4:*:*:*:*:*:*:*

cpe:2.3:a:subversion:subversion:1.4.5:*:*:*:*:*:*:*

cpe:2.3:a:subversion:subversion:1.5.0:*:*:*:*:*:*:*

cpe:2.3:a:subversion:subversion:1.5.1:*:*:*:*:*:*:*

cpe:2.3:a:subversion:subversion:1.5.3:*:*:*:*:*:*:*

cpe:2.3:a:subversion:subversion:1.5.4:*:*:*:*:*:*:*

cpe:2.3:a:subversion:subversion:1.5.5:*:*:*:*:*:*:*

cpe:2.3:a:subversion:subversion:*:*:*:*:*:*:*:* versions up to 1.5.6 (inclusive)

cpe:2.3:a:subversion:subversion:1.6.0:*:*:*:*:*:*:*

cpe:2.3:a:subversion:subversion:1.6.1:*:*:*:*:*:*:*

cpe:2.3:a:subversion:subversion:1.6.2:*:*:*:*:*:*:*

cpe:2.3:a:subversion:subversion:1.6.3:*:*:*:*:*:*:*

Tenable Plugins

View all (23 total)

IDNameProductFamilySeverity
67906Oracle Linux 4 / 5 : subversion (ELSA-2009-1203)NessusOracle Linux Local Security Checks
high
60638Scientific Linux Security Update : subversion on SL4.x, SL5.x i386/x86_64NessusScientific Linux Local Security Checks
high
51720SuSE 10 Security Update : subversion (ZYPP Patch Number 6423)NessusSuSE Local Security Checks
high
44720Debian DSA-1855-1 : subversion - heap overflowNessusDebian Local Security Checks
high
43775CentOS 5 : subversion (CESA-2009:1203)NessusCentOS Local Security Checks
high
800795Mac OS X 10.6 < 10.6.2 Multiple VulnerabilitiesLog Correlation EngineOperating System Detection
high
5227Mac OS X 10.6 < 10.6.2 Multiple VulnerabilitiesNessus Network MonitorGeneric
critical
42434Mac OS X 10.6.x < 10.6.2 Multiple VulnerabilitiesNessusMacOS X Local Security Checks
critical
42433Mac OS X Multiple Vulnerabilities (Security Update 2009-006)NessusMacOS X Local Security Checks
critical
42036openSUSE 10 Security Update : subversion (subversion-6418)NessusSuSE Local Security Checks
high
5140SVN < 1.5.6 / 1.6.0-1.6.3 Multiple Integer Overflows (deprecated)Nessus Network MonitorGeneric
high
5139TortoiseSVN < 1.5.6 / 1.6.0-1.6.3 Multiple Integer OverflowsNessus Network MonitorGeneric
high
40630GLSA-200908-05 : Subversion: Remote execution of arbitrary codeNessusGentoo Local Security Checks
high
40620Apache Subversion < 1.6.4 'libsvn_delta' Library Binary Delta svndiff Stream Parsing Multiple OverflowsNessusWindows
high
40589openSUSE Security Update : subversion (subversion-1185)NessusSuSE Local Security Checks
high
40588openSUSE Security Update : subversion (subversion-1185)NessusSuSE Local Security Checks
high
40541RHEL 4 / 5 : subversion (RHSA-2009:1203)NessusRed Hat Local Security Checks
high
40540Mandriva Linux Security Advisory : subversion (MDVSA-2009:199-1)NessusMandriva Local Security Checks
high
40536Fedora 11 : subversion-1.6.4-2.fc11 (2009-8449)NessusFedora Local Security Checks
high
40534Fedora 10 : subversion-1.6.4-2.fc10 (2009-8432)NessusFedora Local Security Checks
high
40528Ubuntu 6.06 LTS / 8.04 LTS / 8.10 / 9.04 : subversion vulnerability (USN-812-1)NessusUbuntu Local Security Checks
high
40511Slackware 12.0 / 12.1 / 12.2 / current : subversion (SSA:2009-219-01)NessusSlackware Local Security Checks
high
40508FreeBSD : subversion -- heap overflow vulnerability (bce1f76d-82d0-11de-88ea-001a4d49522b)NessusFreeBSD Local Security Checks
high