This script is Copyright (C) 2013-2016 Tenable Network Security, Inc.
The remote host has an application that is affected by multiple
symlink overwrite vulnerabilities.
The version of Subversion Server installed on the remote host is prior
to version 1.8.3. It is, therefore, affected by multiple symlink file
overwrite vulnerabilities :
- An error exists in the function 'handle_options' in the
file 'svnwcsub.py' that could allow a local attacker to
use a symlink attack to overwrite arbitrary files. Note
that this issue only affects the 1.8.x branch.
- An error exists in the function 'write_pid_file' that
could allow a local attacker to use a symlink attack to
overwrite arbitrary files. (CVE-2013-4277)
See also :
Upgrade to Subversion Server 1.7.13 / 1.8.3 or later or apply the
vendor patches or workarounds.
Risk factor :
Low / CVSS Base Score : 3.2
CVSS Temporal Score : 2.8
Public Exploit Available : true