FreeBSD : subversion -- Arbitrary code execution vulnerability (6e80bd9b-7e9b-11e7-abfe-90e2baa3bafc)

This script is Copyright (C) 2017 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing one or more security-related
updates.

Description :

subversion team reports :

A Subversion client sometimes connects to URLs provided by the
repository. This happens in two primary cases: during 'checkout',
'export', 'update', and 'switch', when the tree being downloaded
contains svn:externals properties; and when using 'svnsync sync' with
one URL argument.

A maliciously constructed svn+ssh:// URL would cause Subversion
clients to run an arbitrary shell command. Such a URL could be
generated by a malicious server, by a malicious user committing to a
honest server (to attack another user of that server's repositories),
or by a proxy server.

The vulnerability affects all clients, including those that use
file://, http://, and plain (untunneled) svn://.

An exploit has been tested.

See also :

http://subversion.apache.org/security/CVE-2017-9800-advisory.txt
http://www.nessus.org/u?ab94c919

Solution :

Update the affected packages.

Risk factor :

High

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 102466 ()

Bugtraq ID:

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now