This script is Copyright (C) 2011-2016 Tenable Network Security, Inc.
The remote Mandriva Linux host is missing one or more security
A vulnerability was discovered and corrected in subversion :
The mod_dav_svn module for the Apache HTTP Server, as distributed in
Apache Subversion before 1.6.16, allows remote attackers to cause a
denial of service (NULL pointer dereference and daemon crash) via a
request that contains a lock token (CVE-2011-0715).
Additionally for Corporate Server 4 and Enterprise Server 5 subversion
have been upgraded to the 1.6.16 version due to of numerous upstream
fixes and new features, the serf packages has also been upgraded to
the now required 0.3.0 version.
Packages for 2009.0 are provided as of the Extended Maintenance
Program. Please visit this link to learn more:
The updated packages have been upgraded to the 1.6.16 version which is
not vulnerable to this issue.
See also :
Update the affected packages.
Risk factor :
Medium / CVSS Base Score : 4.3
CVSS Temporal Score : 3.7
Public Exploit Available : false