This script is Copyright (C) 2013-2014 Tenable Network Security, Inc.
The remote host has an application that is affected by multiple denial
of service vulnerabilities.
The installed version of Apache Subversion Server is prior to 1.6.23
or 1.7.x prior to 1.7.10. It is, therefore, affected by multiple
remote denial of service vulnerabilities :
- A flaw exists when handling specially crafted filenames
that could result in corruption of the FSFS repository.
A workaround exists to install a pre-commit hook that
will prevent unsanitized filenames from being committed
into the repository. (CVE-2013-1968)
- A flaw exists in svnserve server where improperly
handled aborted connection message are handled as
critical errors. (CVE-2013-2112)
See also :
Upgrade to Apache Subversion Server 1.6.23 / 1.7.10 / 1.8.0 or later
or apply the vendor patches or workarounds.
Risk factor :
Medium / CVSS Base Score : 5.0
CVSS Temporal Score : 4.3
Public Exploit Available : false