FreeBSD : subversion -- mod_dav_svn vulnerability (1839f78c-9f2b-11e3-980f-20cf30e32f6d)

This script is Copyright (C) 2014 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing one or more security-related
updates.

Description :

Subversion Project reports :

Subversion's mod_dav_svn Apache HTTPD server module will crash when it
receives an OPTIONS request against the server root and Subversion is
configured to handle the server root and SVNListParentPath is on. This
can lead to a DoS. There are no known instances of this problem being
exploited in the wild, but the details of how to exploit it have been
disclosed on the Subversion development mailing list.

See also :

https://subversion.apache.org/security/CVE-2014-0032-advisory.txt
http://www.nessus.org/u?f651180d

Solution :

Update the affected packages.

Risk factor :

High

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 72717 ()

Bugtraq ID:

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now