Apache Subversion 1.0.x - 1.7.17 / 1.8.x < 1.8.10 Multiple Vulnerabilities

This script is Copyright (C) 2014-2016 Tenable Network Security, Inc.


Synopsis :

The remote host has an application that is affected by multiple
vulnerabilities.

Description :

The version of Subversion Server installed on the remote host is
version 1.x.x prior to 1.7.18 or 1.8.x prior to 1.8.10. It is,
therefore, affected by the following vulnerabilities :

- A flaw exists in the Serf RA layer. This flaw causes
wildcards for HTTPS connections to be improperly
evaluated, which may result in the application
accepting certificates that are not matched against the
proper hostname. This may allow a remote
man-in-the-middle attacker to intercept traffic and
spoof valid sessions. (CVE-2014-3522)

- An MD5 hash of the URL and authentication realm are
used to store cached credentials, which may allow
remote attackers to obtain these credentials via a
specially crafted authentication realm. (CVE-2014-3528)

See also :

http://subversion.apache.org/security/CVE-2014-3522-advisory.txt
http://subversion.apache.org/security/CVE-2014-3528-advisory.txt

Solution :

Upgrade to Subversion Server 1.7.18 / 1.8.10 or later, or apply the
vendor-supplied patch or workaround.

Risk factor :

Medium / CVSS Base Score : 4.0
(CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:N)
CVSS Temporal Score : 3.3
(CVSS2#E:F/RL:OF/RC:ND)
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 78068 ()

Bugtraq ID: 68995
69237

CVE ID: CVE-2014-3522
CVE-2014-3528

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now