This script is Copyright (C) 2016 Tenable Network Security, Inc.
The remote FreeBSD host is missing one or more security-related
Subversion project reports :
svnserve, the svn:// protocol server, can optionally use the Cyrus
SASL library for authentication, integrity protection, and encryption.
Due to a programming oversight, authentication against Cyrus SASL
would permit the remote user to specify a realm string which is a
prefix of the expected realm string.
Subversion's httpd servers are vulnerable to a remotely triggerable
crash in the mod_authz_svn module. The crash can occur during an
authorization check for a COPY or MOVE request with a specially
crafted header value.
This allows remote attackers to cause a denial of service.
See also :
Update the affected packages.
Risk factor :
Medium / CVSS Base Score : 4.9