Apache Subversion < 1.8.0 / 1.7.10 / 1.6.23 Multiple Vulnerabilities
Medium Log Correlation Engine Plugin ID 800980
SynopsisThe remote host is running a version of Apache Subversion that is vulnerable to multiple attack vectors. Subversion is an open-source version-control application that is available for numerous platforms, including Microsoft Windows, UNIX, and UNIX-like operating systems.
DescriptionThe installed version of SVN is affected by the following vulnerabilities:
- Remote denial-of-service vulnerabilities exist due to an error in the svnserve server, as it does not properly handle aborted connection messages. (CVE-2013-1968, CVE-2013-2112)
- A command-injection vulnerability exists in the 'svn-keyword-check.pl' hook script while processing filenames. (CVE-2013-2088)
SolutionUpdates are available. Alternatively, upgrade to versions 1.8.0, 1.7.10, or 1.6.23.