FreeBSD : subversion date parsing vulnerability (5d36ef32-a9cf-11d8-9c6d-0020ed76ef5a)
High Nessus Plugin ID 36673
SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionStefan Esser reports :
Subversion versions up to 1.0.2 are vulnerable to a date parsing vulnerability which can be abused to allow remote code execution on Subversion servers and therefore could lead to a repository compromise.
NOTE: This vulnerability is similar to the date parsing issue that affected neon. However, it is a different and distinct bug.
SolutionUpdate the affected package.