FreeBSD : subversion -- multiple DoS (71612099-1e93-11e0-a587-001b77d09812)

Medium Nessus Plugin ID 51520


The remote FreeBSD host is missing one or more security-related updates.


Entry for CVE-2010-4539 says :

The walk function in repos.c in the mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.15, allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via vectors that trigger the walking of SVNParentPath collections.

Entry for CVE-2010-4644 says :

Multiple memory leaks in rev_hunt.c in Apache Subversion before 1.6.15 allow remote authenticated users to cause a denial of service (memory consumption and daemon crash) via the -g option to the blame command.


Update the affected packages.

See Also

Plugin Details

Severity: Medium

ID: 51520

File Name: freebsd_pkg_716120991e9311e0a587001b77d09812.nasl

Version: $Revision: 1.7 $

Type: local

Published: 2011/01/14

Modified: 2013/12/17

Dependencies: 12634

Risk Information

Risk Factor: Medium


Base Score: 6.8

Temporal Score: 5.9

Vector: CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:C

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:subversion, p-cpe:/a:freebsd:freebsd:subversion-freebsd, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2011/01/13

Vulnerability Publication Date: 2011/01/02

Reference Information

CVE: CVE-2010-4539, CVE-2010-4644

BID: 45655