Apache Subversion 1.6.x / 1.7.x / 1.8.x < 1.6.23 / 1.7.11 / 1.8.1 Multiple Vulnerabilities
High Nessus Plugin ID 71566
SynopsisThe remote host has an application that is affected by multiple vulnerabilities.
DescriptionThe installed version of Subversion Server is affected by the following vulnerabilities :
- An input validation error exists in two files in the 'contrib/' directory that could allow arbitrary code execution. Note that this issue does not affect version 1.8.0. (CVE-2013-2088)
- An error exists related to the 'mod_dav_svn' Apache module that could allow denial of service attacks. Note that this issue does not affect the 1.6.x branch.
SolutionUpgrade to Subversion Server 1.6.23 / 1.7.11 / 1.8.1 or later, or apply the vendor patches or workarounds.