Apache Subversion 1.4.x - 1.7.12 / 1.8.x < 1.8.3 Multiple Symlink File Overwrite Vulnerabilities

low Nessus Plugin ID 71568

Synopsis

The remote host has an application that is affected by multiple symlink overwrite vulnerabilities.

Description

The version of Subversion Server installed on the remote host is prior to version 1.8.3. It is, therefore, affected by multiple symlink file overwrite vulnerabilities :

- An error exists in the function 'handle_options' in the file 'svnwcsub.py' that could allow a local attacker to use a symlink attack to overwrite arbitrary files. Note that this issue only affects the 1.8.x branch.
(CVE-2013-4262)

- An error exists in the function 'write_pid_file' that could allow a local attacker to use a symlink attack to overwrite arbitrary files. (CVE-2013-4277)

Solution

Upgrade to Subversion Server 1.7.13 / 1.8.3 or later or apply the vendor patches or workarounds.

See Also

https://subversion.apache.org/security/CVE-2013-4262-advisory.txt

https://subversion.apache.org/security/CVE-2013-4277-advisory.txt

Plugin Details

Severity: Low

ID: 71568

File Name: subversion_1_8_3.nasl

Version: 1.7

Type: local

Agent: windows

Family: Windows

Published: 12/20/2013

Updated: 11/27/2019

Configuration: Enable paranoid mode

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.0

CVSS v2

Risk Factor: Low

Base Score: 3.3

Temporal Score: 2.4

Vector: CVSS2#AV:L/AC:M/Au:N/C:N/I:P/A:P

CVSS Score Source: CVE-2013-4277

Vulnerability Information

CPE: cpe:/a:apache:subversion

Required KB Items: Settings/ParanoidReport, installed_sw/Subversion Server

Exploit Ease: No known exploits are available

Patch Publication Date: 8/30/2013

Vulnerability Publication Date: 8/30/2013

Reference Information

CVE: CVE-2013-4262, CVE-2013-4277

BID: 62266, 68965