Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Apache Subversion 1.8.x < 1.8.16 / 1.9.x < 1.9.4 Multiple Vulnerabilities

Medium

Synopsis

The remote host is running a version of Apache Subversion (SVN) that is affected by a multiple vulnerabilities.

Description

The version of Apache Subversion installed on the remote host is version 1.8.x prior to 1.8.16 or 1.9.x prior to 1.9.4. It is, therefore, affected by the following vulnerabilities :

- A flaw exists within 'svnserve/sasl' that is triggered when handling a realm string which is a prefix of the expected realm string, which can cause an authenticated remote attacker to incorrectly authenticate into the wrong realm. This may allow the attacker to gain access to areas they would otherwise be restricted from. (CVE-2016-2167) - A flaw exists within 'mod_authz_svn' that is triggered as authorization checks are not properly performed on 'COPY' and 'MOVE' actions. This may allow a remote attacker to use a specially crafted header to crash the server. (CVE-2016-2168) - A 'NULL pointer' dereference flaw exists within the 'mod_authz_svn' module that is triggered when handling invalid headers for COPY and MOVE requests. This may allow a remote attacker to cause a Subversion server to crash. (CVE-2016-2168)

Solution

Upgrade to Apache Subversion 1.9.4 or later. If 1.9.4 cannot be obtained, 1.8.16 is also patched for these vulnerabilities.