Test Kennung:	1.3.6.1.4.1.25623.1.0.69823
Kategorie:	Mandrake Local Security Checks
Titel:	Mandriva Security Advisory MDVSA-2011:106 (subversion)
Zusammenfassung:	NOSUMMARY
Beschreibung:	Description: The remote host is missing an update to subversion announced via advisory MDVSA-2011:106. Multiple vulnerabilities were discovered and corrected in subversion: The mod_dav_svn Apache HTTPD server module will dereference a NULL pointer if asked to deliver baselined WebDAV resources which can lead to a DoS (Denial Of Service) (CVE-2011-1752). The mod_dav_svn Apache HTTPD server module may in certain cenarios enter a logic loop which does not exit and which allocates emory in each iteration, ultimately exhausting all the available emory on the server which can lead to a DoS (Denial Of Service) (CVE-2011-1783). The mod_dav_svn Apache HTTPD server module may leak to remote users the file contents of files configured to be unreadable by those users (CVE-2011-1921). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been upgraded to the 1.6.17 version which is not vulnerable to these issues. Affected: 2009.0, 2010.1, Corporate 4.0, Enterprise Server 5.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDVSA-2011:106 http://svn.apache.org/repos/asf/subversion/tags/1.6.17/CHANGES Risk factor : Medium CVSS Score: 5.0
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2011-1752 http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html BugTraq ID: 48091 http://www.securityfocus.com/bid/48091 Debian Security Information: DSA-2251 (Google Search) http://www.debian.org/security/2011/dsa-2251 http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062211.html http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061913.html http://www.mandriva.com/security/advisories?name=MDVSA-2011:106 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18922 http://www.redhat.com/support/errata/RHSA-2011-0861.html http://www.redhat.com/support/errata/RHSA-2011-0862.html http://www.securitytracker.com/id?1025617 http://secunia.com/advisories/44633 http://secunia.com/advisories/44681 http://secunia.com/advisories/44849 http://secunia.com/advisories/44879 http://secunia.com/advisories/44888 http://secunia.com/advisories/45162 http://www.ubuntu.com/usn/USN-1144-1 Common Vulnerability Exposure (CVE) ID: CVE-2011-1783 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18889 http://www.securitytracker.com/id?1025618 Common Vulnerability Exposure (CVE) ID: CVE-2011-1921 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18999 http://www.securitytracker.com/id?1025619 XForce ISS Database: subversion-control-rules-info-disc(67804) https://exchange.xforce.ibmcloud.com/vulnerabilities/67804
Copyright	Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.