VID |
28243 |
Severity |
40 |
Port |
139,445 |
Protocol |
TCP |
Class |
SMB |
Detailed Description |
A version Subversion which is older than 1.5.7 has been installed on the host The remote Windows host has an application that is affected by multiple heap overflow.
Specifically, the 'libsvn_delta' library fails to perform sufficient boundary checks before processing certain svndiff streams. An attacker with commit access to a vulnerable Subversion server could exploit this vulnerability from a Subversion client to trigger a heap overflow on the server. Typically such an attack would result in a denial of service condition or arbitrary code execution on the remote server. An attacker could also trigger this issue from a rogue Subversion server on a Subversion client in response to a checkout or update request.
* Note: This check requires an account with Guest or upper privileges which can access the registry of the remote host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References: http://svn.haxx.se/dev/archive-2009-08/0107.shtml http://svn.haxx.se/dev/archive-2009-08/0108.shtml http://subversion.tigris.org/security/CVE-2009-2411-advisory.txt
* Platforms Affected: Subversion prior to 1.5.7 |
Recommendation |
Upgrade to the latest version of Subversion (1.5.7 or later), available from the Subversion Web page at http://subversion.tigris.org/ |
Related URL |
CVE-2009-2411 (CVE) |
Related URL |
35983 (SecurityFocus) |
Related URL |
(ISS) |
|