Korean
<< Back
VID 28243
Severity 40
Port 139,445
Protocol TCP
Class SMB
Detailed Description A version Subversion which is older than 1.5.7 has been installed on the host
The remote Windows host has an application that is affected by multiple heap overflow.

Specifically, the 'libsvn_delta' library fails to perform sufficient boundary checks before processing certain svndiff streams. An attacker with commit access to a vulnerable Subversion server could exploit this vulnerability from a Subversion client to trigger a heap overflow on the server. Typically such an attack would result in a denial of service condition or arbitrary code execution on the remote server.
An attacker could also trigger this issue from a rogue Subversion server on a Subversion client in response to a checkout or update request.

* Note: This check requires an account with Guest or upper privileges which can access the registry of the remote host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts.

* References:
http://svn.haxx.se/dev/archive-2009-08/0107.shtml
http://svn.haxx.se/dev/archive-2009-08/0108.shtml
http://subversion.tigris.org/security/CVE-2009-2411-advisory.txt

* Platforms Affected:
Subversion prior to 1.5.7
Recommendation Upgrade to the latest version of Subversion (1.5.7 or later), available from the Subversion Web page at http://subversion.tigris.org/
Related URL CVE-2009-2411 (CVE)
Related URL 35983 (SecurityFocus)
Related URL (ISS)