Tenable9395.PRMApache Subversion 1.8.x < 1.8.16 / 1.9.x < 1.9.4 Multiple Vulnerabilities
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:P/I:P/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
EPSS
Percentile
94.4%
The version of Apache Subversion installed on the remote host is version 1.8.x prior to 1.8.16 or 1.9.x prior to 1.9.4. It is, therefore, affected by the following vulnerabilities :
- A flaw exists within ‘svnserve/sasl’ that is triggered when handling a realm string which is a prefix of the expected realm string, which can cause an authenticated remote attacker to incorrectly authenticate into the wrong realm. This may allow the attacker to gain access to areas they would otherwise be restricted from. (CVE-2016-2167)
- A flaw exists within ‘mod_authz_svn’ that is triggered as authorization checks are not properly performed on ‘COPY’ and ‘MOVE’ actions. This may allow a remote attacker to use a specially crafted header to crash the server. (CVE-2016-2168)
- A ‘NULL pointer’ dereference flaw exists within the ‘mod_authz_svn’ module that is triggered when handling invalid headers for COPY and MOVE requests. This may allow a remote attacker to cause a Subversion server to crash. (CVE-2016-2168)
Binary data 9395.prmRelated
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:P/I:P/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
EPSS
Percentile
94.4%