Vigil@nce - Subversion: three vulnerabilities
June 2013 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can use several vulnerabilities of Subversion, in
order to trigger a denial of service or to execute code.
Impacted products: Subversion, Debian, MBS, MES, openSUSE
Severity: 2/4
Creation date: 03/06/2013
DESCRIPTION OF THE VULNERABILITY
Several vulnerabilities were announced in Subversion.
An attacker can use a filename containing a line feed, to corrupt
the repository, in order to trigger a denial of service.
[severity:2/4; BID-60267, CVE-2013-1968]
An attacker can use contrib/hook-scripts/check-mime-type.pl and
contrib/hook-scripts/svn-keyword-check.pl, in order to inject
shell commands. [severity:2/4; BID-60265, CVE-2013-2088]
An attacker can prematurely close a TCP session with svnserve, in
order to trigger a denial of service. [severity:2/4; BID-60264,
CVE-2013-2112]
An attacker can therefore use several vulnerabilities of
Subversion, in order to trigger a denial of service or to execute
code.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Subversion-three-vulnerabilities-12889