subversion -- remotely triggerable "Assertion failed" DoS vulnerability or read overflow.

ID 2AE24334-F2E6-11E2-8346-001E8C75030D
Type freebsd
Reporter FreeBSD
Modified 2013-07-25T00:00:00


Subversion Project reports:

Subversion's mod_dav_svn Apache HTTPD server module will trigger an assertion on some requests made against a revision root. This can lead to a DoS. If assertions are disabled it will trigger a read overflow which may cause a SEGFAULT (or equivalent) or undefined behavior. Commit access is required to exploit this.