subversion -- multiple vulnerabilities

2016-04-21T00:00:00
ID C8174B63-0D3A-11E6-B06E-D43D7EED0CE2
Type freebsd
Reporter FreeBSD
Modified 2016-04-21T00:00:00

Description

Subversion project reports:

svnserve, the svn:// protocol server, can optionally use the Cyrus SASL library for authentication, integrity protection, and encryption. Due to a programming oversight, authentication against Cyrus SASL would permit the remote user to specify a realm string which is a prefix of the expected realm string.

Subversion's httpd servers are vulnerable to a remotely triggerable crash in the mod_authz_svn module. The crash can occur during an authorization check for a COPY or MOVE request with a specially crafted header value. This allows remote attackers to cause a denial of service.