subversion -- DoS vulnerabilities

2014-12-13T00:00:00
ID F5561ADE-846C-11E4-B7A7-20CF30E32F6D
Type freebsd
Reporter FreeBSD
Modified 2014-12-13T00:00:00

Description

Subversion Project reports:

Subversion's mod_dav_svn Apache HTTPD server module will crash when it receives a REPORT request for some invalid formatted special URIs. Subversion's mod_dav_svn Apache HTTPD server module will crash when it receives a request for some invalid formatted special URIs. We consider this to be a medium risk vulnerability. Repositories which allow for anonymous reads will be vulnerable without authentication. Unfortunately, no special configuration is required and all mod_dav_svn servers are vulnerable.