Lucene search
HistoryDec 07, 2013 - 8:55 p.m.
CVE-2013-4505
2.6 Low
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:N/I:N/A:P
6.6 Medium
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
68.7%
The is_this_legal function in mod_dontdothat for Apache Subversion 1.4.0 through 1.7.13 and 1.8.0 through 1.8.4 allows remote attackers to bypass intended access restrictions and possibly cause a denial of service (resource consumption) via a relative URL in a REPORT request.
Affected configurations
Node
apachemod_dontdothatMatch-
apachesubversionMatch1.4.0
ORapachesubversionMatch1.4.1
ORapachesubversionMatch1.4.2
ORapachesubversionMatch1.4.3
ORapachesubversionMatch1.4.4
ORapachesubversionMatch1.4.5
ORapachesubversionMatch1.4.6
ORapachesubversionMatch1.5.0
ORapachesubversionMatch1.5.1
ORapachesubversionMatch1.5.2
ORapachesubversionMatch1.5.3
ORapachesubversionMatch1.5.4
ORapachesubversionMatch1.5.5
ORapachesubversionMatch1.5.6
ORapachesubversionMatch1.5.7
ORapachesubversionMatch1.5.8
ORapachesubversionMatch1.6.0
ORapachesubversionMatch1.6.1
ORapachesubversionMatch1.6.2
ORapachesubversionMatch1.6.3
ORapachesubversionMatch1.6.4
ORapachesubversionMatch1.6.5
ORapachesubversionMatch1.6.6
ORapachesubversionMatch1.6.7
ORapachesubversionMatch1.6.8
ORapachesubversionMatch1.6.9
ORapachesubversionMatch1.6.10
ORapachesubversionMatch1.6.11
ORapachesubversionMatch1.6.12
ORapachesubversionMatch1.6.13
ORapachesubversionMatch1.6.14
ORapachesubversionMatch1.6.15
ORapachesubversionMatch1.6.16
ORapachesubversionMatch1.6.17
ORapachesubversionMatch1.6.18
ORapachesubversionMatch1.6.19
ORapachesubversionMatch1.6.20
ORapachesubversionMatch1.6.21
ORapachesubversionMatch1.6.23
ORapachesubversionMatch1.7.0
ORapachesubversionMatch1.7.1
ORapachesubversionMatch1.7.2
ORapachesubversionMatch1.7.3
ORapachesubversionMatch1.7.4
ORapachesubversionMatch1.7.5
ORapachesubversionMatch1.7.6
ORapachesubversionMatch1.7.7
ORapachesubversionMatch1.7.8
ORapachesubversionMatch1.7.9
ORapachesubversionMatch1.7.10
ORapachesubversionMatch1.7.11
ORapachesubversionMatch1.7.12
ORapachesubversionMatch1.8.1
Related
openvas
openvas
Apache Subversion DoS Vulnerability (Feb 2016)
2016-02-08 00:00:00
Fedora Update for subversion FEDORA-2013-22208
2013-12-17 00:00:00
Amazon Linux: Security Advisory (ALAS-2013-269)
2015-09-08 00:00:00
debiancve
debiancve
CVE-2013-4505
2013-12-07 20:55:02
cve
cve
CVE-2013-4505
2013-12-07 20:55:02
ubuntucve
ubuntucve
CVE-2013-4505
2013-12-07 00:00:00
prion
prion
Design/Logic Flaw
2013-12-07 20:55:00
cvelist
cvelist
CVE-2013-4505
2013-12-07 20:00:00
nessus
nessus
Mandriva Linux Security Advisory : subversion (MDVSA-2013:288)
2013-12-18 00:00:00
FreeBSD : subversion -- multiple vulnerabilities (e3244a7b-5603-11e3-878d-20cf30e32f6d)
2013-11-26 00:00:00
Amazon Linux AMI : subversion (ALAS-2013-269)
2013-12-23 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: subversion-1.8.5-2.fc20
2013-12-31 19:02:57
[SECURITY] Fedora 19 Update: subversion-1.7.14-1.fc19
2013-12-11 02:00:11
[SECURITY] Fedora 18 Update: subversion-1.7.14-1.fc18
2013-12-11 02:00:39
freebsd
freebsd
subversion -- multiple vulnerabilities
2013-11-15 00:00:00
mageia
mageia
Updated subversion package fixes security vulnerabilities
2013-12-01 01:37:01
amazon
amazon
Medium: subversion
2013-12-17 21:39:00
securityvulns
securityvulns
[ MDVSA-2013:288 ] subversion
2014-01-09 00:00:00
Apache Subversion security vulnerabilities
2014-03-02 00:00:00
[slackware-security] subversion (SSA:2014-058-01)
2014-03-02 00:00:00
slackware
slackware
[slackware-security] subversion
2014-02-27 21:06:12
2.6 Low
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:N/I:N/A:P
6.6 Medium
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
68.7%
Related for NVD:CVE-2013-4505