EUVD-2016-8734

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2016-8734

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Apache Subversion's moddontdothat module and HTTP clients 1.4.0 through 1.8.16, and 1.9.0 through 1.9.4 are vulnerable to a denial-of-service attack caused by...

RHEL 7 : subversion (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - subversion: svnserve/sasl may authenticate users using the wrong realm CVE-2016-2167 - The reqcheckaccess...

Huawei EulerOS: Security Advisory for subversion (EulerOS-SA-2019-2550)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP2 : subversion (EulerOS-SA-2019-2504)

According to the versions of the subversion packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Apache Subversion's moddontdothat module and HTTP clients 1.4.0 through 1.8.16, and 1.9.0 through 1.9.4 are vulnerable to a denial-of-servic...

BELL-CVE-2016-8734 CVE-2016-8734 does not affect BellSoft software

Bulletin has no description...

CVE-2016-8734

CVE-2016-8734 affects Apache Subversion’s mod_dontdothat and HTTP(S) clients (versions 1.4.0–1.8.16 and 1.9.0–1.9.4). The root cause is exponential XML entity expansion, leading to denial-of-service via high CPU/memory usage. Multiple advisories confirm impact across distros (Debian, Mageia, Fedo...

SUSE-SU-2017:2163-1 Security update for subversion

This update for subversion fixes the following issue: - CVE-2016-8734: Unrestricted XML entity expansion in moddontdothat and Subversion clients using https:// bsc1011552. - CVE-2017-9800: client code execution via argument injection in SSH URL bnc1051362...

Ubuntu: Security Advisory (USN-3388-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 14.04 LTS / 16.04 LTS : Subversion vulnerabilities (USN-3388-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3388-1 advisory. Joern Schneeweisz discovered that Subversion did not properly handle host names in 'svn+ssh://' URLs. A remote attacker could use this to...

Debian DSA-3932-1 : subversion - security update

Several problems were discovered in Subversion, a centralised version control system. - CVE-2016-8734 jessie only Subversion's moddontdothat server module and Subversion clients using https:// were vulnerable to a denial-of-service attack caused by exponential XML entity expansion. - CVE-2017-980...

[SECURITY] [DSA 3932-1] subversion security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3932-1 [email protected] https://www.debian.org/security/ Sebastien Delafond August 10, 2017 https://www.debian.org/security/faq -...

[SECURITY] [DSA 3932-1] subversion security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3932-1 [email protected] https://www.debian.org/security/ Sebastien Delafond August 10, 2017 https://www.debian.org/security/faq -...

Debian: Security Advisory (DSA-3932-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Updated subversion packages fix security vulnerability

Subversion's moddontdothat module and clients using https:// are vulnerable to a denial-of-service attack caused by exponential XML entity expansion. The attack, otherwise known as the "billion laughs attack", targets XML parsers and can cause the targeted process to consume an excessive amount o...

CVE-2016-8734

Apache Subversion's moddontdothat module and HTTP clients 1.4.0 through 1.8.16, and 1.9.0 through 1.9.4 are vulnerable to a denial-of-service attack caused by exponential XML entity expansion. The attack can cause the targeted process to consume an excessive amount of CPU resources or memory...