CVE-2013-1845

The moddavsvn Apache HTTPD server module in Subversion 1.6.x before 1.6.21 and 1.7.0 through 1.7.8 allows remote authenticated users to cause a denial of service memory consumption by 1 setting or 2 deleting a large number of properties for a file or directory...

CVE-2013-1846

CVE-2013-1846 affects Subversion’s mod_dav_svn (Apache httpd). Priviledge: remote authenticated user. Vulnerable: Subversion 1.6.x before 1.6.21 and 1.7.0–1.7.8; impact: crashes via LOCK requests against activity URLs (denial of service). Mitigation: upgrade to Subversion 1.6.21 or 1.7.9 (or late...

CVE-2013-1846

The moddavsvn Apache HTTPD server module in Subversion 1.6.x before 1.6.21 and 1.7.0 through 1.7.8 allows remote authenticated users to cause a denial of service NULL pointer dereference and crash via a LOCK on an activity URL...

CVE-2013-1847

CVE-2013-1847 is a denial-of-service in Subversion via the mod_dav_svn Apache HTTPD module. The issue occurs when an anonymous LOCK is issued for a URL that does not exist, triggering crashes (NULL pointer dereference) in vulnerable Subversion versions. Affected are Subversion mod_dav_svn on Apac...

CVE-2013-1849

Subversion's mod_dav_svn (Apache httpd) is affected by CVE-2013-1849: a denial-of-service caused by a NULL pointer dereference triggered by a PROPFIND request for an activity URL. Affected versions are Subversion 1.6.x up to 1.6.20 and 1.7.0 through 1.7.8. No explicit patch or fixed version is pr...

CVE-2013-1847

The moddavsvn Apache HTTPD server module in Subversion 1.6.0 through 1.6.20 and 1.7.0 through 1.7.8 allows remote attackers to cause a denial of service NULL pointer dereference and crash via an anonymous LOCK for a URL that does not exist...

CVE-2013-1845

The moddavsvn Apache HTTPD server module in Subversion 1.6.x before 1.6.21 and 1.7.0 through 1.7.8 allows remote authenticated users to cause a denial of service memory consumption by 1 setting or 2 deleting a large number of properties for a file or directory...

CVE-2013-1849

The moddavsvn Apache HTTPD server module in Subversion 1.6.x through 1.6.20 and 1.7.0 through 1.7.8 allows remote attackers to cause a denial of service NULL pointer dereference and crash via a PROPFIND request for an activity URL...

CVE-2013-1884

The moddavsvn Apache HTTPD server module in Subversion 1.7.0 through 1.7.8 allows remote attackers to cause a denial of service segmentation fault and crash via a log REPORT request with an invalid limit, which triggers an access of an uninitialized variable...

Mandriva Linux Security Advisory : subversion (MDVSA-2013:153)

Multiple vulnerabilities has been found and corrected in subversion : Subversion's moddavsvn Apache HTTPD server module will use excessive amounts of memory when a large number of properties are set or deleted on a node. This can lead to a DoS. There are no known instances of this problem being...

Light HTTPD Buffer Overflow Vulnerability

Light HTTPD is prone to a buffer overflow vulnerability. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Windows Light HTTPD 0.1 - Buffer Overflow Vulnerability

Exploit for windows platform in category remote exploits import urllib2 from time import sleep TitleWindows Light HTTPD v0.1 HTTP GET Buffer Overflow Discovered and Reported24th of April, 2013 Discovered/Exploited ByJacob Holcomb/Gimppy042 Software...

Windows Light HTTPD 0.1 Buffer Overflow

import urllib2 from time import sleep TitleWindows Light HTTPD v0.1 HTTP GET Buffer Overflow Discovered and Reported24th of April, 2013 Discovered/Exploited ByJacob Holcomb/Gimppy042 Software Vendorhttp://sourceforge.net/projects/lhttpd/?source=navbar Exploit/Advisoryhttp://infosec42.blogspot.com...

Light HTTPd 0.1 (Windows) - Remote Buffer Overflow

Light HTTPd 0.1 Windows - Remote Buffer Overflow import urllib2 from time import sleep TitleWindows Light HTTPD v0.1 HTTP GET Buffer Overflow Discovered and Reported24th of April, 2013 Discovered/Exploited ByJacob Holcomb/Gimppy042 Software...

Light HTTPd 0.1 (Windows) - Remote Buffer Overflow

import urllib2 from time import sleep TitleWindows Light HTTPD v0.1 HTTP GET Buffer Overflow Discovered and Reported24th of April, 2013 Discovered/Exploited ByJacob Holcomb/Gimppy042 Software Vendorhttp://sourceforge.net/projects/lhttpd/?source=navbar Exploit/Advisoryhttp://infosec42.blogspot.com...

Apache HTTPD mod_log_config Cookie Handling Denial of Service - High Confidence (CVE-2012-0021)

A denial of service vulnerability has been reported in Apache HTTPD server. The vulnerability is due to a NULL pointer dereference error while logging crafted HTTP requests by modlogconfig. A remote attacker can exploit this issue by continuously sending HTTP requests containing specially crafted...

Scientific Linux Security Update : subversion on SL5.x, SL6.x i386/x86_64 (20130411)

A NULL pointer dereference flaw was found in the way the moddavsvn module handled PROPFIND requests on activity URLs. A remote attacker could use this flaw to cause the httpd process serving the request to crash. CVE-2013-1849 A flaw was found in the way the moddavsvn module handled large numbers...

Medium: subversion

Issue Overview: A NULL pointer dereference flaw was found in the way the moddavsvn module handled PROPFIND requests on activity URLs. A remote attacker could use this flaw to cause the httpd process serving the request to crash. CVE-2013-1849 A flaw was found in the way the moddavsvn module handl...

FreeBSD : Subversion -- multiple vulnerabilities (b6beb137-9dc0-11e2-882f-20cf30e32f6d)

Subversion team reports : Subversion's moddavsvn Apache HTTPD server module will use excessive amounts of memory when a large number of properties are set or deleted on a node. Subversion's moddavsvn Apache HTTPD server module will crash when a LOCK request is made against activity URLs...

CVE-2013-0470

HTTPD in IBM Netezza Performance Portal 1.0.2 allows remote authenticated users to list application directories containing asset files via a direct request to a directory URI, as demonstrated by listing image files...