subversion: NULL pointer dereference flaw in mod_dav_svn when handling REPORT requests

A NULL pointer dereference flaw was found in the way the moddavsvn module handled REPORT requests. A remote, unauthenticated attacker could use a specially crafted REPORT request to crash moddavsvn...

(mod_dav_svn): DoS (excessive memory use) when configured to provide path-based access control

The moddavsvn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x and 1.6.x before 1.6.17, when the SVNPathAuthz shortcircuit option is enabled, allows remote attackers to cause a denial of service infinite loop and memory consumption in opportunistic circumstances by...

(mod_dav_svn): DoS (crash) by processing certain requests to display all available repositories to a web browser

The walk function in repos.c in the moddavsvn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.15, allows remote authenticated users to cause a denial of service NULL pointer dereference and daemon crash via vectors that trigger the walking of SVNParentPath...