CVE-2013-1846

The moddavsvn Apache HTTPD server module in Subversion 1.6.x before 1.6.21 and 1.7.0 through 1.7.8 allows remote authenticated users to cause a denial of service NULL pointer dereference and crash via a LOCK on an activity URL...

CVE-2013-1849

The moddavsvn Apache HTTPD server module in Subversion 1.6.x through 1.6.20 and 1.7.0 through 1.7.8 allows remote attackers to cause a denial of service NULL pointer dereference and crash via a PROPFIND request for an activity URL...

CVE-2013-1847

The moddavsvn Apache HTTPD server module in Subversion 1.6.0 through 1.6.20 and 1.7.0 through 1.7.8 allows remote attackers to cause a denial of service NULL pointer dereference and crash via an anonymous LOCK for a URL that does not exist...

CVE-2013-1849

The moddavsvn Apache HTTPD server module in Subversion 1.6.x through 1.6.20 and 1.7.0 through 1.7.8 allows remote attackers to cause a denial of service NULL pointer dereference and crash via a PROPFIND request for an activity URL...

CVE-2013-1845

The moddavsvn Apache HTTPD server module in Subversion 1.6.x before 1.6.21 and 1.7.0 through 1.7.8 allows remote authenticated users to cause a denial of service memory consumption by 1 setting or 2 deleting a large number of properties for a file or directory...

CVE-2013-1847

The moddavsvn Apache HTTPD server module in Subversion 1.6.0 through 1.6.20 and 1.7.0 through 1.7.8 allows remote attackers to cause a denial of service NULL pointer dereference and crash via an anonymous LOCK for a URL that does not exist...

CVE-2013-1845

The moddavsvn Apache HTTPD server module in Subversion 1.6.x before 1.6.21 and 1.7.0 through 1.7.8 allows remote authenticated users to cause a denial of service memory consumption by 1 setting or 2 deleting a large number of properties for a file or directory...

Null pointer dereference

The moddavsvn Apache HTTPD server module in Subversion 1.6.x before 1.6.21 and 1.7.0 through 1.7.8 allows remote authenticated users to cause a denial of service NULL pointer dereference and crash via a LOCK on an activity URL...

CVE-2013-1845

CVE-2013-1845 affects Subversion, specifically mod_dav_svn, where a remote authenticated user can trigger a denial of service by setting or deleting a large number of properties. Vulnerable versions are Subversion 1.6.x prior to 1.6.21 and 1.7.0 through 1.7.8. The issue causes memory exhaustion/D...

CVE-2013-1884

CVE-2013-1884 affects Subversion's mod_dav_svn for Apache httpd. In Subversion 1.7.0–1.7.8, a log REPORT request with an invalid limit can trigger an access of an uninitialized variable, causing a denial of service (segmentation fault/crash). Exploitation context: remote attacker via HTTP. The re...

CVE-2013-1846

The moddavsvn Apache HTTPD server module in Subversion 1.6.x before 1.6.21 and 1.7.0 through 1.7.8 allows remote authenticated users to cause a denial of service NULL pointer dereference and crash via a LOCK on an activity URL...

CVE-2013-1845

The moddavsvn Apache HTTPD server module in Subversion 1.6.x before 1.6.21 and 1.7.0 through 1.7.8 allows remote authenticated users to cause a denial of service memory consumption by 1 setting or 2 deleting a large number of properties for a file or directory...

CVE-2013-1846

CVE-2013-1846 affects Subversion’s mod_dav_svn (Apache httpd). Priviledge: remote authenticated user. Vulnerable: Subversion 1.6.x before 1.6.21 and 1.7.0–1.7.8; impact: crashes via LOCK requests against activity URLs (denial of service). Mitigation: upgrade to Subversion 1.6.21 or 1.7.9 (or late...

CVE-2013-1849

Subversion's mod_dav_svn (Apache httpd) is affected by CVE-2013-1849: a denial-of-service caused by a NULL pointer dereference triggered by a PROPFIND request for an activity URL. Affected versions are Subversion 1.6.x up to 1.6.20 and 1.7.0 through 1.7.8. No explicit patch or fixed version is pr...

CVE-2013-1845

The moddavsvn Apache HTTPD server module in Subversion 1.6.x before 1.6.21 and 1.7.0 through 1.7.8 allows remote authenticated users to cause a denial of service memory consumption by 1 setting or 2 deleting a large number of properties for a file or directory...

CVE-2013-1849

The moddavsvn Apache HTTPD server module in Subversion 1.6.x through 1.6.20 and 1.7.0 through 1.7.8 allows remote attackers to cause a denial of service NULL pointer dereference and crash via a PROPFIND request for an activity URL...

CVE-2013-1884

The moddavsvn Apache HTTPD server module in Subversion 1.7.0 through 1.7.8 allows remote attackers to cause a denial of service segmentation fault and crash via a log REPORT request with an invalid limit, which triggers an access of an uninitialized variable...

Mandriva Linux Security Advisory : subversion (MDVSA-2013:153)

Multiple vulnerabilities has been found and corrected in subversion : Subversion's moddavsvn Apache HTTPD server module will use excessive amounts of memory when a large number of properties are set or deleted on a node. This can lead to a DoS. There are no known instances of this problem being...

Apache HTTPD mod_log_config Cookie Handling Denial of Service - High Confidence (CVE-2012-0021)

A denial of service vulnerability has been reported in Apache HTTPD server. The vulnerability is due to a NULL pointer dereference error while logging crafted HTTP requests by modlogconfig. A remote attacker can exploit this issue by continuously sending HTTP requests containing specially crafted...

FreeBSD : Subversion -- multiple vulnerabilities (b6beb137-9dc0-11e2-882f-20cf30e32f6d)

Subversion team reports : Subversion's moddavsvn Apache HTTPD server module will use excessive amounts of memory when a large number of properties are set or deleted on a node. Subversion's moddavsvn Apache HTTPD server module will crash when a LOCK request is made against activity URLs...