CVE-2015-3184

modauthzsvn in Apache Subversion 1.7.x before 1.7.21 and 1.8.x before 1.8.14, when using Apache httpd 2.4.x, does not properly restrict anonymous access, which allows remote anonymous users to read hidden files via the path name...

CVE-2015-3187

The svnrepostracenodelocations function in Apache Subversion before 1.7.21 and 1.8.x before 1.8.14, when path-based authorization is used, allows remote authenticated users to obtain sensitive path information by reading the history of a node that has been moved from a hidden path...

CVE-2015-3184

modauthzsvn in Apache Subversion 1.7.x before 1.7.21 and 1.8.x before 1.8.14, when using Apache httpd 2.4.x, does not properly restrict anonymous access, which allows remote anonymous users to read hidden files via the path name...

Apache Subversion Sensitive Information Disclosure Vulnerability

Apache Subversion is a free/open source version control system. Apache Subversion modauthzsvn fails to properly handle special paths, allowing remote users to exploit a vulnerability to obtain sensitive information in hidden libraries...

CVE-2015-3184

modauthzsvn in Apache Subversion 1.7.x before 1.7.21 and 1.8.x before 1.8.14, when using Apache httpd 2.4.x, does not properly restrict anonymous access, which allows remote anonymous users to read hidden files via the path name...

UBUNTU-CVE-2015-3187

The svnrepostracenodelocations function in Apache Subversion before 1.7.21 and 1.8.x before 1.8.14, when path-based authorization is used, allows remote authenticated users to obtain sensitive path information by reading the history of a node that has been moved from a hidden path...

Fedora 21 : subversion-1.8.13-7.fc21 (2015-11795)

This update includes the latest stable release of Apache Subversion, version 1.8.13. Three security vulnerabilities are fixed in this update : - CVE-2015-0202: https://subversion.apache.org/security/CVE-2015-0202-adv isory.txt - CVE-2015-0248: https://subversion.apache.org/security/CVE-2015-0248-...

Apache Subversion Spoofing Vulnerability (May 2015)

Apache Subversion is prone to a spoofing vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apache:subversion";...

Apache Subversion DoS Vulnerability (May 2015)

Apache Subversion is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Apache Subversion mod_dav_svn Denial of Service Vulnerability

Apache Subversion is a free/open source version control system. A security vulnerability in the Apache Subversion moddavsvn server allows an attacker to submit an excessive number of REPORT requests for a denial of service attack...

openSUSE Security Update : subversion (openSUSE-2015-289)

Apache Subversion was updated to 1.8.13 to fix three vulnerabilities and a number of non-security bugs. This release fixes three vulnerabilities : - Subversion HTTP servers with FSFS repositories were vulnerable to a remotely triggerable excessive memory use with certain REPORT requests. bsc92379...

Apache Subversion multiple security vulnerabilities

Resources exhaustion, DoS, information spoofing...

Mandriva Linux Security Advisory : subversion (MDVSA-2015:085)

Updated subversion packages fix security vulnerabilities : The moddavsvn module in Apache Subversion before 1.8.8, when SVNListParentPath is enabled, allows remote attackers to cause a denial of service crash via an OPTIONS request CVE-2014-0032. Ben Reser discovered that Subversion did not...

Apple Xcode < 6.2 (Mac OS X)

The Apple Xcode installed on the remote Mac OS X host is prior to version 6.2. It is, therefore, affected by the following vulnerabilities : - Numerous errors exist related to the bundled version of Apache Subversion. CVE-2014-3522, CVE-2014-3528, CVE-2014-3580, CVE-2014-8108 - An error exists...

Apache Subversion 1.7.x < 1.7.19 / 1.8.x < 1.8.11 Multiple Remote DoS

The remote host is running a version of Apache SVN 1.7.x prior to 1.7.19 or 1.8.x prior to 1.8.11. It is, therefore, affected by multiple denial of service vulnerabilities : - A NULL pointer dereference flaw exists in 'moddavsvn' that is triggered when handling REPORT requests. A remote attacker,...

Apache Subversion DoS

moddavsvn NULL pointer dereference on REPORT request processing...

Apache Subversion < 1.7.19 / 1.8.x < 1.8.11 Multiple DoS

Binary data 8616.prm...

Fedora 21 : subversion-1.8.11-1.fc21 (2014-17118)

This update includes the latest stable release of Apache Subversion, version 1.8.11. Two security issues in moddavsvn are addressed in this release CVE-2014-8108, CVE-2014-3580. For more details, see : http://subversion.apache.org/security/CVE-2014-8108-advisory.txt...

openSUSE Security Update : subversion (openSUSE-SU-2014:1725-1)

This Apache Subversion update fixes the following security and non security issues. - Apache Subversion 1.8.11 - This release addresses two security issues: boo909935 - CVE-2014-3580: moddavsvn DoS from invalid REPORT requests. - CVE-2014-8108: moddavsvn DoS from use of invalid transaction names....

CVE-2014-8108

The moddavsvn Apache HTTPD server module in Apache Subversion 1.7.x before 1.7.19 and 1.8.x before 1.8.11 allows remote attackers to cause a denial of service NULL pointer dereference and crash via a request for a URI that triggers a lookup for a virtual transaction name that does not exist...