385 matches found
DEBIAN-CVE-2014-8108
The moddavsvn Apache HTTPD server module in Apache Subversion 1.7.x before 1.7.19 and 1.8.x before 1.8.11 allows remote attackers to cause a denial of service NULL pointer dereference and crash via a request for a URI that triggers a lookup for a virtual transaction name that does not exist...
CVE-2014-3580
The moddavsvn Apache HTTPD server module in Apache Subversion 1.x before 1.7.19 and 1.8.x before 1.8.11 allows remote attackers to cause a denial of service NULL pointer dereference and server crash via a REPORT request for a resource that does not exist...
DEBIAN-CVE-2014-3580
The moddavsvn Apache HTTPD server module in Apache Subversion 1.x before 1.7.19 and 1.8.x before 1.8.11 allows remote attackers to cause a denial of service NULL pointer dereference and server crash via a REPORT request for a resource that does not exist...
CVE-2014-8108
The moddavsvn Apache HTTPD server module in Apache Subversion 1.7.x before 1.7.19 and 1.8.x before 1.8.11 allows remote attackers to cause a denial of service NULL pointer dereference and crash via a request for a URI that triggers a lookup for a virtual transaction name that does not exist...
CVE-2014-8108
The CVE-2014-8108 issue affects the Apache Subversion mod_dav_svn module. According to connected docs, Subversion 1.7.x is vulnerable before 1.7.19 and 1.8.x is vulnerable before 1.8.11, where a remote attacker can trigger a NULL pointer dereference by requesting a URI that causes a lookup for a ...
CVE-2014-3580
The moddavsvn Apache HTTPD server module in Apache Subversion 1.x before 1.7.19 and 1.8.x before 1.8.11 allows remote attackers to cause a denial of service NULL pointer dereference and server crash via a REPORT request for a resource that does not exist...
CVE-2014-3580
The moddavsvn Apache HTTPD server module in Apache Subversion 1.x before 1.7.19 and 1.8.x before 1.8.11 allows remote attackers to cause a denial of service NULL pointer dereference and server crash via a REPORT request for a resource that does not exist...
CVE-2014-8108
The moddavsvn Apache HTTPD server module in Apache Subversion 1.7.x before 1.7.19 and 1.8.x before 1.8.11 allows remote attackers to cause a denial of service NULL pointer dereference and crash via a request for a URI that triggers a lookup for a virtual transaction name that does not exist...
CVE-2014-3580
The moddavsvn Apache HTTPD server module in Apache Subversion 1.x before 1.7.19 and 1.8.x before 1.8.11 allows remote attackers to cause a denial of service NULL pointer dereference and server crash via a REPORT request for a resource that does not exist...
UBUNTU-CVE-2014-8108
The moddavsvn Apache HTTPD server module in Apache Subversion 1.7.x before 1.7.19 and 1.8.x before 1.8.11 allows remote attackers to cause a denial of service NULL pointer dereference and crash via a request for a URI that triggers a lookup for a virtual transaction name that does not exist...
Apache Subversion Module Metadata Accessible - Active Check
Apache Subversion Module Metadata accessible via HTTP. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Apache Subversion Server Unsupported Version Detection (deprecated)
This plugin has been deprecated. For plugins which identify unsupported instances of this product, search the plugin feed for Subversion Server SEoL. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid78507; scriptversion"1.9";...
Apache Subversion Client Unsupported Version Detection (deprecated)
This plugin has been deprecated. For plugins which identify unsupported instances of this product, search the plugin feed for Subversion Client SEoL. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid78506; scriptversion"1.9";...
Amazon Linux AMI : subversion (ALAS-2014-413)
The Serf RA layer in Apache Subversion 1.4.0 through 1.7.x before 1.7.18 and 1.8.x before 1.8.10 does not properly handle wildcards in the Common Name CN or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof servers via a crafted certificate. C Tenabl...
Medium: subversion
Issue Overview: The Serf RA layer in Apache Subversion 1.4.0 through 1.7.x before 1.7.18 and 1.8.x before 1.8.10 does not properly handle wildcards in the Common Name CN or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof servers via a crafted...
Fedora 20 : subversion-1.8.10-1.fc20 (2014-9636)
This update includes the latest stable release of Apache Subversion, version 1.8.10. Client-side bugfixes: - guard against md5 hash collisions when finding cached credentials - raserf: properly match wildcards in SSL certs. - raserf: ignore the CommonName in SSL certs where there are Subject Alt...
Fedora 19 : subversion-1.7.18-1.fc19 (2014-9521)
This update includes the latest stable release of Apache Subversion 1.7, version 1.7.18, fixing a minor security issue. Client-side bugfixes: - guard against md5 hash collisions when finding cached credentials CVE-2014-3528. See : http://subversion.apache.org/security/CVE-2014-3528-advisory.txt...
CVE-2014-3522
The Serf RA layer in Apache Subversion 1.4.0 through 1.7.x before 1.7.18 and 1.8.x before 1.8.10 does not properly handle wildcards in the Common Name CN or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof servers via a crafted certificate...
CVE-2014-3522
The Serf RA layer in Apache Subversion 1.4.0 through 1.7.x before 1.7.18 and 1.8.x before 1.8.10 does not properly handle wildcards in the Common Name CN or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof servers via a crafted certificate...
CVE-2014-3528
Apache Subversion 1.0.0 through 1.7.x before 1.7.17 and 1.8.x before 1.8.10 uses an MD5 hash of the URL and authentication realm to store cached credentials, which makes it easier for remote servers to obtain the credentials via a crafted authentication realm...