CVE-2014-0032

The getresource function in repos.c in the moddavsvn module in Apache Subversion before 1.7.15 and 1.8.x before 1.8.6, when SVNListParentPath is enabled, allows remote attackers to cause a denial of service crash via vectors related to the server root and request methods other than GET, as...

CVE-2014-0032

The getresource function in repos.c in the moddavsvn module in Apache Subversion before 1.7.15 and 1.8.x before 1.8.6, when SVNListParentPath is enabled, allows remote attackers to cause a denial of service crash via vectors related to the server root and request methods other than GET, as...

Fedora 20 : subversion-1.8.5-2.fc20 (2013-22575)

This update includes the latest stable release of Apache Subversion 1.8, version 1.8.5. Two security fixes are included : moddontdothat allows you to block update REPORT requests against certain paths in the repository. It expects the paths in the REPORT request to be absolute URLs. Serf based...

Amazon Linux AMI : subversion (ALAS-2013-269)

The isthislegal function in moddontdothat for Apache Subversion 1.4.0 through 1.7.13 and 1.8.0 through 1.8.4 allows remote attackers to bypass intended access restrictions and possibly cause a denial of service resource consumption via a relative URL in a REPORT request. The getparentresource...

Medium: subversion

Issue Overview: The isthislegal function in moddontdothat for Apache Subversion 1.4.0 through 1.7.13 and 1.8.0 through 1.8.4 allows remote attackers to bypass intended access restrictions and possibly cause a denial of service resource consumption via a relative URL in a REPORT request. The...

Fedora 19 : subversion-1.7.14-1.fc19 (2013-22208)

This update includes the latest stable release of Apache Subversion 1.7, version 1.7.14. Two security fixes are included : moddontdothat allows you to block update REPORT requests against certain paths in the repository. It expects the paths in the REPORT request to be absolute URLs. Serf based...

CVE-2013-4505

The isthislegal function in moddontdothat for Apache Subversion 1.4.0 through 1.7.13 and 1.8.0 through 1.8.4 allows remote attackers to bypass intended access restrictions and possibly cause a denial of service resource consumption via a relative URL in a REPORT request...

CVE-2013-4505

The isthislegal function in moddontdothat for Apache Subversion 1.4.0 through 1.7.13 and 1.8.0 through 1.8.4 allows remote attackers to bypass intended access restrictions and possibly cause a denial of service resource consumption via a relative URL in a REPORT request...

Design/Logic Flaw

The isthislegal function in moddontdothat for Apache Subversion 1.4.0 through 1.7.13 and 1.8.0 through 1.8.4 allows remote attackers to bypass intended access restrictions and possibly cause a denial of service resource consumption via a relative URL in a REPORT request...

CVE-2013-4505

The isthislegal function in moddontdothat for Apache Subversion 1.4.0 through 1.7.13 and 1.8.0 through 1.8.4 allows remote attackers to bypass intended access restrictions and possibly cause a denial of service resource consumption via a relative URL in a REPORT request...

CVE-2013-4505

The isthislegal function in moddontdothat for Apache Subversion 1.4.0 through 1.7.13 and 1.8.0 through 1.8.4 allows remote attackers to bypass intended access restrictions and possibly cause a denial of service resource consumption via a relative URL in a REPORT request...

CVE-2013-4505

The isthislegal function in moddontdothat for Apache Subversion 1.4.0 through 1.7.13 and 1.8.0 through 1.8.4 allows remote attackers to bypass intended access restrictions and possibly cause a denial of service resource consumption via a relative URL in a REPORT request...

CVE-2013-4277

Svnserve in Apache Subversion 1.4.0 through 1.7.12 and 1.8.0 through 1.8.1 allows local users to overwrite arbitrary files or kill arbitrary processes via a symlink attack on the file specified by the --pid-file option...

Design/Logic Flaw

Svnserve in Apache Subversion 1.4.0 through 1.7.12 and 1.8.0 through 1.8.1 allows local users to overwrite arbitrary files or kill arbitrary processes via a symlink attack on the file specified by the --pid-file option...

CVE-2013-4277

Svnserve in Apache Subversion 1.4.0 through 1.7.12 and 1.8.0 through 1.8.1 allows local users to overwrite arbitrary files or kill arbitrary processes via a symlink attack on the file specified by the --pid-file option...

UBUNTU-CVE-2013-4277

Svnserve in Apache Subversion 1.4.0 through 1.7.12 and 1.8.0 through 1.8.1 allows local users to overwrite arbitrary files or kill arbitrary processes via a symlink attack on the file specified by the --pid-file option...

CVE-2013-4277

CVE-2013-4277 affects Svnserve in Apache Subversion; affected versions are 1.4.0–1.7.12 and 1.8.0–1.8.1. Local users can overwrite arbitrary files or kill arbitrary processes via a symlink attack on the file specified by the --pid-file option. Root cause: symlink race on pid-file handling. Impact...

CVE-2013-4277

Svnserve in Apache Subversion 1.4.0 through 1.7.12 and 1.8.0 through 1.8.1 allows local users to overwrite arbitrary files or kill arbitrary processes via a symlink attack on the file specified by the --pid-file option...

Fedora 19 : subversion-1.7.13-1.fc19 (2013-15717)

This update includes the latest stable release of Apache Subversion 1.7, version 1.7.13. One security vulnerability is fixed in this update : svnserve takes a --pid-file option which creates a file containing the process id it is running as. It does not take steps to ensure that the file it has...

CVE-2013-4246

libsvnfsfs/fsfs.c in Apache Subversion 1.8.x before 1.8.2 might allow remote authenticated users with commit access to corrupt FSFS repositories and cause a denial of service or obtain sensitive information by editing packed revision properties...