5725 matches found
CVE-2011-1921
The moddavsvn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x and 1.6.x before 1.6.17, when the SVNPathAuthz shortcircuit option is disabled, does not properly enforce permissions for files that had been publicly readable in the past, which allows remote attackers to...
CVE-2011-1921
The moddavsvn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x and 1.6.x before 1.6.17, when the SVNPathAuthz shortcircuit option is disabled, does not properly enforce permissions for files that had been publicly readable in the past, which allows remote attackers to...
CVE-2011-1783
The moddavsvn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x and 1.6.x before 1.6.17, when the SVNPathAuthz shortcircuit option is enabled, allows remote attackers to cause a denial of service infinite loop and memory consumption in opportunistic circumstances by...
CVE-2011-1752
The moddavsvn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.17, allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via a request for a baselined WebDAV resource, as exploited in the wild in May 2011...
Null pointer dereference
The moddavsvn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.17, allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via a request for a baselined WebDAV resource, as exploited in the wild in May 2011...
Design/Logic Flaw
The moddavsvn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x and 1.6.x before 1.6.17, when the SVNPathAuthz shortcircuit option is disabled, does not properly enforce permissions for files that had been publicly readable in the past, which allows remote attackers to...
Design/Logic Flaw
The moddavsvn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x and 1.6.x before 1.6.17, when the SVNPathAuthz shortcircuit option is enabled, allows remote attackers to cause a denial of service infinite loop and memory consumption in opportunistic circumstances by...
CVE-2011-1783
The moddavsvn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x and 1.6.x before 1.6.17, when the SVNPathAuthz shortcircuit option is enabled, allows remote attackers to cause a denial of service infinite loop and memory consumption in opportunistic circumstances by...
CVE-2011-1921
The moddavsvn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x and 1.6.x before 1.6.17, when the SVNPathAuthz shortcircuit option is disabled, does not properly enforce permissions for files that had been publicly readable in the past, which allows remote attackers to...
CVE-2011-1752
The moddavsvn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.17, allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via a request for a baselined WebDAV resource, as exploited in the wild in May 2011...
CVE-2011-1921
The moddavsvn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x and 1.6.x before 1.6.17, when the SVNPathAuthz shortcircuit option is disabled, does not properly enforce permissions for files that had been publicly readable in the past, which allows remote attackers to...
CVE-2011-1752
This CVE affects Subversion 1.6.x prior to 1.6.17, specifically the mod_dav_svn Apache module. The root cause is a NULL pointer dereference when handling baselined WebDAV resource requests, allowing remote attackers to cause a denial of service (daemon crash). The issue is noted as exploited in t...
CVE-2011-1921
The moddavsvn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x and 1.6.x before 1.6.17, when the SVNPathAuthz shortcircuit option is disabled, does not properly enforce permissions for files that had been publicly readable in the past, which allows remote attackers to...
CVE-2011-1752
The moddavsvn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.17, allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via a request for a baselined WebDAV resource, as exploited in the wild in May 2011...
CVE-2011-1783
The moddavsvn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x and 1.6.x before 1.6.17, when the SVNPathAuthz shortcircuit option is enabled, allows remote attackers to cause a denial of service infinite loop and memory consumption in opportunistic circumstances by...
CVE-2011-1928
The fnmatch implementation in aprfnmatch.c in the Apache Portable Runtime APR library 1.4.3 and 1.4.4, and the Apache HTTP Server 2.2.18, allows remote attackers to cause a denial of service infinite loop via a URI that does not match unspecified types of wildcard patterns, as demonstrated by...
Code injection
The fnmatch implementation in aprfnmatch.c in the Apache Portable Runtime APR library 1.4.3 and 1.4.4, and the Apache HTTP Server 2.2.18, allows remote attackers to cause a denial of service infinite loop via a URI that does not match unspecified types of wildcard patterns, as demonstrated by...
CVE-2011-1928
The fnmatch implementation in aprfnmatch.c in the Apache Portable Runtime APR library 1.4.3 and 1.4.4, and the Apache HTTP Server 2.2.18, allows remote attackers to cause a denial of service infinite loop via a URI that does not match unspecified types of wildcard patterns, as demonstrated by...
RedHat Update for apr RHSA-2011:0507-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
DEBIAN-CVE-2011-0419
Stack consumption vulnerability in the fnmatch implementation in aprfnmatch.c in the Apache Portable Runtime APR library before 1.4.3 and the Apache HTTP Server before 2.2.18, and in fnmatch.c in libc in NetBSD 5.1, OpenBSD 4.8, FreeBSD, Apple Mac OS X 10.6, Oracle Solaris 10, and Android, allows...