4 matches found
Subversion svn Protocol String Parsing (CVE-2004-0413)
Subversion is a revision control system that handles svn protocol requests. A specially crafted svn request could cause svnserve, the daemon that handles svn protocol requests, to allocate insufficient heap memory and overflow the heap. It is possible for a malicious attacker to run arbitrary cod...
CVE-2004-0413
libsvnrasvn in Subversion 1.0.4 trusts the length field of 1 svn://, 2 svn+ssh://, and 3 other svn protocol URL strings, which allows remote attackers to cause a denial of service memory consumption and possibly execute arbitrary code via an integer overflow that leads to a heap-based buffer...
Fedora Core 1 : subversion-0.32.1-5 (2004-165)
A heap overflow vulnerability was discovered in the svn:// protocol handling library, libsvnrasvn. If using the svnserve daemon, an unauthenticated client may be able execute arbitrary code as the user the daemon runs as. The Common Vulnerabilities and Exposures project cve.mitre.org has assigned...
CVE-2004-0413
CVE-2004-0413 affects Subversion 1.0.4 libraries (libsvn_ra_svn). The vulnerability arises because libsvn_ra_svn trusts the length field of svn://, svn+ssh://, and other svn protocol URL strings, enabling a remote attacker to trigger an integer overflow that leads to a heap-based buffer overflow....