Lucene search
K

10 matches found

Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.21 views

openSUSE Security Update : subversion (openSUSE-SU-2013:1860-1)

This update fixes the following issues with subversion : - bnc850747: update to 1.7.14 - CVE-2013-4505: moddontdothat does not restrict requests from serf clients. - CVE-2013-4558: moddavsvn assertion triggered by autoversioning commits. + Client- and server-side bugfixes : - fix assertion on url...

3.5CVSS7.7AI score0.07858EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.32 views

openSUSE Security Update : subversion (openSUSE-SU-2013:1836-1)

This update fixes the following issues with subversion CVE-2013-4505,CVE-2013-4558 : - bnc850747: update to 1.8.5 - CVE-2013-4505: moddontdothat does not restrict requests from serf clients. - CVE-2013-4558: moddavsvn assertion triggered by autoversioning commits. + Client-side bugfixes : - fix...

3.5CVSS7.7AI score0.07858EPSS
Exploits0References5
securityvulns
securityvulns
added 2014/03/02 12:0 a.m.135 views

[slackware-security] subversion (SSA:2014-058-01)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 slackware-security subversion SSA:2014-058-01 New subversion packages are available for Slackware 14.0, 14.1, and -current to fix denial-of-service issues. Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+...

4.3CVSS8.4AI score0.11052EPSS
Exploits0
OpenVAS
OpenVAS
added 2014/02/05 12:0 a.m.28 views

Fedora Update for subversion FEDORA-2013-22575

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2013/12/20 12:0 a.m.39 views

Apache Subversion 1.4.x - 1.7.13 / 1.8.x < 1.8.5 Multiple DoS

The installed version of Subversion Server is affected by multiple denial of service vulnerabilities : - An error exists related to the 'moddontdothat' module and handling relative URLs sent from serf-based clients. CVE-2013-4505 - An error exists related to the 'moddavsvn' module and handling...

3.5CVSS7.8AI score0.07858EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2013/12/18 12:0 a.m.25 views

Mandriva Linux Security Advisory : subversion (MDVSA-2013:288)

Updated subversion package fixes security vulnerabilities : moddontdothat allows you to block update REPORT requests against certain paths in the repository. It expects the paths in the REPORT request to be absolute URLs. Serf based clients send relative URLs instead of absolute URLs in many case...

3.5CVSS7.7AI score0.07858EPSS
Exploits0References3
OSV
OSV
added 2013/12/07 8:55 p.m.7 views

CVE-2013-4505

The isthislegal function in moddontdothat for Apache Subversion 1.4.0 through 1.7.13 and 1.8.0 through 1.8.4 allows remote attackers to bypass intended access restrictions and possibly cause a denial of service resource consumption via a relative URL in a REPORT request...

2.6CVSS6.5AI score0.07858EPSS
Exploits0References6
OSV
OSV
added 2013/12/07 8:55 p.m.2 views

DEBIAN-CVE-2013-4505

The isthislegal function in moddontdothat for Apache Subversion 1.4.0 through 1.7.13 and 1.8.0 through 1.8.4 allows remote attackers to bypass intended access restrictions and possibly cause a denial of service resource consumption via a relative URL in a REPORT request...

2.6CVSS7AI score0.07858EPSS
Exploits0References1
CVE
CVE
added 2013/12/07 8:0 p.m.73 views

CVE-2013-4505

CVE-2013-4505 affects Apache Subversion: is_this_legal bypasses access restrictions in mod_dontdothat, enabling a remote attacker to trigger resource consumption/DoS via a crafted relative URL in a REPORT request for Subversion 1.4.0–1.7.13 and 1.8.0–1.8.4. Public advisories and OpenVAS/Nessus pl...

2.6CVSS6.5AI score0.07858EPSS
Exploits0References5Affected Software2
Debian CVE
Debian CVE
added 2013/12/07 8:0 p.m.23 views

CVE-2013-4505

The isthislegal function in moddontdothat for Apache Subversion 1.4.0 through 1.7.13 and 1.8.0 through 1.8.4 allows remote attackers to bypass intended access restrictions and possibly cause a denial of service resource consumption via a relative URL in a REPORT request...

2.6CVSS5.2AI score0.07858EPSS
Exploits0
Rows per page
Query Builder