EUVD-2013-6247

The davxmlgetcdata function in main/util.c in the moddav module in the Apache HTTP Server before 2.4.8 does not properly remove whitespace characters from CDATA sections, which allows remote attackers to cause a denial of service daemon crash via a crafted DAV WRITE request...

EUVD-2013-1893

moddav.c in the Apache HTTP Server before 2.2.25 does not properly determine whether DAV is enabled for a URI, which allows remote attackers to cause a denial of service segmentation fault via a MERGE request in which the URI is configured for handling by the moddavsvn module, but a certain href...

Debian DSA-558-1 : libapache-mod-dav - NULL pointer dereference

Julian Reschke reported a problem in moddav of Apache 2 in connection with a NULL pointer dereference. When running in a threaded model, especially with Apache 2, a segmentation fault can take out a whole process and hence create a denial of service for the whole server. %NASLMINLEVEL 70300 C...

CVE-2004-0809

The moddav module in Apache 2.0.50 and earlier allows remote attackers to cause a denial of service child process crash via a certain sequence of LOCK requests for a location that allows WebDAV authoring access...

FreeBSD : mod_dav -- lock related denial-of-service (15)

The following package needs to be updated: apache %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated by freebsdpkg013fa252072411d9b45d000c41e2cdad.nasl. Disabled on 2011/10/01. C Tenable Network Security, Inc. This script contains information extracted from VuXML : Copyright...

Security Update: [CSSA-2003-007.0] Linux: Apache mod_dav module format string vulnerability

To: [email protected] [email protected] [email protected] [email protected] SCO Security Advisory Subject: Linux: Apache moddav module format string vulnerability Advisory number: CSSA-2003-007.0 Issue date: 2003 February 17 Cross reference: 1...

Apache mod_dav module vulnerable to DoS

Overview A denial-of-service vulnerability exists in Apache moddav. Description moddav is an Apache module. This module enables Apache web servers to provide users the ability to edit and manage files on a remote web server using the HTTP protocol. A vulnerability in moddav may allow an attacker ...

CVE-2002-1593

moddav in Apache before 2.0.42 does not properly handle versioning hooks, which may allow remote attackers to kill a child process via a null dereference and cause a denial of service CPU consumption in a preforked multi-processing module...

Apache Httpd < 2.0.42 : mod_dav crash

A flaw was found in handling of versioning hooks in moddav. An attacker could send a carefully crafted request in such a way to cause the child process handling the connection to crash. This issue will only result in a denial of service where a threaded process model is in use...