9 matches found
SUSE CVE-2015-5259
Integer overflow in the readstring function in libsvnrasvn/marshal.c in Apache Subversion 1.9.x before 1.9.3 allows remote attackers to execute arbitrary code via an svn:// protocol string, which triggers a heap-based buffer overflow and an out-of-bounds read...
Amazon Linux AMI : mod_dav_svn / subversion (ALAS-2016-676)
It was found that when an SVN server both svnserve and httpd with the moddavsvn module searched the history of a file or a directory, it would disclose its location in the repository if that file or directory was not readable for example, if it had been moved. CVE-2015-3187 An integer overflow wa...
CVE-2015-5259
Integer overflow in the readstring function in libsvnrasvn/marshal.c in Apache Subversion 1.9.x before 1.9.3 allows remote attackers to execute arbitrary code via an svn:// protocol string, which triggers a heap-based buffer overflow and an out-of-bounds read...
GLSA-200406-07 : Subversion: Remote heap overflow
The remote host is affected by the vulnerability described in GLSA-200406-07 Subversion: Remote heap overflow The svn protocol parser trusts the indicated length of a URI string sent by a client. This allows a client to specify a very long string, thereby causing svnserve to allocate enough memor...
Fedora Core 1 : subversion-0.32.1-5 (2004-165)
A heap overflow vulnerability was discovered in the svn:// protocol handling library, libsvnrasvn. If using the svnserve daemon, an unauthenticated client may be able execute arbitrary code as the user the daemon runs as. The Common Vulnerabilities and Exposures project cve.mitre.org has assigned...
Fedora Core 2 : subversion-1.0.4-2 (2004-166)
A heap overflow vulnerability was discovered in the svn:// protocol handling library, libsvnrasvn. If using the svnserve daemon, an unauthenticated client may be able execute arbitrary code as the user the daemon runs as. The Common Vulnerabilities and Exposures project cve.mitre.org has assigned...
CVE-2004-0397
Stack-based buffer overflow during the aprtimet data conversion in Subversion 1.0.2 and earlier allows remote attackers to execute arbitrary code via a 1 DAV2 REPORT query or 2 get-dated-rev svn-protocol command...
CVE-2004-0397
Stack-based buffer overflow during the aprtimet data conversion in Subversion 1.0.2 and earlier allows remote attackers to execute arbitrary code via a 1 DAV2 REPORT query or 2 get-dated-rev svn-protocol command...
CVE-2004-0397
Stack-based buffer overflow during the aprtimet data conversion in Subversion 1.0.2 and earlier allows remote attackers to execute arbitrary code via a 1 DAV2 REPORT query or 2 get-dated-rev svn-protocol command...