6 matches found
CVE-2011-1752
This CVE affects Subversion 1.6.x prior to 1.6.17, specifically the mod_dav_svn Apache module. The root cause is a NULL pointer dereference when handling baselined WebDAV resource requests, allowing remote attackers to cause a denial of service (daemon crash). The issue is noted as exploited in t...
CVE-2011-1783
The CVE-2011-1783 issue affects the mod_dav_svn Apache module distributed with Apache Subversion 1.5.x and 1.6.x up to 1.6.17. When SVNPathAuthz short_circuit is enabled, a remote attacker can trigger an infinite loop that leads to memory consumption and, in opportunistic circumstances, a denial ...
CVE-2010-4539
CVE-2010-4539 affects Apache Subversion's mod_dav_svn in versions shipped with Subversion prior to 1.6.15. The vulnerability is caused by a flaw in the walk function (repos.c) when processing SVNParentPath collections, allowing remote authenticated users to trigger a NULL pointer dereference and ...
CVE-2011-0715
Summary: CVE-2011-0715 affects the Subversion mod_dav_svn module in Apache HTTP Server. Affected software/versions: Apache Subversion prior to 1.6.16 (mod_dav_svn). Root cause: Remote attacker can trigger a NULL pointer dereference in the module when handling lock tokens. Impact: Denial of servic...
CVE-2011-1921
CVE-2011-1921 affects the Subversion mod_dav_svn Apache module in Subversion 1.5.x/1.6.x before 1.6.17. When SVNPathAuthz short_circuit is disabled, it fails to enforce permissions for files that were publicly readable in the past, allowing remote attackers to read sensitive information via a rep...
CVE-2010-4644
CVE-2010-4644 : In Apache Subversion, memory leaks in rev_hunt.c for versions before 1.6.15 can be exploited by remote authenticated users to cause a denial of service (memory consumption and daemon crash) via the -g option to the blame command. Multiple connected advisories (e.g., MiracleLinux A...