Page 3 of 33 results (0.015 seconds)

CVSS: 6.5EPSS: 0%CPEs: 84EXPL: 0

Apache Subversion's mod_dontdothat module and HTTP clients 1.4.0 through 1.8.16, and 1.9.0 through 1.9.4 are vulnerable to a denial-of-service attack caused by exponential XML entity expansion. The attack can cause the targeted process to consume an excessive amount of CPU resources or memory. El módulo mod_dontdothat y los clientes HTTP en su versión 1.4.0 hasta la 1.8.16 y 1.9.0 hasta la 1.9.4 de Apache Subversion son vulnerables a un ataque de denegación de servicio (DoS) provocado por la expansión exponencial de la entidad XML. El ataque puede provocar que el proceso objetivo consuma una cantidad excesiva de recursos de la CPU o memoria. • http://www.debian.org/security/2017/dsa-3932 http://www.securityfocus.com/bid/94588 http://www.securitytracker.com/id/1037361 https://lists.apache.org/thread.html/7798f5cda1b2a3c70db4be77694b12dec8fcc1a441b00009d44f0e09%40%3Cannounce.apache.org%3E https://subversion.apache.org/security/CVE-2016-8734-advisory.txt https://www.oracle.com/security-alerts/cpuoct2020.html • CWE-400: Uncontrolled Resource Consumption •

CVSS: 6.8EPSS: 0%CPEs: 5EXPL: 0

The canonicalize_username function in svnserve/cyrus_auth.c in Apache Subversion before 1.8.16 and 1.9.x before 1.9.4, when Cyrus SASL authentication is used, allows remote attackers to authenticate and bypass intended access restrictions via a realm string that is a prefix of an expected repository realm string. La función canonicalize_username en svnserve/cyrus_auth.c en Apache Subversion en versiones anteriores a 1.8.16 y 1.9.x en versiones anteriores a 1.9.4, cuando se utiliza autenticación Cyrus SASL, permite a atacantes remotos autenticarse y eludir restricciones destinadas al acceso a través de una cadena realm que se prefija a un repositorio de cadena realm esperado. • http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184545.html http://lists.opensuse.org/opensuse-updates/2016-05/msg00043.html http://lists.opensuse.org/opensuse-updates/2016-05/msg00044.html http://mail-archives.apache.org/mod_mbox/subversion-announce/201604.mbox/%3CCAP_GPNgJet+7_MAhomFVOXPgLtewcUw9w=k9zdPCkq5tvPxVMA%40mail.gmail.com%3E http://mail-archives.apache.org/mod_mbox/subversion-announce/201604.mbox/%3CCAP_GPNgfn1iKueW51EpmXzXi_URNfGNofZSgOyW1_jnSeNm5DQ%40mail.gmail.com%3E http://subversion.apa • CWE-284: Improper Access Control •

CVSS: 6.5EPSS: 6%CPEs: 5EXPL: 0

The req_check_access function in the mod_authz_svn module in the httpd server in Apache Subversion before 1.8.16 and 1.9.x before 1.9.4 allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) via a crafted header in a (1) MOVE or (2) COPY request, involving an authorization check. La función req_check_access en el módulo mod_authz_svn en el servidor httpd en Apache Subversion en versiones anteriores a 1.8.16 y 1.9.x en versiones anteriores a 1.9.4 permite a usuarios remotos autenticados provocar una denegación de servicio (referencia a puntero NULL y caída) a través de una cabecera manipulada en una petición (1) MOVE o (2) COPY, involucrando una verificación de autorización. • http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184545.html http://lists.opensuse.org/opensuse-updates/2016-05/msg00043.html http://lists.opensuse.org/opensuse-updates/2016-05/msg00044.html http://mail-archives.apache.org/mod_mbox/subversion-announce/201604.mbox/%3CCAP_GPNgJet+7_MAhomFVOXPgLtewcUw9w=k9zdPCkq5tvPxVMA%40mail.gmail.com%3E http://mail-archives.apache.org/mod_mbox/subversion-announce/201604.mbox/%3CCAP_GPNgfn1iKueW51EpmXzXi_URNfGNofZSgOyW1_jnSeNm5DQ%40mail.gmail.com%3E http://subversion.apa •

CVSS: 4.0EPSS: 0%CPEs: 14EXPL: 0

The svn_repos_trace_node_locations function in Apache Subversion before 1.7.21 and 1.8.x before 1.8.14, when path-based authorization is used, allows remote authenticated users to obtain sensitive path information by reading the history of a node that has been moved from a hidden path. Vulnerabilidad en la función svn_repos_trace_node_locations en Apache Subversion en versiones anteriores a 1.7.21 y 1.8.x en versiones anteriores a 1.8.14, cuando se utiliza autorización basada en ruta, permite a usuarios remotos autenticados obtener información de ruta sensible leyendo el historial de un nodo que ha sido movido desde una ruta oculta. It was found that when an SVN server (both svnserve and httpd with the mod_dav_svn module) searched the history of a file or a directory, it would disclose its location in the repository if that file or directory was not readable (for example, if it had been moved). • http://lists.apple.com/archives/security-announce/2016/Mar/msg00003.html http://lists.opensuse.org/opensuse-updates/2015-08/msg00022.html http://rhn.redhat.com/errata/RHSA-2015-1633.html http://rhn.redhat.com/errata/RHSA-2015-1742.html http://subversion.apache.org/security/CVE-2015-3187-advisory.txt http://www.debian.org/security/2015/dsa-3331 http://www.securityfocus.com/bid/76273 http://www.securitytracker.com/id/1033215 http://www.ubuntu.com/usn/USN-2721-1 https:/ • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 5.0EPSS: 1%CPEs: 96EXPL: 0

The mod_dav_svn Apache HTTPD server module in Apache Subversion 1.7.x before 1.7.19 and 1.8.x before 1.8.11 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a request for a URI that triggers a lookup for a virtual transaction name that does not exist. El módulo mod_dav del servidor Apache HTTPD en Apache Subversion 1.7.x anterior a 1.7.19 y 1.8.x anterior a 1.8.11 permite a atacantes remotos provocar una denegación de servicio (referencia a puntero nulo y caída) a través de una petición a una URI que dispara una búsqueda para un nombre de transacción virtual que no existe. A NULL pointer dereference flaw was found in the way the mod_dav_svn module handled certain requests for URIs that trigger a lookup of a virtual transaction name. A remote, unauthenticated attacker could send a request for a virtual transaction name that does not exist, causing mod_dav_svn to crash. • http://lists.apple.com/archives/security-announce/2015/Mar/msg00003.html http://rhn.redhat.com/errata/RHSA-2015-0166.html http://secunia.com/advisories/61131 http://subversion.apache.org/security/CVE-2014-8108-advisory.txt http://www.securityfocus.com/bid/71725 http://www.ubuntu.com/usn/USN-2721-1 https://support.apple.com/HT204427 https://access.redhat.com/security/cve/CVE-2014-8108 https://bugzilla.redhat.com/show_bug.cgi?id=1174057 • CWE-476: NULL Pointer Dereference •