Page 4 of 25 results (0.009 seconds)

CVSS: 5.5EPSS: 0%CPEs: 37EXPL: 0

CVE-2013-1968 – format): Filenames with newline character can lead to revision corruption

https://notcve.org/view.php?id=CVE-2013-1968

Subversion before 1.6.23 and 1.7.x before 1.7.10 allows remote authenticated users to cause a denial of service (FSFS repository corruption) via a newline character in a file name. Subversion anterior a 1.6.23 y 1.7.x anterior a 1.7.10, permite a usuarios autenticados remotamente provocar una denegación de servicio (corrupción del repositorio FSF) a través de un carácter de nueva línea en un nombre de archivo. • http://lists.opensuse.org/opensuse-updates/2013-07/msg00015.html http://mail-archives.apache.org/mod_mbox/subversion-announce/201305.mbox/%3CCADkdwvRK51pQsybfvsAzjxQJrmVpL0fEa1K4WGkUP9Tzz6KFDw%40mail.gmail.com%3E http://mail-archives.apache.org/mod_mbox/subversion-announce/201305.mbox/%3CCADkdwvTxsMFeHgc8bK2V-2PrSrKoBffTi8%2BxbHA5tocrrewWew%40mail.gmail.com%3E http://rhn.redhat.com/errata/RHSA-2014-0255.html http://www.debian.org/security/2013/dsa-2703 http://www.ubuntu.com/usn/USN-1893-1 https://oval.cisecurity • CWE-138: Improper Neutralization of Special Elements •

CVSS: 7.8EPSS: 0%CPEs: 37EXPL: 0

CVE-2013-2112 – subversion: Remote DoS due improper handling of early-closing TCP connections

https://notcve.org/view.php?id=CVE-2013-2112

The svnserve server in Subversion before 1.6.23 and 1.7.x before 1.7.10 allows remote attackers to cause a denial of service (exit) by aborting a connection. El servidor svnserve en Subversion anterior a 1.6.23 y 1.7.x anterior a 1.7.10, permite a atacantes remotos provocar una denegación de servicio (salida) terminando una conexión. • http://lists.opensuse.org/opensuse-updates/2013-07/msg00015.html http://mail-archives.apache.org/mod_mbox/subversion-announce/201305.mbox/%3CCADkdwvRK51pQsybfvsAzjxQJrmVpL0fEa1K4WGkUP9Tzz6KFDw%40mail.gmail.com%3E http://mail-archives.apache.org/mod_mbox/subversion-announce/201305.mbox/%3CCADkdwvTxsMFeHgc8bK2V-2PrSrKoBffTi8%2BxbHA5tocrrewWew%40mail.gmail.com%3E http://rhn.redhat.com/errata/RHSA-2014-0255.html http://www.debian.org/security/2013/dsa-2703 http://www.ubuntu.com/usn/USN-1893-1 https://oval.cisecurity •

CVSS: 4.0EPSS: 0%CPEs: 32EXPL: 0

CVE-2013-1846 – (mod_dav_svn): DoS (crash) via LOCK requests against an activity URL

https://notcve.org/view.php?id=CVE-2013-1846

The mod_dav_svn Apache HTTPD server module in Subversion 1.6.x before 1.6.21 and 1.7.0 through 1.7.8 allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) via a LOCK on an activity URL. El modulo mod_dav_svn Apache HTTPD server en Subversion v1.6.x hasta v1.6.21 y v1.7.0 hasta v1.7.8 permite a usuarios remotos autenticados causar una denegación de servicio (referencia NULL y caída de la aplicación) a través de un bloqueo en una URL vigente. • http://lists.opensuse.org/opensuse-updates/2013-04/msg00095.html http://lists.opensuse.org/opensuse-updates/2013-06/msg00069.html http://mail-archives.apache.org/mod_mbox/subversion-announce/201304.mbox/%3CCADkdwvRoyVrZV12tgC0FMGrc6%2BMisd3qTcZ%2BDdpFGgTahkgAkQ%40mail.gmail.com%3E http://mail-archives.apache.org/mod_mbox/subversion-announce/201304.mbox/%3CCADkdwvSTMLbn4q_KM3Ph2UOeSiPGhEK4%3DSvwEjaHW_GUGkYWPQ%40mail.gmail.com%3E http://rhn.redhat.com/errata/RHSA-2013-0737.html http://subversion.apache.org/security/CVE-201 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 5.0EPSS: 1%CPEs: 112EXPL: 0

CVE-2011-0715 – (mod_dav_svn): DoS (NULL ptr deref) by a lock token sent from a not authenticated Subversion client

https://notcve.org/view.php?id=CVE-2011-0715

The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.16, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a request that contains a lock token. El módulo mod_dav_svn para el servidor Apache HTTP, como el distribuido en Apache Subversion antes de v1.6.16, permite a atacantes remotos provocar una denegación de servicio (desreferenciar de puntero NULL y caída de demonio) a través de una solicitud que contiene un token de bloqueo. • http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056071.html http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056072.html http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056736.html http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html http://secunia.com/advisories/43583 http://secunia.com/advisories/43603 http://secunia.com/advisories/43672 http: •

CVSS: 6.8EPSS: 1%CPEs: 111EXPL: 1

CVE-2010-4539 – (mod_dav_svn): DoS (crash) by processing certain requests to display all available repositories to a web browser

https://notcve.org/view.php?id=CVE-2010-4539

The walk function in repos.c in the mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.15, allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via vectors that trigger the walking of SVNParentPath collections. La función walk en repos.c en el módulo mod_dav_svn para el servidor Apache HTTP, como los distribuidos en Apache Subversion anteriores a v1.6.15, permite a usuarios remotos autenticados causar una denegación de servicio (desreferencia a puntero NULL y caída del demonio) a través de vectores que provocan el seguimiento de Las colecciones SVNParentPath. • http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053230.html http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html http://mail-archives.apache.org/mod_mbox/subversion-users/201011.mbox/%3C3923B919-C2BE-41AD-84ED-7207837FAD1A%40ncsa.illinois.edu%3E http://mail-archives.apache.org/mod_mbox/www-announce/201011.mbox/%3CAANLkTi=5+NOi-Cp=fKCx6mAW-TofFVW=ikEQkXgQB8Bt%40mail.gmail.com%3E http://openwall.com/lists/oss-security/2011/01/02/1 http://openwall.com/list • CWE-399: Resource Management Errors •