Page 4 of 33 results (0.006 seconds)

CVSS: 5.0EPSS: 1%CPEs: 103EXPL: 0

The mod_dav_svn Apache HTTPD server module in Apache Subversion 1.x before 1.7.19 and 1.8.x before 1.8.11 allows remote attackers to cause a denial of service (NULL pointer dereference and server crash) via a REPORT request for a resource that does not exist. El módulo mod_dav_svn Apache HTTPD del servidor Apache Subversion 1.x anterior a 1.7.19 y 1.8.x anterior a 1.8.11 permite a atacantes remotos llevar a cabo una denegación de servicio (referencia a puntero nulo y caída de servidor) mediante una petición REPORT para un recurso inexistente. A NULL pointer dereference flaw was found in the way the mod_dav_svn module handled REPORT requests. A remote, unauthenticated attacker could use a specially crafted REPORT request to crash mod_dav_svn. • http://lists.apple.com/archives/security-announce/2015/Mar/msg00003.html http://rhn.redhat.com/errata/RHSA-2015-0165.html http://rhn.redhat.com/errata/RHSA-2015-0166.html http://secunia.com/advisories/61131 http://subversion.apache.org/security/CVE-2014-3580-advisory.txt http://www.debian.org/security/2014/dsa-3107 http://www.securityfocus.com/bid/71726 http://www.ubuntu.com/usn/USN-2721-1 https://support.apple.com/HT204427 https://access.redhat.com/security/cve/C • CWE-476: NULL Pointer Dereference •

CVSS: 4.0EPSS: 0%CPEs: 94EXPL: 0

The (1) serf_ssl_cert_issuer, (2) serf_ssl_cert_subject, and (3) serf_ssl_cert_certificate functions in Serf 0.2.0 through 1.3.x before 1.3.7 does not properly handle a NUL byte in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority. Las funciones (1) serf_ssl_cert_issuer, (2) serf_ssl_cert_subject, and (3) serf_ssl_cert_certificate en Serf 0.2.0 hasta 1.3.x anterior a 1.3.7 no manejan debidamente un byte NUL en un nombre de dominio en el campo del asunto Common Name (CN) de un certificado X.509, lo que permite a atacantes man-in-the-middle falsificar servidores SSL arbitrarios a través de un certificado manipulado emitido por una autoridad de certificación legítima. • http://lists.opensuse.org/opensuse-updates/2014-08/msg00038.html http://secunia.com/advisories/59584 http://secunia.com/advisories/60721 http://ubuntu.com/usn/usn-2315-1 http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html http://www.securityfocus.com/bid/69238 https://groups.google.com/forum/#%21topic/serf-dev/NvgPoK6sFsc https://security.gentoo.org/glsa/201610-05 https://subversion.apache.org/security/CVE-2014-3522-advisory.txt •

CVSS: 4.0EPSS: 0%CPEs: 103EXPL: 0

Apache Subversion 1.0.0 through 1.7.x before 1.7.17 and 1.8.x before 1.8.10 uses an MD5 hash of the URL and authentication realm to store cached credentials, which makes it easier for remote servers to obtain the credentials via a crafted authentication realm. Apache Subversion 1.0.0 hasta 1.7.x anterior a 1.7.17 y 1.8.x anterior a 1.8.10 utiliza un hash MD5 de la URL y el reino (realm) de la autenticación para almacenar las credenciales de caché, lo que facilita a servidores remotos obtener credenciales a través de un reino (realm) de la autenticación manipulado. It was discovered that Subversion clients retrieved cached authentication credentials using the MD5 hash of the server realm string without also checking the server's URL. A malicious server able to provide a realm that triggers an MD5 collision could possibly use this flaw to obtain the credentials for a different realm. • http://lists.apple.com/archives/security-announce/2015/Mar/msg00003.html http://lists.opensuse.org/opensuse-updates/2014-08/msg00038.html http://rhn.redhat.com/errata/RHSA-2015-0165.html http://rhn.redhat.com/errata/RHSA-2015-0166.html http://secunia.com/advisories/59432 http://secunia.com/advisories/59584 http://secunia.com/advisories/60722 http://subversion.apache.org/security/CVE-2014-3528-advisory.txt http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html ht • CWE-201: Insertion of Sensitive Information Into Sent Data CWE-255: Credentials Management Errors •

CVSS: 4.0EPSS: 0%CPEs: 72EXPL: 0

The Serf RA layer in Apache Subversion 1.4.0 through 1.7.x before 1.7.18 and 1.8.x before 1.8.10 does not properly handle wildcards in the Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof servers via a crafted certificate. La capa Serf RA en Apache Subversion 1.4.0 hasta 1.7.x anterior a 1.7.18 y 1.8.x anterior a 1.8.10 no maneja debidamente los comodines (wildcards) en el campo Common Name (CN) o subjectAltName de un certificado X.509, lo que permite a atacantes man-in-the-middle falsificar servidores a través de un certificado manipulado. • http://lists.apple.com/archives/security-announce/2015/Mar/msg00003.html http://lists.opensuse.org/opensuse-updates/2014-08/msg00038.html http://secunia.com/advisories/59432 http://secunia.com/advisories/59584 http://secunia.com/advisories/60100 http://secunia.com/advisories/60722 http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html http://www.osvdb.org/109996 http://www.securityfocus.com/bid/69237 http://www.ubuntu.com/usn/USN-2316-1 https://exchange • CWE-297: Improper Validation of Certificate with Host Mismatch •

CVSS: 4.3EPSS: 10%CPEs: 21EXPL: 0

The get_resource function in repos.c in the mod_dav_svn module in Apache Subversion before 1.7.15 and 1.8.x before 1.8.6, when SVNListParentPath is enabled, allows remote attackers to cause a denial of service (crash) via vectors related to the server root and request methods other than GET, as demonstrated by the "svn ls http://svn.example.com" command. la función get_resource en repos.c en el módulo mod_dav_svn en Apache Subversion anterior a 1.7.15 y 1.8.x anterior a 1.8.6, cuando SVNListParentPath está habilitado, permite a atacantes remotos causar una denegación de servicio (caída) a través de vectores relacionados con la raíz del servidor y solicitudes diferentes a GET, tal como se ha demostrado con el comando "svn ls http://svn.example.com". • http://lists.opensuse.org/opensuse-updates/2014-02/msg00086.html http://lists.opensuse.org/opensuse-updates/2014-03/msg00011.html http://mail-archives.apache.org/mod_mbox/subversion-dev/201401.mbox/%3C52D328AB.8090502%40reser.org%3E http://mail-archives.apache.org/mod_mbox/subversion-dev/201401.mbox/%3C871u0gqb0d.fsf%40ntlworld.com%3E http://mail-archives.apache.org/mod_mbox/subversion-dev/201401.mbox/%3CCANvU9scLHr2yOLABW8q6_wNzhEf7pWM=NiavGcobqvUuyhKyAA%40mail.gmail.com%3E http://rhn.redhat.com/errata/ • CWE-20: Improper Input Validation •