CVE-2011-1783

(mod_dav_svn): DoS (excessive memory use) when configured to provide path-based access control

Severity Score

7.5

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x and 1.6.x before 1.6.17, when the SVNPathAuthz short_circuit option is enabled, allows remote attackers to cause a denial of service (infinite loop and memory consumption) in opportunistic circumstances by requesting data.

El módulo mod_dav_svn para Apache HTTP Server, como se distribuye en Apache Subersion v1.5.x y v1.6.x antes de 1.6.17, cuando la opción SVNPathAuthz short_circuit está habilitada permite a atacantes remotos a causar una denegación de servicio (bucle infinito y consumo de memoria) mediante la petición de datos en circunstancias oportunistas.

Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. The mod_dav_svn module is used with the Apache HTTP Server to allow access to Subversion repositories via HTTP. An infinite loop flaw was found in the way the mod_dav_svn module processed certain data sets. If the SVNPathAuthz directive was set to "short_circuit", and path-based access control for files and directories was enabled, a malicious, remote user could use this flaw to cause the httpd process serving the request to consume an excessive amount of system memory. Various other issues were also addressed.

*Credits: N/A

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Network

Attack Complexity

Medium

Authentication

None

Confidentiality

None

Integrity

None

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2010-06-02 CVE Published
2011-04-19 CVE Reserved
2024-08-06 CVE Updated
2025-03-30 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (20)

URL	Tag	Source
http://secunia.com/advisories/44633	Third Party Advisory
http://secunia.com/advisories/44681	Third Party Advisory
http://secunia.com/advisories/44849	Third Party Advisory
http://secunia.com/advisories/44888	Third Party Advisory
http://secunia.com/advisories/45162	Third Party Advisory
http://support.apple.com/kb/HT5130	Third Party Advisory
http://www.securityfocus.com/bid/48091	Third Party Advisory
http://www.securitytracker.com/id?1025618	Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18889	Signature

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html	2020-10-05
http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062211.html	2020-10-05
http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061913.html	2020-10-05
http://subversion.apache.org/security/CVE-2011-1783-advisory.txt	2020-10-05
http://svn.apache.org/repos/asf/subversion/tags/1.6.17/CHANGES	2020-10-05
http://www.debian.org/security/2011/dsa-2251	2020-10-05
http://www.mandriva.com/security/advisories?name=MDVSA-2011:106	2020-10-05
http://www.redhat.com/support/errata/RHSA-2011-0862.html	2020-10-05
http://www.ubuntu.com/usn/USN-1144-1	2020-10-05
https://bugzilla.redhat.com/show_bug.cgi?id=709112	2011-06-08
https://access.redhat.com/security/cve/CVE-2011-1783	2011-06-08

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Apache Search vendor "Apache"		Subversion Search vendor "Apache" for product "Subversion"				>= 1.5.0 <= 1.5.8 Search vendor "Apache" for product "Subversion" and version " >= 1.5.0 <= 1.5.8"		-		Affected
Apache Search vendor "Apache"		Subversion Search vendor "Apache" for product "Subversion"				>= 1.6.0 < 1.6.17 Search vendor "Apache" for product "Subversion" and version " >= 1.6.0 < 1.6.17"		-		Affected
Canonical Search vendor "Canonical"		Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux"				10.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "10.04"		-		Affected
Canonical Search vendor "Canonical"		Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux"				10.10 Search vendor "Canonical" for product "Ubuntu Linux" and version "10.10"		-		Affected
Canonical Search vendor "Canonical"		Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux"				11.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "11.04"		-		Affected
Debian Search vendor "Debian"		Debian Linux Search vendor "Debian" for product "Debian Linux"				5.0 Search vendor "Debian" for product "Debian Linux" and version "5.0"		-		Affected
Debian Search vendor "Debian"		Debian Linux Search vendor "Debian" for product "Debian Linux"				6.0 Search vendor "Debian" for product "Debian Linux" and version "6.0"		-		Affected
Fedoraproject Search vendor "Fedoraproject"		Fedora Search vendor "Fedoraproject" for product "Fedora"				14 Search vendor "Fedoraproject" for product "Fedora" and version "14"		-		Affected
Fedoraproject Search vendor "Fedoraproject"		Fedora Search vendor "Fedoraproject" for product "Fedora"				15 Search vendor "Fedoraproject" for product "Fedora" and version "15"		-		Affected
Apple Search vendor "Apple"		Mac Os X Search vendor "Apple" for product "Mac Os X"				< 10.7.3 Search vendor "Apple" for product "Mac Os X" and version " < 10.7.3"		-		Affected