// For flags

CVE-2014-0032

subversion: mod_dav_svn crash when handling certain requests with SVNListParentPath on

Severity Score

7.4
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

The get_resource function in repos.c in the mod_dav_svn module in Apache Subversion before 1.7.15 and 1.8.x before 1.8.6, when SVNListParentPath is enabled, allows remote attackers to cause a denial of service (crash) via vectors related to the server root and request methods other than GET, as demonstrated by the "svn ls http://svn.example.com" command.

la función get_resource en repos.c en el módulo mod_dav_svn en Apache Subversion anterior a 1.7.15 y 1.8.x anterior a 1.8.6, cuando SVNListParentPath está habilitado, permite a atacantes remotos causar una denegación de servicio (caída) a través de vectores relacionados con la raíz del servidor y solicitudes diferentes a GET, tal como se ha demostrado con el comando "svn ls http://svn.example.com".

The mod_dav_svn module in Apache Subversion before 1.8.8, when SVNListParentPath is enabled, allows remote attackers to cause a denial of service via an OPTIONS request. Ben Reser discovered that Subversion did not correctly validate SSL certificates containing wildcards. A remote attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications. Bert Huijben discovered that Subversion did not properly handle cached credentials. A malicious server could possibly use this issue to obtain credentials cached for a different server. A NULL pointer dereference flaw was found in the way mod_dav_svn handled REPORT requests. A remote, unauthenticated attacker could use a crafted REPORT request to crash mod_dav_svn. A NULL pointer dereference flaw was found in the way mod_dav_svn handled URIs for virtual transaction names. A remote, unauthenticated attacker could send a request for a virtual transaction name that does not exist, causing mod_dav_svn to crash.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
High
Attack Vector
Network
Attack Complexity
Medium
Authentication
None
Confidentiality
None
Integrity
None
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2013-12-03 CVE Reserved
  • 2014-02-14 CVE Published
  • 2024-08-06 CVE Updated
  • 2025-03-30 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-20: Improper Input Validation
CAPEC
References (21)
URL Tag Source
http://mail-archives.apache.org/mod_mbox/subversion-dev/201401.mbox/%3C52D328AB.8090502%40reser.org%3E Mailing List
http://mail-archives.apache.org/mod_mbox/subversion-dev/201401.mbox/%3C871u0gqb0d.fsf%40ntlworld.com%3E Mailing List
http://mail-archives.apache.org/mod_mbox/subversion-dev/201401.mbox/%3CCANvU9scLHr2yOLABW8q6_wNzhEf7pWM=NiavGcobqvUuyhKyAA%40mail.gmail.com%3E Mailing List
http://secunia.com/advisories/60722 Third Party Advisory
http://secunia.com/advisories/61321 Third Party Advisory
http://support.apple.com/kb/HT6444 X_refsource_confirm
http://svn.apache.org/repos/asf/subversion/tags/1.7.15/CHANGES X_refsource_confirm
http://svn.apache.org/repos/asf/subversion/tags/1.8.6/CHANGES X_refsource_confirm
http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html X_refsource_confirm
http://www.osvdb.org/102927 Vdb Entry
http://www.securityfocus.com/bid/65434 Vdb Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/90986 Vdb Entry
URL Date SRC
URL Date SRC
http://svn.apache.org/viewvc?view=revision&revision=1557320 2023-11-07
URL Date SRC
http://lists.opensuse.org/opensuse-updates/2014-02/msg00086.html 2023-11-07
http://lists.opensuse.org/opensuse-updates/2014-03/msg00011.html 2023-11-07
http://rhn.redhat.com/errata/RHSA-2014-0255.html 2023-11-07
http://secunia.com/advisories/56822 2023-11-07
http://www.ubuntu.com/usn/USN-2316-1 2023-11-07
https://security.gentoo.org/glsa/201610-05 2023-11-07
https://access.redhat.com/security/cve/CVE-2014-0032 2014-03-05
https://bugzilla.redhat.com/show_bug.cgi?id=1062042 2014-03-05
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Apache
Search vendor "Apache"
 Subversion
Search vendor "Apache" for product "Subversion"
 1.8.0
Search vendor "Apache" for product "Subversion" and version "1.8.0"
-
Affected
Apache
Search vendor "Apache"
 Subversion
Search vendor "Apache" for product "Subversion"
 1.8.1
Search vendor "Apache" for product "Subversion" and version "1.8.1"
-
Affected
Apache
Search vendor "Apache"
 Subversion
Search vendor "Apache" for product "Subversion"
 1.8.2
Search vendor "Apache" for product "Subversion" and version "1.8.2"
-
Affected
Apache
Search vendor "Apache"
 Subversion
Search vendor "Apache" for product "Subversion"
 1.8.3
Search vendor "Apache" for product "Subversion" and version "1.8.3"
-
Affected
Apache
Search vendor "Apache"
 Subversion
Search vendor "Apache" for product "Subversion"
 1.8.4
Search vendor "Apache" for product "Subversion" and version "1.8.4"
-
Affected
Apache
Search vendor "Apache"
 Subversion
Search vendor "Apache" for product "Subversion"
 1.8.5
Search vendor "Apache" for product "Subversion" and version "1.8.5"
-
Affected
Apache
Search vendor "Apache"
 Subversion
Search vendor "Apache" for product "Subversion"
 <= 1.7.14
Search vendor "Apache" for product "Subversion" and version " <= 1.7.14"
-
Affected
Apache
Search vendor "Apache"
 Subversion
Search vendor "Apache" for product "Subversion"
 1.7.0
Search vendor "Apache" for product "Subversion" and version "1.7.0"
-
Affected
Apache
Search vendor "Apache"
 Subversion
Search vendor "Apache" for product "Subversion"
 1.7.1
Search vendor "Apache" for product "Subversion" and version "1.7.1"
-
Affected
Apache
Search vendor "Apache"
 Subversion
Search vendor "Apache" for product "Subversion"
 1.7.2
Search vendor "Apache" for product "Subversion" and version "1.7.2"
-
Affected
Apache
Search vendor "Apache"
 Subversion
Search vendor "Apache" for product "Subversion"
 1.7.3
Search vendor "Apache" for product "Subversion" and version "1.7.3"
-
Affected
Apache
Search vendor "Apache"
 Subversion
Search vendor "Apache" for product "Subversion"
 1.7.4
Search vendor "Apache" for product "Subversion" and version "1.7.4"
-
Affected
Apache
Search vendor "Apache"
 Subversion
Search vendor "Apache" for product "Subversion"
 1.7.5
Search vendor "Apache" for product "Subversion" and version "1.7.5"
-
Affected
Apache
Search vendor "Apache"
 Subversion
Search vendor "Apache" for product "Subversion"
 1.7.6
Search vendor "Apache" for product "Subversion" and version "1.7.6"
-
Affected
Apache
Search vendor "Apache"
 Subversion
Search vendor "Apache" for product "Subversion"
 1.7.7
Search vendor "Apache" for product "Subversion" and version "1.7.7"
-
Affected
Apache
Search vendor "Apache"
 Subversion
Search vendor "Apache" for product "Subversion"
 1.7.8
Search vendor "Apache" for product "Subversion" and version "1.7.8"
-
Affected
Apache
Search vendor "Apache"
 Subversion
Search vendor "Apache" for product "Subversion"
 1.7.9
Search vendor "Apache" for product "Subversion" and version "1.7.9"
-
Affected
Apache
Search vendor "Apache"
 Subversion
Search vendor "Apache" for product "Subversion"
 1.7.10
Search vendor "Apache" for product "Subversion" and version "1.7.10"
-
Affected
Apache
Search vendor "Apache"
 Subversion
Search vendor "Apache" for product "Subversion"
 1.7.11
Search vendor "Apache" for product "Subversion" and version "1.7.11"
-
Affected
Apache
Search vendor "Apache"
 Subversion
Search vendor "Apache" for product "Subversion"
 1.7.12
Search vendor "Apache" for product "Subversion" and version "1.7.12"
-
Affected
Apache
Search vendor "Apache"
 Subversion
Search vendor "Apache" for product "Subversion"
 1.7.13
Search vendor "Apache" for product "Subversion" and version "1.7.13"
-
Affected