Computer Security
[EN] securityvulns.ru no-pyccku


Apache Subversion multiple security vulnerabilities
Published:07.04.2015
Source:
SecurityVulns ID:14353
Type:remote
Description:Resources exhaustion, DoS, information spoofing.
Affected:APACHE : Subversion 1.8
CVE:CVE-2015-0251 (The mod_dav_svn server in Subversion 1.5.0 through 1.7.19 and 1.8.0 through 1.8.11 allows remote authenticated users to spoof the svn:author property via a crafted v1 HTTP protocol request sequences.)
 CVE-2015-0248 (The (1) mod_dav_svn and (2) svnserve servers in Subversion 1.6.0 through 1.7.19 and 1.8.0 through 1.8.11 allow remote attackers to cause a denial of service (assertion failure and abort) via crafted parameter combinations related to dynamically evaluated revision numbers.)
 CVE-2015-0202 (The mod_dav_svn server in Subversion 1.8.0 through 1.8.11 allows remote attackers to cause a denial of service (memory consumption) via a large number of REPORT requests, which trigger the traversal of FSFS repository nodes.)
Original documentdocumentMANDRIVA, [ MDVSA-2015:192 ] subversion (07.04.2015)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod