Lucene search

K

Kaspersky LabKLA10069

HistoryJul 12, 2013 - 12:00 a.m.

KLA10069 DoS vulnerability in Apache Subversion

2013-07-1200:00:00

Kaspersky Lab

threats.kaspersky.com

18

CVSS2

3.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:N/I:N/A:P

AI Score

6.2

Confidence

Low

EPSS

0.022

Percentile

89.5%

An assertion failure vulnerability was found in Apache Subversion. By exploiting this vulnerability malicious users can cause denial of service. This vulnerability can be exploited from the network at a point related to mod_dav_svn via a specially designed URL.

Original advisories

Apache bulletin

Related products

Apache-Subversion

CVE list

CVE-2013-4558 warning

Solution

Update to latest version

Impacts

DoS

Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.

Affected Products

Apache Subversion versions 1.7.11 to 1.7.13 and 1.8.1 to 1.8.4

References

statistics.securelist.com/

subversion.apache.org/security/CVE-2013-4558-advisory.txt

threats.kaspersky.com/en/product/Apache-Subversion/

CVSS2

3.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:N/I:N/A:P

AI Score

6.2

Confidence

Low

EPSS

0.022

Percentile

89.5%

Related for KLA10069

cve1 nvd1 prion1 ubuntucve1 debiancve1 cvelist1 openvas9 nessus10 fedora3 mageia1 freebsd1 amazon1 securityvulns3 slackware1 osv1