Lucene search

[email protected]NVD:CVE-2015-0248

HistoryApr 08, 2015 - 6:59 p.m.

CVE-2015-0248

2015-04-0818:59:01

CWE-399

[email protected]

web.nvd.nist.gov

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

6.1 Medium

AI Score

Confidence

Low

0.037 Low

EPSS

Percentile

91.8%

JSON

The (1) mod_dav_svn and (2) svnserve servers in Subversion 1.6.0 through 1.7.19 and 1.8.0 through 1.8.11 allow remote attackers to cause a denial of service (assertion failure and abort) via crafted parameter combinations related to dynamically evaluated revision numbers.

Affected configurations

NVD

Node

apachesubversionMatch1.6.0

apachesubversionMatch1.6.1

apachesubversionMatch1.6.2

apachesubversionMatch1.6.3

apachesubversionMatch1.6.4

apachesubversionMatch1.6.5

apachesubversionMatch1.6.6

apachesubversionMatch1.6.7

apachesubversionMatch1.6.8

apachesubversionMatch1.6.9

apachesubversionMatch1.6.10

apachesubversionMatch1.6.11

apachesubversionMatch1.6.12

apachesubversionMatch1.6.13

apachesubversionMatch1.6.14

apachesubversionMatch1.6.15

apachesubversionMatch1.6.16

apachesubversionMatch1.6.17

apachesubversionMatch1.6.18

apachesubversionMatch1.6.19

apachesubversionMatch1.6.20

apachesubversionMatch1.6.21

apachesubversionMatch1.6.23

apachesubversionMatch1.7.0

apachesubversionMatch1.7.1

apachesubversionMatch1.7.2

apachesubversionMatch1.7.3

apachesubversionMatch1.7.4

apachesubversionMatch1.7.5

apachesubversionMatch1.7.6

apachesubversionMatch1.7.7

apachesubversionMatch1.7.8

apachesubversionMatch1.7.9

apachesubversionMatch1.7.10

apachesubversionMatch1.7.11

apachesubversionMatch1.7.12

apachesubversionMatch1.7.13

apachesubversionMatch1.7.14

apachesubversionMatch1.7.15

apachesubversionMatch1.7.16

apachesubversionMatch1.7.17

apachesubversionMatch1.7.18

apachesubversionMatch1.7.19

apachesubversionMatch1.8.0

apachesubversionMatch1.8.1

apachesubversionMatch1.8.2

apachesubversionMatch1.8.3

apachesubversionMatch1.8.4

apachesubversionMatch1.8.5

apachesubversionMatch1.8.6

apachesubversionMatch1.8.7

apachesubversionMatch1.8.8

apachesubversionMatch1.8.9

apachesubversionMatch1.8.10

apachesubversionMatch1.8.11

Node

opensuseopensuseMatch13.1

opensuseopensuseMatch13.2

Node

applexcodeMatch7.0

Node

redhatenterprise_linux_desktopMatch6.0

redhatenterprise_linux_hpc_nodeMatch6

redhatenterprise_linux_serverMatch6.0

redhatenterprise_linux_server_eusMatch6.7.z

redhatenterprise_linux_workstationMatch6.0

Node

oraclesolarisMatch11.3

References

lists.apple.com/archives/security-announce/2015/Sep/msg00002.html

lists.opensuse.org/opensuse-updates/2015-04/msg00008.html

rhn.redhat.com/errata/RHSA-2015-1633.html

rhn.redhat.com/errata/RHSA-2015-1742.html

subversion.apache.org/security/CVE-2015-0248-advisory.txt

www.debian.org/security/2015/dsa-3231

www.mandriva.com/security/advisories?name=MDVSA-2015:192

www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html

www.securityfocus.com/bid/74260

www.securitytracker.com/id/1033214

www.ubuntu.com/usn/USN-2721-1

security.gentoo.org/glsa/201610-05

support.apple.com/HT205217

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

6.1 Medium

AI Score

Confidence

Low

0.037 Low

EPSS

Percentile

91.8%

JSON

Related for NVD:CVE-2015-0248

ubuntucve1 cve1 debiancve1 cvelist1 openvas14 prion1 veracode3 debian3 nessus20 osv2 freebsd1 f52 fedora1 redhat2 amazon1 securityvulns5 centos2 oraclelinux2 mageia1 ics1 ubuntu1 suse1 gentoo1