Lucene search
RootSSV:20603HistoryJun 04, 2011 - 12:00 a.m.
Subversion 'mod_dav_svn'拒绝服务和信息泄露漏洞
2011-06-0400:00:00
Root
www.seebug.org
16
0.007 Low
EPSS
Percentile
80.7%
Bugtraq ID: 48091
CVE ID:CVE-2011-1752,CVE-2011-1783,CVE-2011-1921
Subversion是一款自由/开源版本控制系统。
Subversion存在多个安全漏洞,允许攻击者进行拒绝服务攻击或泄露敏感信息。
-处理基线资源请求时mod_dav_svn模块存在空指针引用错误,攻击者可以提交恶意请求可导致服务崩溃。
此漏洞影响1.6.16和之前版本。
-处理部分基于路径的访问控制规则时mod_dav_svn模块存在错误,可触发死循环并消耗大量内存,造成拒绝服务攻击。
此漏洞影响1.5.0到1.6.16之间的版本。
注:处理基于路径的访问规则存在缺陷,可导致部分不可读文件和目录变得可读,可泄露敏感信息
Apache Subversion 1.x
厂商解决方案
Apache Subversion 1.6.17已经修复此漏洞,建议用户下载使用:
http://subversion.apache.org/
Related
nessus
nessus
RHEL 5 / 6 : subversion (RHSA-2011:0862)
2011-06-09 00:00:00
FreeBSD : Subversion -- multiple vulnerabilities (e27a1af3-8d21-11e0-a45d-001e8c75030d)
2011-06-03 00:00:00
CentOS 5 : subversion (CESA-2011:0862)
2011-06-09 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-1144-1)
2011-06-10 00:00:00
Oracle: Security Advisory (ELSA-2011-0862)
2015-10-06 00:00:00
Ubuntu Update for subversion USN-1144-1
2011-06-10 00:00:00
suse
suse
subversion: security udpate (important)
2011-06-24 21:08:24
subversion (important)
2011-06-24 20:08:19
subversion security udpate (important)
2011-06-24 21:08:19
freebsd
freebsd
Subversion -- multiple vulnerabilities
2011-05-28 00:00:00
fedora
fedora
[SECURITY] Fedora 15 Update: subversion-1.6.17-1.fc15
2011-06-24 03:49:12
[SECURITY] Fedora 14 Update: subversion-1.6.17-1.fc14
2011-07-01 19:03:07
osv
osv
subversion - several
2011-06-02 00:00:00
oraclelinux
oraclelinux
subversion security update
2011-06-08 00:00:00
subversion security update
2011-06-08 00:00:00
debian
debian
[BSA-037] Security Update for subversion
2011-07-14 00:02:42
[SECURITY] [DSA 2251-1] subversion security update
2011-06-02 09:48:52
ubuntu
ubuntu
Subversion vulnerabilities
2011-06-06 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 2251-1] subversion security update
2011-06-02 00:00:00
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
2011-06-02 00:00:00
Apple OS X multiple security vulnerabilities
2012-02-03 00:00:00
redhat
redhat
(RHSA-2011:0862) Moderate: subversion security update
2011-06-08 00:00:00
(RHSA-2011:0861) Moderate: subversion security update
2011-06-08 00:00:00
seebug
seebug
Subversion "mod_dav_svn"多个拒绝服务和信息泄露漏洞
2011-07-07 00:00:00
centos
centos
mod_dav_svn, subversion security update
2011-06-08 22:32:53
mod_dav_svn, subversion security update
2011-08-14 21:21:35
altlinux
altlinux
Security fix for the ALT Linux 5 package subversion version 1.6.17-alt1
2011-07-20 00:00:00
nvd
nvd
veracode
veracode
Information Disclosure
2020-04-10 01:01:55
Denial Of Service (DoS)
2020-04-10 01:01:55
Denial Of Service (DoS)
2020-04-10 01:01:55
cve
cve
cvelist
cvelist
debiancve
debiancve
ubuntucve
ubuntucve
prion
prion
Design/Logic Flaw
2011-06-06 19:55:00
Null pointer dereference
2011-06-06 19:55:00
Design/Logic Flaw
2011-06-06 19:55:00
gentoo
gentoo
Subversion: Multiple vulnerabilities
2013-09-23 00:00:00