ID CVE-2011-0715
Summary The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.16, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a request that contains a lock token.
References
Vulnerable Configurations
  • Apache Software Foundation Subversion 1.0.4
    cpe:2.3:a:apache:subversion:1.0.4
  • Apache Software Foundation Subversion 1.0.5
    cpe:2.3:a:apache:subversion:1.0.5
  • Apache Software Foundation Subversion 1.0.2
    cpe:2.3:a:apache:subversion:1.0.2
  • Apache Software Foundation Subversion 1.0.3
    cpe:2.3:a:apache:subversion:1.0.3
  • Apache Software Foundation Subversion 1.0.0
    cpe:2.3:a:apache:subversion:1.0.0
  • Apache Software Foundation Subversion 1.0.1
    cpe:2.3:a:apache:subversion:1.0.1
  • Apache Software Foundation Subversion 0.36.0
    cpe:2.3:a:apache:subversion:0.36.0
  • Apache Software Foundation Subversion 0.37.0
    cpe:2.3:a:apache:subversion:0.37.0
  • Apache Software Foundation Subversion 1.1.2
    cpe:2.3:a:apache:subversion:1.1.2
  • Apache Software Foundation Subversion 1.1.3
    cpe:2.3:a:apache:subversion:1.1.3
  • Apache Software Foundation Subversion 1.1.0
    cpe:2.3:a:apache:subversion:1.1.0
  • Apache Software Foundation Subversion 1.1.1
    cpe:2.3:a:apache:subversion:1.1.1
  • Apache Software Foundation Subversion 1.0.8
    cpe:2.3:a:apache:subversion:1.0.8
  • Apache Software Foundation Subversion 1.0.9
    cpe:2.3:a:apache:subversion:1.0.9
  • Apache Software Foundation Subversion 1.0.6
    cpe:2.3:a:apache:subversion:1.0.6
  • Apache Software Foundation Subversion 1.0.7
    cpe:2.3:a:apache:subversion:1.0.7
  • Apache Software Foundation Subversion 1.3.2
    cpe:2.3:a:apache:subversion:1.3.2
  • Apache Software Foundation Subversion 1.3.1
    cpe:2.3:a:apache:subversion:1.3.1
  • Apache Software Foundation Subversion 1.3.0
    cpe:2.3:a:apache:subversion:1.3.0
  • Apache Software Foundation Subversion 1.2.3
    cpe:2.3:a:apache:subversion:1.2.3
  • Apache Software Foundation Subversion 1.2.2
    cpe:2.3:a:apache:subversion:1.2.2
  • Apache Software Foundation Subversion 1.2.1
    cpe:2.3:a:apache:subversion:1.2.1
  • Apache Software Foundation Subversion 1.2.0
    cpe:2.3:a:apache:subversion:1.2.0
  • Apache Software Foundation Subversion 1.1.4
    cpe:2.3:a:apache:subversion:1.1.4
  • Apache Software Foundation Subversion 1.4.6
    cpe:2.3:a:apache:subversion:1.4.6
  • Apache Software Foundation Subversion 1.4.5
    cpe:2.3:a:apache:subversion:1.4.5
  • Apache Software Foundation Subversion 1.4.4
    cpe:2.3:a:apache:subversion:1.4.4
  • Apache Software Foundation Subversion 1.4.3
    cpe:2.3:a:apache:subversion:1.4.3
  • Apache Software Foundation Subversion 1.4.2
    cpe:2.3:a:apache:subversion:1.4.2
  • Apache Software Foundation Subversion 1.4.1
    cpe:2.3:a:apache:subversion:1.4.1
  • Apache Software Foundation Subversion 1.4.0
    cpe:2.3:a:apache:subversion:1.4.0
  • Apache Software Foundation Subversion 0.18.1
    cpe:2.3:a:apache:subversion:0.18.1
  • Apache Software Foundation Subversion 0.19.0
    cpe:2.3:a:apache:subversion:0.19.0
  • Apache Software Foundation Subversion 0.19.1
    cpe:2.3:a:apache:subversion:0.19.1
  • Apache Software Foundation Subversion 0.20.0
    cpe:2.3:a:apache:subversion:0.20.0
  • Apache Software Foundation Subversion 0.16.1
    cpe:2.3:a:apache:subversion:0.16.1
  • Apache Software Foundation Subversion 0.17.0
    cpe:2.3:a:apache:subversion:0.17.0
  • Apache Software Foundation Subversion 0.17.1
    cpe:2.3:a:apache:subversion:0.17.1
  • Apache Software Foundation Subversion 0.18.0
    cpe:2.3:a:apache:subversion:0.18.0
  • Apache Software Foundation Subversion 0.22.2
    cpe:2.3:a:apache:subversion:0.22.2
  • Apache Software Foundation Subversion 0.23.0
    cpe:2.3:a:apache:subversion:0.23.0
  • Apache Software Foundation Subversion 0.24.0
    cpe:2.3:a:apache:subversion:0.24.0
  • Apache Software Foundation Subversion 0.24.1
    cpe:2.3:a:apache:subversion:0.24.1
  • Apache Software Foundation Subversion 0.20.1
    cpe:2.3:a:apache:subversion:0.20.1
  • Apache Software Foundation Subversion 0.21.0
    cpe:2.3:a:apache:subversion:0.21.0
  • Apache Software Foundation Subversion 0.22.0
    cpe:2.3:a:apache:subversion:0.22.0
  • Apache Software Foundation Subversion 0.22.1
    cpe:2.3:a:apache:subversion:0.22.1
  • Apache Software Foundation Subversion 0.28.1
    cpe:2.3:a:apache:subversion:0.28.1
  • Apache Software Foundation Subversion 0.28.0
    cpe:2.3:a:apache:subversion:0.28.0
  • Apache Software Foundation Subversion 0.29.0
    cpe:2.3:a:apache:subversion:0.29.0
  • Apache Software Foundation Subversion 0.28.2
    cpe:2.3:a:apache:subversion:0.28.2
  • Apache Software Foundation Subversion 0.25.0
    cpe:2.3:a:apache:subversion:0.25.0
  • Apache Software Foundation Subversion 0.24.2
    cpe:2.3:a:apache:subversion:0.24.2
  • Apache Software Foundation Subversion 0.27.0
    cpe:2.3:a:apache:subversion:0.27.0
  • Apache Software Foundation Subversion 0.26.0
    cpe:2.3:a:apache:subversion:0.26.0
  • Apache Software Foundation Subversion 0.34.0
    cpe:2.3:a:apache:subversion:0.34.0
  • Apache Software Foundation Subversion 0.33.1
    cpe:2.3:a:apache:subversion:0.33.1
  • Apache Software Foundation Subversion 0.35.1
    cpe:2.3:a:apache:subversion:0.35.1
  • Apache Software Foundation Subversion 0.35.0
    cpe:2.3:a:apache:subversion:0.35.0
  • Apache Software Foundation Subversion 0.31.0
    cpe:2.3:a:apache:subversion:0.31.0
  • Apache Software Foundation Subversion 0.30.0
    cpe:2.3:a:apache:subversion:0.30.0
  • Apache Software Foundation Subversion 0.33.0
    cpe:2.3:a:apache:subversion:0.33.0
  • Apache Software Foundation Subversion 0.32.1
    cpe:2.3:a:apache:subversion:0.32.1
  • Apache Software Foundation Subversion 1.5.0
    cpe:2.3:a:apache:subversion:1.5.0
  • Apache Software Foundation Subversion 1.5.3
    cpe:2.3:a:apache:subversion:1.5.3
  • Apache Software Foundation Subversion 1.5.4
    cpe:2.3:a:apache:subversion:1.5.4
  • Apache Software Foundation Subversion 1.5.1
    cpe:2.3:a:apache:subversion:1.5.1
  • Apache Software Foundation Subversion 1.5.2
    cpe:2.3:a:apache:subversion:1.5.2
  • Apache Software Foundation Subversion 1.5.8
    cpe:2.3:a:apache:subversion:1.5.8
  • Apache Software Foundation Subversion 1.5.7
    cpe:2.3:a:apache:subversion:1.5.7
  • Apache Software Foundation Subversion 1.5.6
    cpe:2.3:a:apache:subversion:1.5.6
  • Apache Software Foundation Subversion 1.5.5
    cpe:2.3:a:apache:subversion:1.5.5
  • Apache Software Foundation Subversion 1.6.3
    cpe:2.3:a:apache:subversion:1.6.3
  • Apache Software Foundation Subversion 1.6.2
    cpe:2.3:a:apache:subversion:1.6.2
  • Apache Software Foundation Subversion 1.6.1
    cpe:2.3:a:apache:subversion:1.6.1
  • Apache Software Foundation Subversion 1.6.0
    cpe:2.3:a:apache:subversion:1.6.0
  • Apache Software Foundation Subversion 1.6.11
    cpe:2.3:a:apache:subversion:1.6.11
  • Apache Software Foundation Subversion 1.6.10
    cpe:2.3:a:apache:subversion:1.6.10
  • Apache Software Foundation Subversion 1.6.13
    cpe:2.3:a:apache:subversion:1.6.13
  • Apache Software Foundation Subversion 1.6.12
    cpe:2.3:a:apache:subversion:1.6.12
  • Apache Software Foundation Subversion 0.9
    cpe:2.3:a:apache:subversion:0.9
  • Apache Software Foundation Subversion 0.8
    cpe:2.3:a:apache:subversion:0.8
  • Apache Software Foundation Subversion 0.7
    cpe:2.3:a:apache:subversion:0.7
  • Apache Software Foundation Subversion 0.6
    cpe:2.3:a:apache:subversion:0.6
  • Apache Software Foundation Subversion 0.14.2
    cpe:2.3:a:apache:subversion:0.14.2
  • Apache Software Foundation Subversion 0.14.3
    cpe:2.3:a:apache:subversion:0.14.3
  • Apache Software Foundation Subversion 0.14.0
    cpe:2.3:a:apache:subversion:0.14.0
  • Apache Software Foundation Subversion 0.14.1
    cpe:2.3:a:apache:subversion:0.14.1
  • Apache Software Foundation Subversion 0.15
    cpe:2.3:a:apache:subversion:0.15
  • Apache Software Foundation Subversion 0.16
    cpe:2.3:a:apache:subversion:0.16
  • Apache Software Foundation Subversion 0.14.4
    cpe:2.3:a:apache:subversion:0.14.4
  • Apache Software Foundation Subversion 0.14.5
    cpe:2.3:a:apache:subversion:0.14.5
  • Apache Software Foundation Subversion 0.10.2
    cpe:2.3:a:apache:subversion:0.10.2
  • Apache Software Foundation Subversion 0.11.1
    cpe:2.3:a:apache:subversion:0.11.1
  • Apache Software Foundation Subversion 0.10.0
    cpe:2.3:a:apache:subversion:0.10.0
  • Apache Software Foundation Subversion 0.10.1
    cpe:2.3:a:apache:subversion:0.10.1
  • Apache Software Foundation Subversion 0.13.1
    cpe:2.3:a:apache:subversion:0.13.1
  • Apache Software Foundation Subversion 0.13.2
    cpe:2.3:a:apache:subversion:0.13.2
  • Apache Software Foundation Subversion 0.12.0
    cpe:2.3:a:apache:subversion:0.12.0
  • Apache Software Foundation Subversion 0.13.0
    cpe:2.3:a:apache:subversion:0.13.0
  • Apache Software Foundation Subversion 1.6.7
    cpe:2.3:a:apache:subversion:1.6.7
  • Apache Software Foundation Subversion 1.6.6
    cpe:2.3:a:apache:subversion:1.6.6
  • Apache Software Foundation Subversion 1.6.5
    cpe:2.3:a:apache:subversion:1.6.5
  • Apache Software Foundation Subversion 1.6.4
    cpe:2.3:a:apache:subversion:1.6.4
  • Apache Software Foundation Subversion 1.6.9
    cpe:2.3:a:apache:subversion:1.6.9
  • Apache Software Foundation Subversion 1.6.8
    cpe:2.3:a:apache:subversion:1.6.8
  • Apache Software Foundation Subversion Milestone 4/5
    cpe:2.3:a:apache:subversion:m4%2fm5
  • Apache Software Foundation Subversion Milestone 3
    cpe:2.3:a:apache:subversion:m3
  • Apache Software Foundation Subversion Milestone 2
    cpe:2.3:a:apache:subversion:m2
  • Apache Software Foundation Subversion Milestone 1
    cpe:2.3:a:apache:subversion:m1
  • Apache Software Foundation Subversion 1.6.14
    cpe:2.3:a:apache:subversion:1.6.14
  • Apache Software Foundation Subversion 1.6.15
    cpe:2.3:a:apache:subversion:1.6.15
CVSS
Base: 4.3 (as of 14-03-2011 - 11:51)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
nessus via4
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_3_LIBSVN_AUTH_GNOME_KEYRING-1-0-110607.NASL
    description - CVE-2011-1752: The mod_dav_svn Apache HTTPD server module can be crashed though when asked to deliver baselined WebDAV resources. - CVE-2011-1783: The mod_dav_svn Apache HTTPD server module can trigger a loop which consumes all available memory on the system. - CVE-2011-1921: The mod_dav_svn Apache HTTPD server module may leak to remote users the file contents of files configured to be unreadable by those users. - CVE-2011-0715: Remote attackers could crash an svn server by causing a NULL deref
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 75617
    published 2014-06-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=75617
    title openSUSE Security Update : libsvn_auth_gnome_keyring-1-0 (openSUSE-SU-2011:0693-1)
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_SECUPD2011-004.NASL
    description The remote host is running a version of Mac OS X 10.5 that does not have Security Update 2011-004 applied. This update contains security- related fixes for the following components : - AirPort - App Store - ColorSync - CoreGraphics - ImageIO - Libsystem - libxslt - MySQL - patch - Samba - servermgrd - subversion
    last seen 2019-02-21
    modified 2018-07-14
    plugin id 55415
    published 2011-06-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=55415
    title Mac OS X Multiple Vulnerabilities (Security Update 2011-004)
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_10_6_8.NASL
    description The remote host is running a version of Mac OS X 10.6.x that is prior to 10.6.8. This update contains security-related fixes for the following components : - App Store - ATS - Certificate Trust Policy - CoreFoundation - CoreGraphics - FTP Server - ImageIO - International Components for Unicode - Kernel - Libsystem - libxslt - MobileMe - MySQL - OpenSSL - patch - QuickLook - QuickTime - Samba - servermgrd - subversion
    last seen 2019-02-21
    modified 2018-08-22
    plugin id 55416
    published 2011-06-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=55416
    title Mac OS X 10.6.x < 10.6.8 Multiple Vulnerabilities
  • NASL family Mandriva Local Security Checks
    NASL id MANDRIVA_MDVSA-2011-067.NASL
    description A vulnerability was discovered and corrected in subversion : The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.16, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a request that contains a lock token (CVE-2011-0715). Additionally for Corporate Server 4 and Enterprise Server 5 subversion have been upgraded to the 1.6.16 version due to of numerous upstream fixes and new features, the serf packages has also been upgraded to the now required 0.3.0 version. Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149 products_id=490 The updated packages have been upgraded to the 1.6.16 version which is not vulnerable to this issue.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 53309
    published 2011-04-07
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=53309
    title Mandriva Linux Security Advisory : subversion (MDVSA-2011:067)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201309-11.NASL
    description The remote host is affected by the vulnerability described in GLSA-201309-11 (Subversion: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Subversion. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could cause a Denial of Service condition or obtain sensitive information. A local attacker could escalate his privileges to the user running svnserve. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-07-11
    plugin id 70084
    published 2013-09-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=70084
    title GLSA-201309-11 : Subversion: Multiple vulnerabilities
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2011-0328.NASL
    description From Red Hat Security Advisory 2011:0328 : Updated subversion packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. Subversion (SVN) is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. The mod_dav_svn module is used with the Apache HTTP Server to allow access to Subversion repositories via HTTP. A NULL pointer dereference flaw was found in the way the mod_dav_svn module processed certain requests to lock working copy paths in a repository. A remote attacker could issue a lock request that could cause the httpd process serving the request to crash. (CVE-2011-0715) Red Hat would like to thank Hyrum Wright of the Apache Subversion project for reporting this issue. Upstream acknowledges Philip Martin, WANdisco, Inc. as the original reporter. All Subversion users should upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the updated packages, you must restart the httpd daemon, if you are using mod_dav_svn, for the update to take effect.
    last seen 2019-02-21
    modified 2018-07-18
    plugin id 68221
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=68221
    title Oracle Linux 6 : subversion (ELSA-2011-0328)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2011-2698.NASL
    description A NULL pointer dereference flaw was found in the way the mod_dav_svn module processed certain requests to lock working copy paths in a repository. A remote attacker could issue a lock request that could cause the httpd process serving the request to crash. (CVE-2011-0715) The Fedora Project would like to thank Hyrum Wright of the Apache Subversion project for reporting this issue. Upstream acknowledges Philip Martin, WANdisco, Inc. as the original reporter. Several bugs are also fixed in this update : - more improvement to the 'blame -g' memory leak from 1.6.15 - avoid unnecessary globbing for performance - don't add tree conflicts when one already exists - fix potential crash when requesting mergeinfo - don't attempt to resolve prop conflicts in 'merge --dry-run' - improve svnsync handling of dir copies - hide unreadable dirs in mod_dav_svn's GET response - make 'svnmucc propsetf' actually work - limit memory fragmentation in svnserve - fix 'svn export' regression from 1.6.13 - fix 'svn export' mistakenly uri-encodes paths - fix server-side memory leaks triggered by 'blame -g' - prevent crash in mod_dav_svn when using SVNParentPath - allow 'log -g' to continue in the face of invalid mergeinfo - filter unreadable paths for 'svn ls' and 'svn co' - fix abort in 'svn blame -g' - fix file handle leak in ruby bindings - remove check for 1.7-style working copies Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-07-12
    plugin id 52693
    published 2011-03-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=52693
    title Fedora 13 : subversion-1.6.16-1.fc13 (2011-2698)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_4_LIBSVN_AUTH_GNOME_KEYRING-1-0-110309.NASL
    description Remote attackers could crash an svn server by causing a NULL deref (CVE-2011-0715).
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 75922
    published 2014-06-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=75922
    title openSUSE Security Update : libsvn_auth_gnome_keyring-1-0 (openSUSE-SU-2011:0238-1)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2011-2657.NASL
    description A NULL pointer dereference flaw was found in the way the mod_dav_svn module processed certain requests to lock working copy paths in a repository. A remote attacker could issue a lock request that could cause the httpd process serving the request to crash. (CVE-2011-0715) The Fedora Project would like to thank Hyrum Wright of the Apache Subversion project for reporting this issue. Upstream acknowledges Philip Martin, WANdisco, Inc. as the original reporter. Several bugs are also fixed in this update : - more improvement to the 'blame -g' memory leak from 1.6.15 - avoid unnecessary globbing for performance - don't add tree conflicts when one already exists - fix potential crash when requesting mergeinfo - don't attempt to resolve prop conflicts in 'merge --dry-run' Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-07-12
    plugin id 52692
    published 2011-03-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=52692
    title Fedora 14 : subversion-1.6.16-1.fc14 (2011-2657)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2011-0328.NASL
    description Updated subversion packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. Subversion (SVN) is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. The mod_dav_svn module is used with the Apache HTTP Server to allow access to Subversion repositories via HTTP. A NULL pointer dereference flaw was found in the way the mod_dav_svn module processed certain requests to lock working copy paths in a repository. A remote attacker could issue a lock request that could cause the httpd process serving the request to crash. (CVE-2011-0715) Red Hat would like to thank Hyrum Wright of the Apache Subversion project for reporting this issue. Upstream acknowledges Philip Martin, WANdisco, Inc. as the original reporter. All Subversion users should upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the updated packages, you must restart the httpd daemon, if you are using mod_dav_svn, for the update to take effect.
    last seen 2019-02-21
    modified 2018-11-26
    plugin id 52595
    published 2011-03-09
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=52595
    title RHEL 6 : subversion (RHSA-2011:0328)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_CVS2SVN-7560.NASL
    description Subversion was updated to fix several security issues : - The mod_dav_svn Apache HTTPD server module can be crashed though when asked to deliver baselined WebDAV resources. (CVE-2011-1752) - The mod_dav_svn Apache HTTPD server module can trigger a loop which consumes all available memory on the system. (CVE-2011-1783) - Remote attackers could crash an svn server by causing a NULL deref. (CVE-2011-0715)
    last seen 2019-02-21
    modified 2012-05-17
    plugin id 57173
    published 2011-12-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=57173
    title SuSE 10 Security Update : subversion (ZYPP Patch Number 7560)
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_E27CA763472111E0BDC4001E8C75030D.NASL
    description Subversion project reports : Subversion HTTP servers up to 1.5.9 (inclusive) or 1.6.15 (inclusive) are vulnerable to a remotely triggerable NULL pointer dereference.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 52563
    published 2011-03-07
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=52563
    title FreeBSD : subversion -- remote HTTP DoS vulnerability (e27ca763-4721-11e0-bdc4-001e8c75030d)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-2181.NASL
    description Philip Martin discovered that HTTP-based Subversion servers crash when processing lock requests on repositories which support unauthenticated read access.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 52548
    published 2011-03-07
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=52548
    title Debian DSA-2181-1 : subversion - denial of service
  • NASL family Slackware Local Security Checks
    NASL id SLACKWARE_SSA_2011-070-01.NASL
    description New subversion packages are available for Slackware 12.0, 12.1, 12.2, 13.0, 13.1, and -current to fix a security issue.
    last seen 2019-02-21
    modified 2016-05-12
    plugin id 52635
    published 2011-03-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=52635
    title Slackware 12.0 / 12.1 / 12.2 / 13.0 / 13.1 / current : subversion (SSA:2011-070-01)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2011-3775.NASL
    description A NULL pointer dereference flaw was found in the way the mod_dav_svn module processed certain requests to lock working copy paths in a repository. A remote attacker could issue a lock request that could cause the httpd process serving the request to crash. (CVE-2011-0715) The Fedora Project would like to thank Hyrum Wright of the Apache Subversion project for reporting this issue. Upstream acknowledges Philip Martin, WANdisco, Inc. as the original reporter. Several bugs are also fixed in this update : - more improvement to the 'blame -g' memory leak from 1.6.15 - avoid unnecessary globbing for performance - don't add tree conflicts when one already exists - fix potential crash when requesting mergeinfo - don't attempt to resolve prop conflicts in 'merge --dry-run' Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2016-05-11
    plugin id 52985
    published 2011-03-27
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=52985
    title Fedora 15 : subversion-1.6.16-1.fc15 (2011-3775)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2011-0327.NASL
    description Updated subversion packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. Subversion (SVN) is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. The mod_dav_svn module is used with the Apache HTTP Server to allow access to Subversion repositories via HTTP. A NULL pointer dereference flaw was found in the way the mod_dav_svn module processed certain requests to lock working copy paths in a repository. A remote attacker could issue a lock request that could cause the httpd process serving the request to crash. (CVE-2011-0715) Red Hat would like to thank Hyrum Wright of the Apache Subversion project for reporting this issue. Upstream acknowledges Philip Martin, WANdisco, Inc. as the original reporter. This update also fixes the following bug : * A regression was found in the handling of repositories which do not have a 'db/fsfs.conf' file. The 'svnadmin hotcopy' command would fail when trying to produce a copy of such a repository. This command has been fixed to ignore the absence of the 'fsfs.conf' file. The 'svnadmin hotcopy' command will now succeed for this type of repository. (BZ#681522) All Subversion users should upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, you must restart the httpd daemon, if you are using mod_dav_svn, for the update to take effect.
    last seen 2019-02-21
    modified 2018-11-26
    plugin id 52594
    published 2011-03-09
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=52594
    title RHEL 5 : subversion (RHSA-2011:0327)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20110308_SUBVERSION_ON_SL5_X.NASL
    description A NULL pointer dereference flaw was found in the way the mod_dav_svn module processed certain requests to lock working copy paths in a repository. A remote attacker could issue a lock request that could cause the httpd process serving the request to crash. (CVE-2011-0715) This update also fixes the following bug : - A regression was found in the handling of repositories which do not have a 'db/fsfs.conf' file. The 'svnadmin hotcopy' command would fail when trying to produce a copy of such a repository. This command has been fixed to ignore the absence of the 'fsfs.conf' file. The 'svnadmin hotcopy' command will now succeed for this type of repository. (BZ#681522) After installing the updated packages, you must restart the httpd daemon, if you are using mod_dav_svn, for the update to take effect.
    last seen 2019-02-21
    modified 2018-12-31
    plugin id 60982
    published 2012-08-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=60982
    title Scientific Linux Security Update : subversion on SL5.x i386/x86_64
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2011-0327.NASL
    description From Red Hat Security Advisory 2011:0327 : Updated subversion packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. Subversion (SVN) is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. The mod_dav_svn module is used with the Apache HTTP Server to allow access to Subversion repositories via HTTP. A NULL pointer dereference flaw was found in the way the mod_dav_svn module processed certain requests to lock working copy paths in a repository. A remote attacker could issue a lock request that could cause the httpd process serving the request to crash. (CVE-2011-0715) Red Hat would like to thank Hyrum Wright of the Apache Subversion project for reporting this issue. Upstream acknowledges Philip Martin, WANdisco, Inc. as the original reporter. This update also fixes the following bug : * A regression was found in the handling of repositories which do not have a 'db/fsfs.conf' file. The 'svnadmin hotcopy' command would fail when trying to produce a copy of such a repository. This command has been fixed to ignore the absence of the 'fsfs.conf' file. The 'svnadmin hotcopy' command will now succeed for this type of repository. (BZ#681522) All Subversion users should upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, you must restart the httpd daemon, if you are using mod_dav_svn, for the update to take effect.
    last seen 2019-02-21
    modified 2018-07-18
    plugin id 68220
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=68220
    title Oracle Linux 5 : subversion (ELSA-2011-0327)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-1096-1.NASL
    description Philip Martin discovered that the Subversion mod_dav_svn module for Apache did not properly handle certain requests containing a lock token. A remote attacker could use this flaw to cause the service to crash, leading to a denial of service. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-01
    plugin id 53220
    published 2011-03-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=53220
    title Ubuntu 6.06 LTS / 8.04 LTS / 9.10 / 10.04 LTS / 10.10 : subversion vulnerability (USN-1096-1)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2011-0327.NASL
    description Updated subversion packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. Subversion (SVN) is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. The mod_dav_svn module is used with the Apache HTTP Server to allow access to Subversion repositories via HTTP. A NULL pointer dereference flaw was found in the way the mod_dav_svn module processed certain requests to lock working copy paths in a repository. A remote attacker could issue a lock request that could cause the httpd process serving the request to crash. (CVE-2011-0715) Red Hat would like to thank Hyrum Wright of the Apache Subversion project for reporting this issue. Upstream acknowledges Philip Martin, WANdisco, Inc. as the original reporter. This update also fixes the following bug : * A regression was found in the handling of repositories which do not have a 'db/fsfs.conf' file. The 'svnadmin hotcopy' command would fail when trying to produce a copy of such a repository. This command has been fixed to ignore the absence of the 'fsfs.conf' file. The 'svnadmin hotcopy' command will now succeed for this type of repository. (BZ#681522) All Subversion users should upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, you must restart the httpd daemon, if you are using mod_dav_svn, for the update to take effect.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 53425
    published 2011-04-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=53425
    title CentOS 5 : subversion (CESA-2011:0327)
oval via4
accepted 2015-05-04T04:00:12.671-04:00
class vulnerability
contributors
  • name Sergey Artykhov
    organization ALTX-SOFT
  • name Maria Mikhno
    organization ALTX-SOFT
definition_extensions
comment VisualSVN Server is installed
oval oval:org.mitre.oval:def:18636
description The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.16, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a request that contains a lock token.
family windows
id oval:org.mitre.oval:def:18967
status accepted
submitted 2013-10-02T13:00:00
title Apache Subversion vulnerability before 1.6.16 in VisualSVN Server (CVE-2011-0715)
version 8
redhat via4
advisories
  • bugzilla
    id 681522
    title Regression: svnadmin hotcopy throws error
    oval
    AND
    • comment Red Hat Enterprise Linux 5 is installed
      oval oval:com.redhat.rhsa:tst:20070055001
    • OR
      • AND
        • comment mod_dav_svn is earlier than 0:1.6.11-7.el5_6.3
          oval oval:com.redhat.rhsa:tst:20110327010
        • comment mod_dav_svn is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20091203020
      • AND
        • comment subversion is earlier than 0:1.6.11-7.el5_6.3
          oval oval:com.redhat.rhsa:tst:20110327002
        • comment subversion is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20091203012
      • AND
        • comment subversion-devel is earlier than 0:1.6.11-7.el5_6.3
          oval oval:com.redhat.rhsa:tst:20110327006
        • comment subversion-devel is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20091203016
      • AND
        • comment subversion-javahl is earlier than 0:1.6.11-7.el5_6.3
          oval oval:com.redhat.rhsa:tst:20110327008
        • comment subversion-javahl is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20091203014
      • AND
        • comment subversion-perl is earlier than 0:1.6.11-7.el5_6.3
          oval oval:com.redhat.rhsa:tst:20110327012
        • comment subversion-perl is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20091203022
      • AND
        • comment subversion-ruby is earlier than 0:1.6.11-7.el5_6.3
          oval oval:com.redhat.rhsa:tst:20110327004
        • comment subversion-ruby is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20091203018
    rhsa
    id RHSA-2011:0327
    released 2011-03-08
    severity Moderate
    title RHSA-2011:0327: subversion security and bug fix update (Moderate)
  • bugzilla
    id 680755
    title CVE-2011-0715 subversion (mod_dav_svn): DoS (NULL ptr deref) by a lock token sent from a not authenticated Subversion client
    oval
    AND
    • OR
      • comment Red Hat Enterprise Linux 6 Client is installed
        oval oval:com.redhat.rhsa:tst:20100842001
      • comment Red Hat Enterprise Linux 6 Server is installed
        oval oval:com.redhat.rhsa:tst:20100842002
      • comment Red Hat Enterprise Linux 6 Workstation is installed
        oval oval:com.redhat.rhsa:tst:20100842003
      • comment Red Hat Enterprise Linux 6 ComputeNode is installed
        oval oval:com.redhat.rhsa:tst:20100842004
    • OR
      • AND
        • comment mod_dav_svn is earlier than 0:1.6.11-2.el6_0.3
          oval oval:com.redhat.rhsa:tst:20110328015
        • comment mod_dav_svn is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110258014
      • AND
        • comment subversion is earlier than 0:1.6.11-2.el6_0.3
          oval oval:com.redhat.rhsa:tst:20110328005
        • comment subversion is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110258006
      • AND
        • comment subversion-devel is earlier than 0:1.6.11-2.el6_0.3
          oval oval:com.redhat.rhsa:tst:20110328007
        • comment subversion-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110258020
      • AND
        • comment subversion-gnome is earlier than 0:1.6.11-2.el6_0.3
          oval oval:com.redhat.rhsa:tst:20110328021
        • comment subversion-gnome is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110258018
      • AND
        • comment subversion-javahl is earlier than 0:1.6.11-2.el6_0.3
          oval oval:com.redhat.rhsa:tst:20110328017
        • comment subversion-javahl is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110258022
      • AND
        • comment subversion-kde is earlier than 0:1.6.11-2.el6_0.3
          oval oval:com.redhat.rhsa:tst:20110328009
        • comment subversion-kde is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110258010
      • AND
        • comment subversion-perl is earlier than 0:1.6.11-2.el6_0.3
          oval oval:com.redhat.rhsa:tst:20110328013
        • comment subversion-perl is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110258016
      • AND
        • comment subversion-ruby is earlier than 0:1.6.11-2.el6_0.3
          oval oval:com.redhat.rhsa:tst:20110328019
        • comment subversion-ruby is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110258008
      • AND
        • comment subversion-svn2cl is earlier than 0:1.6.11-2.el6_0.3
          oval oval:com.redhat.rhsa:tst:20110328011
        • comment subversion-svn2cl is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110258012
    rhsa
    id RHSA-2011:0328
    released 2011-03-08
    severity Moderate
    title RHSA-2011:0328: subversion security update (Moderate)
rpms
  • mod_dav_svn-0:1.6.11-7.el5_6.3
  • subversion-0:1.6.11-7.el5_6.3
  • subversion-devel-0:1.6.11-7.el5_6.3
  • subversion-javahl-0:1.6.11-7.el5_6.3
  • subversion-perl-0:1.6.11-7.el5_6.3
  • subversion-ruby-0:1.6.11-7.el5_6.3
  • mod_dav_svn-0:1.6.11-2.el6_0.3
  • subversion-0:1.6.11-2.el6_0.3
  • subversion-devel-0:1.6.11-2.el6_0.3
  • subversion-gnome-0:1.6.11-2.el6_0.3
  • subversion-javahl-0:1.6.11-2.el6_0.3
  • subversion-kde-0:1.6.11-2.el6_0.3
  • subversion-perl-0:1.6.11-2.el6_0.3
  • subversion-ruby-0:1.6.11-2.el6_0.3
  • subversion-svn2cl-0:1.6.11-2.el6_0.3
refmap via4
apple APPLE-SA-2011-06-23-1
bid 46734
confirm
debian DSA-2181
fedora
  • FEDORA-2011-2657
  • FEDORA-2011-2698
  • FEDORA-2011-3775
mandriva MDVSA-2011:067
mlist [dev] 20110303 Subversion 1.6.16 Released
osvdb 70964
sectrack 1025161
secunia
  • 43583
  • 43603
  • 43672
  • 43794
slackware SSA:2011-070-01
suse SUSE-SR:2011:005
ubuntu USN-1096-1
vupen
  • ADV-2011-0567
  • ADV-2011-0568
  • ADV-2011-0624
  • ADV-2011-0660
  • ADV-2011-0684
  • ADV-2011-0776
  • ADV-2011-0885
xf subversion-moddavsvn-dos(65876)
Last major update 19-02-2017 - 00:38
Published 11-03-2011 - 17:55
Last modified 18-09-2017 - 21:32
Back to Top