Download
| Alert*
|
oval:org.secpod.oval:def:57844
The host is installed with Apache Subversion 1.10.x before 1.10.4 or 1.11.0 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle the omission of the root path from a recursive directory listing request. Successful exploitation could allow rem ... oval:org.secpod.oval:def:1801295 Subversion 1.10.0 introduced server-side support for recursive directory listing operations. The implementation in mod_dav_svn failed to validate the root path of the directory listing provided by the client. If the client omits the root path, mod_dav_svn will deference an uninitialized pointer vari ... oval:org.secpod.oval:def:1801362 Subversion 1.10.0 introduced server-side support for recursive directory listing operations. The implementation in mod_dav_svn failed to validate the root path of the directory listing provided by the client. If the client omits the root path, mod_dav_svn will deference an uninitialized pointer vari ... oval:org.secpod.oval:def:704453 subversion: Advanced version control system Subversion could be made to crash if it received a specially crafted input. oval:org.secpod.oval:def:115979 Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. Subversion only stores the differences between versions, instead of every complete file. Subvers ... oval:org.secpod.oval:def:1901911 Subversion"s mod_dav_svn Apache HTTPD module versions 1.11.0 and 1.10.0 to 1.10.3 will crash after dereferencing an uninitialized pointer if the client omits the root path in a recursive directory listing operation. |
