Thomas Akesson discovered a remotely triggerable vulnerability in the mod_authz_svn module in Subversion, a version control system. When using in-repository authz rules with the AuthzSVNReposRelativeAccessFile option an unauthenticated remote client can take advantage of this flaw to cause a denial of service by sending a request for a non-existing repository URL.