[Forgot Password]
Login  Register Subscribe

23631

 
 

126951

 
 

99602

 
 

909

 
 

80167

 
 

109

Paid content will be excluded from the download.


Download | Alert*
OVAL

ALAS-2016-676 ---- mod_dav_svn subversion mod24_dav_svn

ID: oval:org.secpod.oval:def:1600359Date: (C)2016-05-19   (M)2017-12-06
Class: PATCHFamily: unix




It was found that when an SVN server searched the history of a file or a directory, it would disclose its location in the repository if that file or directory was not readable . An integer overflow was discovered allowing remote attackers to execute arbitrary code via an svn:// protocol string, which triggers a heap-based buffer overflow and an out-of-bounds read. It was found that the mod_authz_svn module did not properly restrict anonymous access to Subversion repositories under certain configurations when used with Apache httpd 2.4.x. This could allow a user to anonymously access files in a Subversion repository, which should only be accessible to authenticated users. It was found that the mod_dav_svn module was vulnerable to a remotely triggerable heap-based buffer overflow and out-of-bounds read caused by an integer overflow when parsing skel-encoded request bodies, allowing an attacker with write access to a repository to cause a denial of service attack or possibly execute arbitrary code under the context of the httpd process

Platform:
Amazon Linux AMI
Product:
mod_dav_svn
subversion
mod24_dav_svn
Reference:
ALAS-2016-676
CVE-2015-3187
CVE-2015-5259
CVE-2015-3184
CVE-2015-5343
CVE    4
CVE-2015-5259
CVE-2015-3184
CVE-2015-3187
CVE-2015-5343
...
CPE    45
cpe:/a:mod24:mod24_dav_svn
cpe:/a:apache:mod_dav_svn
cpe:/a:apple:xcode:7.2.1
cpe:/a:apache:subversion:1.7.20
...

© 2013 SecPod Technologies