ALAS-2016-676 ---- mod_dav_svn subversion mod24_dav_svnID: oval:org.secpod.oval:def:1600359 | Date: (C)2016-05-19 (M)2022-09-22 |
Class: PATCH | Family: unix |
It was found that when an SVN server searched the history of a file or a directory, it would disclose its location in the repository if that file or directory was not readable . An integer overflow was discovered allowing remote attackers to execute arbitrary code via an svn:// protocol string, which triggers a heap-based buffer overflow and an out-of-bounds read. It was found that the mod_authz_svn module did not properly restrict anonymous access to Subversion repositories under certain configurations when used with Apache httpd 2.4.x. This could allow a user to anonymously access files in a Subversion repository, which should only be accessible to authenticated users. It was found that the mod_dav_svn module was vulnerable to a remotely triggerable heap-based buffer overflow and out-of-bounds read caused by an integer overflow when parsing skel-encoded request bodies, allowing an attacker with write access to a repository to cause a denial of service attack or possibly execute arbitrary code under the context of the httpd process
Platform: |
Amazon Linux AMI |
Product: |
mod_dav_svn |
subversion |
mod24_dav_svn |