BID:58895

Apache Subversion 'mod_dav_svn' Remote Denial of Service Vulnerability

Info

Apache Subversion 'mod_dav_svn' Remote Denial of Service Vulnerability

Bugtraq ID:	58895
Class:	Unknown
CVE:	CVE-2013-1846
Remote:	Yes
Local:	No
Published:	Apr 05 2013 12:00AM
Updated:	Sep 25 2013 12:15AM
Credit:	Reported by the vendor
Vulnerable:	Ubuntu Ubuntu Linux 12.04 LTS i386 Ubuntu Ubuntu Linux 12.04 LTS amd64 Slackware Linux x86_64 -current Slackware Linux 13.37 x86_64 Slackware Linux 13.37 Slackware Linux 13.1 x86_64 Slackware Linux 13.1 Slackware Linux 13.0 x86_64 Slackware Linux 13.0 Slackware Linux -current RedHat Enterprise Linux Desktop Workstation 5 client Red Hat Enterprise Linux Workstation Optional 6 Red Hat Enterprise Linux Workstation 6 Red Hat Enterprise Linux Server Optional 6 Red Hat Enterprise Linux Server 6 Red Hat Enterprise Linux HPC Node Optional 6 Red Hat Enterprise Linux Desktop Optional 6 Red Hat Enterprise Linux 5 Server Oracle Enterprise Linux 6.2 Oracle Enterprise Linux 6 MandrakeSoft Enterprise Server 5 x86_64 MandrakeSoft Enterprise Server 5 Gentoo Linux CentOS CentOS 5 Apache Software Foundation Subversion 1.6.14 Apache Software Foundation Subversion 1.6.17 Apache Software Foundation Subversion 1.6.16 Apache Software Foundation Subversion 1.6.15 Apache Software Foundation Subversion 1.6.13

Not Vulnerable:

Discussion

Apache Subversion 'mod_dav_svn' Remote Denial of Service Vulnerability

Apache Subversion is prone to a remote denial-of-service vulnerability.

Attackers can exploit this issue to crash the application, resulting in denial-of-service conditions.

The following products are vulnerable:

Versions prior to Apache Subversion 1.6.21
Versions prior to Apache Subversion 1.7.9

Exploit / POC

Apache Subversion 'mod_dav_svn' Remote Denial of Service Vulnerability

Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Solution / Fix

Apache Subversion 'mod_dav_svn' Remote Denial of Service Vulnerability

Solution:
Updates are available. Please see the references or vendor advisory for more information.

References

Apache Subversion 'mod_dav_svn' Remote Denial of Service Vulnerability

References:

Apache Subversion (Apache)