CVE-2010-4539 - Vulnerability Details

CVE-2010-4539 - (mod_dav_svn): DoS (crash) by processing certain requests to display all available repositories to a web browser

The walk function in repos.c in the mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.15, allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via vectors that trigger the walking of SVNParentPath collections.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

AV:N/AC:L/Au:S/C:N/I:N/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Apache	Subversion
Redhat	Enterprise Linux

Configuration 1 [-]

OR	cpe:2.3:a:apache:subversion::::::::
	cpe:2.3:a:apache:subversion:0.6:::::::*
	cpe:2.3:a:apache:subversion:0.7:::::::*
	cpe:2.3:a:apache:subversion:0.8:::::::*
	cpe:2.3:a:apache:subversion:0.9:::::::*
	cpe:2.3:a:apache:subversion:0.10.0:::::::*
	cpe:2.3:a:apache:subversion:0.10.1:::::::*
	cpe:2.3:a:apache:subversion:0.10.2:::::::*
	cpe:2.3:a:apache:subversion:0.11.1:::::::*
	cpe:2.3:a:apache:subversion:0.12.0:::::::*
	cpe:2.3:a:apache:subversion:0.13.0:::::::*
	cpe:2.3:a:apache:subversion:0.13.1:::::::*
	cpe:2.3:a:apache:subversion:0.13.2:::::::*
	cpe:2.3:a:apache:subversion:0.14.0:::::::*
	cpe:2.3:a:apache:subversion:0.14.1:::::::*
	cpe:2.3:a:apache:subversion:0.14.2:::::::*
	cpe:2.3:a:apache:subversion:0.14.3:::::::*
	cpe:2.3:a:apache:subversion:0.14.4:::::::*
	cpe:2.3:a:apache:subversion:0.14.5:::::::*
	cpe:2.3:a:apache:subversion:0.15:::::::*
	cpe:2.3:a:apache:subversion:0.16:::::::*
	cpe:2.3:a:apache:subversion:0.16.1:::::::*
	cpe:2.3:a:apache:subversion:0.17.0:::::::*
	cpe:2.3:a:apache:subversion:0.17.1:::::::*
	cpe:2.3:a:apache:subversion:0.18.0:::::::*
	cpe:2.3:a:apache:subversion:0.18.1:::::::*
	cpe:2.3:a:apache:subversion:0.19.0:::::::*
	cpe:2.3:a:apache:subversion:0.19.1:::::::*
	cpe:2.3:a:apache:subversion:0.20.0:::::::*
	cpe:2.3:a:apache:subversion:0.20.1:::::::*
	cpe:2.3:a:apache:subversion:0.21.0:::::::*
	cpe:2.3:a:apache:subversion:0.22.0:::::::*
	cpe:2.3:a:apache:subversion:0.22.1:::::::*
	cpe:2.3:a:apache:subversion:0.22.2:::::::*
	cpe:2.3:a:apache:subversion:0.23.0:::::::*
	cpe:2.3:a:apache:subversion:0.24.0:::::::*
	cpe:2.3:a:apache:subversion:0.24.1:::::::*
	cpe:2.3:a:apache:subversion:0.24.2:::::::*
	cpe:2.3:a:apache:subversion:0.25.0:::::::*
	cpe:2.3:a:apache:subversion:0.26.0:::::::*
	cpe:2.3:a:apache:subversion:0.27.0:::::::*
	cpe:2.3:a:apache:subversion:0.28.0:::::::*
	cpe:2.3:a:apache:subversion:0.28.1:::::::*
	cpe:2.3:a:apache:subversion:0.28.2:::::::*
	cpe:2.3:a:apache:subversion:0.29.0:::::::*
	cpe:2.3:a:apache:subversion:0.30.0:::::::*
	cpe:2.3:a:apache:subversion:0.31.0:::::::*
	cpe:2.3:a:apache:subversion:0.32.1:::::::*
	cpe:2.3:a:apache:subversion:0.33.0:::::::*
	cpe:2.3:a:apache:subversion:0.33.1:::::::*
	cpe:2.3:a:apache:subversion:0.34.0:::::::*
	cpe:2.3:a:apache:subversion:0.35.0:::::::*
	cpe:2.3:a:apache:subversion:0.35.1:::::::*
	cpe:2.3:a:apache:subversion:0.36.0:::::::*
	cpe:2.3:a:apache:subversion:0.37.0:::::::*
	cpe:2.3:a:apache:subversion:1.0.0:::::::*
	cpe:2.3:a:apache:subversion:1.0.1:::::::*
	cpe:2.3:a:apache:subversion:1.0.2:::::::*
	cpe:2.3:a:apache:subversion:1.0.3:::::::*
	cpe:2.3:a:apache:subversion:1.0.4:::::::*
	cpe:2.3:a:apache:subversion:1.0.5:::::::*
	cpe:2.3:a:apache:subversion:1.0.6:::::::*
	cpe:2.3:a:apache:subversion:1.0.7:::::::*
	cpe:2.3:a:apache:subversion:1.0.8:::::::*
cpe:2.3:a:apache:subversion:1.0.9:::::::*
cpe:2.3:a:apache:subversion:1.1.0:::::::*
cpe:2.3:a:apache:subversion:1.1.1:::::::*
cpe:2.3:a:apache:subversion:1.1.2:::::::*
cpe:2.3:a:apache:subversion:1.1.3:::::::*
cpe:2.3:a:apache:subversion:1.1.4:::::::*
cpe:2.3:a:apache:subversion:1.2.0:::::::*
cpe:2.3:a:apache:subversion:1.2.1:::::::*
cpe:2.3:a:apache:subversion:1.2.2:::::::*
cpe:2.3:a:apache:subversion:1.2.3:::::::*
cpe:2.3:a:apache:subversion:1.3.0:::::::*
cpe:2.3:a:apache:subversion:1.3.1:::::::*
cpe:2.3:a:apache:subversion:1.3.2:::::::*
cpe:2.3:a:apache:subversion:1.4.0:::::::*
cpe:2.3:a:apache:subversion:1.4.1:::::::*
cpe:2.3:a:apache:subversion:1.4.2:::::::*
cpe:2.3:a:apache:subversion:1.4.3:::::::*
cpe:2.3:a:apache:subversion:1.4.4:::::::*
cpe:2.3:a:apache:subversion:1.4.5:::::::*
cpe:2.3:a:apache:subversion:1.4.6:::::::*
cpe:2.3:a:apache:subversion:1.5.0:::::::*
cpe:2.3:a:apache:subversion:1.5.1:::::::*
cpe:2.3:a:apache:subversion:1.5.2:::::::*
cpe:2.3:a:apache:subversion:1.5.3:::::::*
cpe:2.3:a:apache:subversion:1.5.4:::::::*
cpe:2.3:a:apache:subversion:1.5.5:::::::*
cpe:2.3:a:apache:subversion:1.5.6:::::::*
cpe:2.3:a:apache:subversion:1.5.7:::::::*
cpe:2.3:a:apache:subversion:1.5.8:::::::*
cpe:2.3:a:apache:subversion:1.6.0:::::::*
cpe:2.3:a:apache:subversion:1.6.1:::::::*
cpe:2.3:a:apache:subversion:1.6.2:::::::*
cpe:2.3:a:apache:subversion:1.6.3:::::::*
cpe:2.3:a:apache:subversion:1.6.4:::::::*
cpe:2.3:a:apache:subversion:1.6.5:::::::*
cpe:2.3:a:apache:subversion:1.6.6:::::::*
cpe:2.3:a:apache:subversion:1.6.7:::::::*
cpe:2.3:a:apache:subversion:1.6.8:::::::*
cpe:2.3:a:apache:subversion:1.6.9:::::::*
cpe:2.3:a:apache:subversion:1.6.10:::::::*
cpe:2.3:a:apache:subversion:1.6.11:::::::*
cpe:2.3:a:apache:subversion:1.6.12:::::::*
cpe:2.3:a:apache:subversion:1.6.13:::::::*
cpe:2.3:a:apache:subversion:m1:::::::*
cpe:2.3:a:apache:subversion:m2:::::::*
cpe:2.3:a:apache:subversion:m3:::::::*
cpe:2.3:a:apache:subversion:m4\/m5:::::::*

Package	CPE	Advisory	Released Date
Red Hat Enterprise Linux 5
subversion-0:1.6.11-7.el5_6.1	cpe:/o:redhat:enterprise_linux:5	RHSA-2011:0257	2011-02-15T00:00:00Z
Red Hat Enterprise Linux 6
subversion-0:1.6.11-2.el6_0.2	cpe:/o:redhat:enterprise_linux:6	RHSA-2011:0258	2011-02-15T00:00:00Z

References

Link	Providers
http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053230.html
http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html
http://mail-archives.apache.org/mod_mbox/subversion-users/201011.mbox/%3C3923B919-C2BE-41AD-84ED-7207837FAD1A%40ncsa.illinois.edu%3E
http://mail-archives.apache.org/mod_mbox/www-announce/201011.mbox/%3CAANLkTi=5+NOi-Cp=fKCx6mAW-TofFVW=ikEQkXgQB8Bt%40mail.gmail.com%3E
http://openwall.com/lists/oss-security/2011/01/02/1
http://openwall.com/lists/oss-security/2011/01/03/9
http://openwall.com/lists/oss-security/2011/01/04/10
http://openwall.com/lists/oss-security/2011/01/04/8
http://openwall.com/lists/oss-security/2011/01/05/4
http://secunia.com/advisories/42780
http://secunia.com/advisories/42969
http://secunia.com/advisories/43115
http://secunia.com/advisories/43139
http://secunia.com/advisories/43346
http://svn.apache.org/repos/asf/subversion/tags/1.6.15/CHANGES
http://svn.apache.org/viewvc?view=revision&revision=1033166
http://www.mandriva.com/security/advisories?name=MDVSA-2011:006
http://www.redhat.com/support/errata/RHSA-2011-0257.html
http://www.redhat.com/support/errata/RHSA-2011-0258.html
http://www.securityfocus.com/bid/45655
http://www.securitytracker.com/id?1024934
http://www.ubuntu.com/usn/USN-1053-1
http://www.vupen.com/english/advisories/2011/0015
http://www.vupen.com/english/advisories/2011/0103
http://www.vupen.com/english/advisories/2011/0162
http://www.vupen.com/english/advisories/2011/0264
https://bugzilla.redhat.com/show_bug.cgi?id=667407
https://exchange.xforce.ibmcloud.com/vulnerabilities/64472
https://nvd.nist.gov/vuln/detail/CVE-2010-4539
https://www.cve.org/CVERecord?id=CVE-2010-4539

History

No history.

MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2011-01-07T18:00:00

Updated: 2024-08-07T03:51:17.173Z

Reserved: 2010-12-09T00:00:00

Link: CVE-2010-4539

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2011-01-07T19:00:19.313

Modified: 2025-04-11T00:51:21.963

Link: CVE-2010-4539

Redhat

Severity : Low

Publid Date: 2010-11-26T00:00:00Z

Links: CVE-2010-4539 - Bugzilla

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2010-11-04T00:00:00", "descriptions": [{"lang": "en", "value": "The walk function in repos.c in the mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.15, allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via vectors that trigger the walking of SVNParentPath collections."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-16T14:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "subversion-walk-dos(64472)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64472"}, {"name": "[oss-security] 20110104 Re: CVE request for subversion", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://openwall.com/lists/oss-security/2011/01/04/8"}, {"name": "ADV-2011-0103", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2011/0103"}, {"name": "42969", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/42969"}, {"name": "ADV-2011-0264", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2011/0264"}, {"name": "42780", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/42780"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://svn.apache.org/repos/asf/subversion/tags/1.6.15/CHANGES"}, {"name": "[oss-security] 20110105 Re: CVE request for subversion", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://openwall.com/lists/oss-security/2011/01/05/4"}, {"name": "[oss-security] 20110103 Re: CVE request for subversion", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://openwall.com/lists/oss-security/2011/01/03/9"}, {"name": "SUSE-SR:2011:005", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html"}, {"name": "43346", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/43346"}, {"name": "1024934", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1024934"}, {"name": "43115", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/43115"}, {"name": "FEDORA-2011-0099", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053230.html"}, {"name": "ADV-2011-0015", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2011/0015"}, {"name": "[oss-security] 20110102 CVE request for subversion", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://openwall.com/lists/oss-security/2011/01/02/1"}, {"name": "[www-announce] 20101124 Apache Subversion 1.6.15 Released", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://mail-archives.apache.org/mod_mbox/www-announce/201011.mbox/%3CAANLkTi=5+NOi-Cp=fKCx6mAW-TofFVW=ikEQkXgQB8Bt%40mail.gmail.com%3E"}, {"name": "RHSA-2011:0258", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2011-0258.html"}, {"name": "RHSA-2011:0257", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2011-0257.html"}, {"name": "MDVSA-2011:006", "tags": ["vendor-advisory", "x_refsource_MANDRIVA"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:006"}, {"name": "[oss-security] 20110104 Re: CVE request for subversion", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://openwall.com/lists/oss-security/2011/01/04/10"}, {"name": "USN-1053-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-1053-1"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://svn.apache.org/viewvc?view=revision&revision=1033166"}, {"name": "45655", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/45655"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=667407"}, {"name": "43139", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/43139"}, {"name": "[subversion-users] 20101104 apache coredump in mod_dav_svn", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://mail-archives.apache.org/mod_mbox/subversion-users/201011.mbox/%3C3923B919-C2BE-41AD-84ED-7207837FAD1A%40ncsa.illinois.edu%3E"}, {"name": "ADV-2011-0162", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2011/0162"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T03:51:17.173Z"}, "title": "CVE Program Container", "references": [{"name": "subversion-walk-dos(64472)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64472"}, {"name": "[oss-security] 20110104 Re: CVE request for subversion", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://openwall.com/lists/oss-security/2011/01/04/8"}, {"name": "ADV-2011-0103", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2011/0103"}, {"name": "42969", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/42969"}, {"name": "ADV-2011-0264", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2011/0264"}, {"name": "42780", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/42780"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://svn.apache.org/repos/asf/subversion/tags/1.6.15/CHANGES"}, {"name": "[oss-security] 20110105 Re: CVE request for subversion", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://openwall.com/lists/oss-security/2011/01/05/4"}, {"name": "[oss-security] 20110103 Re: CVE request for subversion", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://openwall.com/lists/oss-security/2011/01/03/9"}, {"name": "SUSE-SR:2011:005", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html"}, {"name": "43346", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/43346"}, {"name": "1024934", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1024934"}, {"name": "43115", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/43115"}, {"name": "FEDORA-2011-0099", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053230.html"}, {"name": "ADV-2011-0015", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2011/0015"}, {"name": "[oss-security] 20110102 CVE request for subversion", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://openwall.com/lists/oss-security/2011/01/02/1"}, {"name": "[www-announce] 20101124 Apache Subversion 1.6.15 Released", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://mail-archives.apache.org/mod_mbox/www-announce/201011.mbox/%3CAANLkTi=5+NOi-Cp=fKCx6mAW-TofFVW=ikEQkXgQB8Bt%40mail.gmail.com%3E"}, {"name": "RHSA-2011:0258", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://www.redhat.com/support/errata/RHSA-2011-0258.html"}, {"name": "RHSA-2011:0257", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://www.redhat.com/support/errata/RHSA-2011-0257.html"}, {"name": "MDVSA-2011:006", "tags": ["vendor-advisory", "x_refsource_MANDRIVA", "x_transferred"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:006"}, {"name": "[oss-security] 20110104 Re: CVE request for subversion", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://openwall.com/lists/oss-security/2011/01/04/10"}, {"name": "USN-1053-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-1053-1"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://svn.apache.org/viewvc?view=revision&revision=1033166"}, {"name": "45655", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/45655"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=667407"}, {"name": "43139", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/43139"}, {"name": "[subversion-users] 20101104 apache coredump in mod_dav_svn", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://mail-archives.apache.org/mod_mbox/subversion-users/201011.mbox/%3C3923B919-C2BE-41AD-84ED-7207837FAD1A%40ncsa.illinois.edu%3E"}, {"name": "ADV-2011-0162", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2011/0162"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2010-4539", "datePublished": "2011-01-07T18:00:00", "dateReserved": "2010-12-09T00:00:00", "dateUpdated": "2024-08-07T03:51:17.173Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apache:subversion:*:*:*:*:*:*:*:*", "matchCriteriaId": "90CA8726-9C56-41CA-B0AD-D6A0877EDEE6", "versionEndIncluding": "1.6.14", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:0.6:*:*:*:*:*:*:*", "matchCriteriaId": "3BB33539-0E47-4FBC-B509-A80CB0525B7A", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:0.7:*:*:*:*:*:*:*", "matchCriteriaId": "41CAF981-A3D6-4732-A291-FB50D91EE172", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:0.8:*:*:*:*:*:*:*", "matchCriteriaId": "62A88525-321D-4329-8B2C-2B912B0E13A2", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:0.9:*:*:*:*:*:*:*", "matchCriteriaId": "7A498782-9837-4CFD-BFF2-684AAF8CF5F3", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:0.10.0:*:*:*:*:*:*:*", "matchCriteriaId": "8BF7F7DF-DAB2-4456-9AFF-EA5DC6293115", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:0.10.1:*:*:*:*:*:*:*", "matchCriteriaId": "B58F83FD-604A-43E2-8310-B0133EB8CE41", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:0.10.2:*:*:*:*:*:*:*", "matchCriteriaId": "9F6E57BE-7D32-4838-9F1F-142F67ABB1A6", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:0.11.1:*:*:*:*:*:*:*", "matchCriteriaId": "FD6FB430-467A-499A-A231-3ABDC49CF989", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:0.12.0:*:*:*:*:*:*:*", "matchCriteriaId": "EFC95E7E-69C2-40A4-A337-C8DCC2296773", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:0.13.0:*:*:*:*:*:*:*", "matchCriteriaId": "001D8708-8543-4CD8-9DD7-49304144BA99", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:0.13.1:*:*:*:*:*:*:*", "matchCriteriaId": "05F90085-6351-4792-8A5F-9B8F0AD66828", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:0.13.2:*:*:*:*:*:*:*", "matchCriteriaId": "05583331-0A4A-405B-9B01-79E59CA6C6A5", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:0.14.0:*:*:*:*:*:*:*", "matchCriteriaId": "2DA872BC-38F1-482D-A23D-31BD195A9859", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:0.14.1:*:*:*:*:*:*:*", "matchCriteriaId": "CE048E8E-13FA-4487-8631-28449393F631", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:0.14.2:*:*:*:*:*:*:*", "matchCriteriaId": "C287F1A7-6641-4005-8099-985BA1231619", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:0.14.3:*:*:*:*:*:*:*", "matchCriteriaId": "9EC9B24B-100A-48B5-862A-6F6049F7E751", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:0.14.4:*:*:*:*:*:*:*", "matchCriteriaId": "B0E02F3C-DF1F-49DE-8EF7-0AF1043C9EDC", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:0.14.5:*:*:*:*:*:*:*", "matchCriteriaId": "63EC30E3-BB43-4DCB-A808-28E3A70559AD", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:0.15:*:*:*:*:*:*:*", "matchCriteriaId": "853D4C9E-21FC-4411-B85D-F0625B370286", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:0.16:*:*:*:*:*:*:*", "matchCriteriaId": "8BE82629-5207-4E90-B80C-71D85A80DF9A", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:0.16.1:*:*:*:*:*:*:*", "matchCriteriaId": "1BE78B8E-CA40-4ADE-99BA-E83E7F4C28F9", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:0.17.0:*:*:*:*:*:*:*", "matchCriteriaId": "E970D014-E037-46E0-BC4C-275EF1345036", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:0.17.1:*:*:*:*:*:*:*", "matchCriteriaId": "C4E3CD50-3ED8-4B2B-8526-E7F8FB23BB64", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:0.18.0:*:*:*:*:*:*:*", "matchCriteriaId": "55B216AE-069C-4A98-8F8C-ABFC3FFE2B16", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:0.18.1:*:*:*:*:*:*:*", "matchCriteriaId": "7EBB65E0-E3D0-40E2-84EC-5210A482672A", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:0.19.0:*:*:*:*:*:*:*", "matchCriteriaId": "06B57B0B-BC24-442E-B9B5-7CA620687833", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:0.19.1:*:*:*:*:*:*:*", "matchCriteriaId": "59089857-7F61-4112-8757-666C8ED5674E", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:0.20.0:*:*:*:*:*:*:*", "matchCriteriaId": "4D19CA9A-081B-499E-B3DE-F5C5D05DB156", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:0.20.1:*:*:*:*:*:*:*", "matchCriteriaId": "577C74A5-E87E-4ABE-8673-ECBFAB782A38", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:0.21.0:*:*:*:*:*:*:*", "matchCriteriaId": "5A3CF8AC-F42C-4365-944F-3BB99D090F86", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:0.22.0:*:*:*:*:*:*:*", "matchCriteriaId": "AE674329-C25B-442C-9057-035AF25F1B98", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:0.22.1:*:*:*:*:*:*:*", "matchCriteriaId": "6C011BE5-E603-4EED-B1A5-B5DA935CEB86", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:0.22.2:*:*:*:*:*:*:*", "matchCriteriaId": "3D6BE30C-E4D4-4A7F-8BA0-F25DE9F6348F", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:0.23.0:*:*:*:*:*:*:*", "matchCriteriaId": "74421EC5-BD41-4F09-BBD3-7C5575B8A9A6", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:0.24.0:*:*:*:*:*:*:*", "matchCriteriaId": "F0E83DCB-0C73-4943-940D-355063A1F194", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:0.24.1:*:*:*:*:*:*:*", "matchCriteriaId": "F33F16C3-326D-4F6E-87EB-25872A735567", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:0.24.2:*:*:*:*:*:*:*", "matchCriteriaId": "B08E7421-BB83-41A7-9285-983165C2AC5E", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:0.25.0:*:*:*:*:*:*:*", "matchCriteriaId": "59E55A2F-0CF6-4C9F-BC01-0041156F0D72", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:0.26.0:*:*:*:*:*:*:*", "matchCriteriaId": "5E0A1C51-0684-4384-88C1-C7BDEB0413DF", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:0.27.0:*:*:*:*:*:*:*", "matchCriteriaId": "B7379952-D4B6-4256-888D-F2CC2B05CB45", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:0.28.0:*:*:*:*:*:*:*", "matchCriteriaId": "6555DBBD-0366-40FA-A772-6722B4D2888A", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:0.28.1:*:*:*:*:*:*:*", "matchCriteriaId": "803058ED-4566-4609-B250-7BA6AB6EE054", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:0.28.2:*:*:*:*:*:*:*", "matchCriteriaId": "933F4E36-4B89-4C3C-9FAA-7A757CBBA3FC", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:0.29.0:*:*:*:*:*:*:*", "matchCriteriaId": "41A31BD1-325F-4BEA-9D2F-17611032B44F", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:0.30.0:*:*:*:*:*:*:*", "matchCriteriaId": "69324D9E-7223-4AE2-A950-EA32925544F7", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:0.31.0:*:*:*:*:*:*:*", "matchCriteriaId": "00351004-8FE7-4C35-97B9-CA29BE5325E2", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:0.32.1:*:*:*:*:*:*:*", "matchCriteriaId": "2872908F-4656-4F6F-9950-64978CE0B533", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:0.33.0:*:*:*:*:*:*:*", "matchCriteriaId": "6736466E-B29D-4E50-86BB-D3DD70AFA4B6", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:0.33.1:*:*:*:*:*:*:*", "matchCriteriaId": "70E23F84-C03A-4E95-AD7D-F42F3478F786", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:0.34.0:*:*:*:*:*:*:*", "matchCriteriaId": "A0B7EF4A-5989-4EE9-8747-7605D4C0C8CD", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:0.35.0:*:*:*:*:*:*:*", "matchCriteriaId": "638C8FFA-A26C-47B6-B9B2-A34B92639F2C", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:0.35.1:*:*:*:*:*:*:*", "matchCriteriaId": "F7CBDEE8-5933-4468-AD9E-B63340353677", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:0.36.0:*:*:*:*:*:*:*", "matchCriteriaId": "C70A147D-EB27-4EF4-A1E4-6B1D24D33B14", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:0.37.0:*:*:*:*:*:*:*", "matchCriteriaId": "53BB268C-C29B-4200-96AE-5133B2DC1095", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:1.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "D75936BB-5BE4-4B8C-B2A0-2BE13B713AE8", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "BFCE3B89-46A6-4D1F-AFB3-FCB6C3B66245", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "E4DFB08D-01C2-4D95-8EB2-81F5C27AC656", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:1.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "A3625A8E-A326-4DCE-9CFB-B0E38FC54B6E", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:1.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "106C86D0-84D9-4F44-821F-FD0D49EB32E7", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:1.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "156DD5C1-C2C3-4AD7-B432-79CC3EC32B63", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:1.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "75551DEC-A2BE-453D-9ABA-B3041A2607C0", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:1.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "CB5A2F0A-E06E-40C6-98C1-4343AA9C2EFF", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:1.0.8:*:*:*:*:*:*:*", "matchCriteriaId": "0FC70E13-59B6-4A75-9AF0-D38CCAB2D117", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:1.0.9:*:*:*:*:*:*:*", "matchCriteriaId": "8316A374-3E3E-4FBA-AB57-9244812C8E2D", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:1.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "0EB42901-B207-4B41-B09C-91153A19C7D5", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:1.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "E3DA7ADC-6A81-4250-B6E1-4E4425156941", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:1.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "83D766B5-5F07-44F1-A488-127D18510989", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:1.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "2C8479EC-930C-47DB-9A02-E7B2F9101E5B", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:1.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "D1D47331-B23A-4A6E-8F14-74628F0E1846", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:1.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "C9E2C35C-FEBA-4525-8A38-9C170B34FA07", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:1.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "A098CEF5-04BE-48C0-8414-AFC9D03771E6", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:1.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "C39739A0-8C23-4167-B63D-1000F9D3B684", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:1.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "0FD13E19-4B9C-4DBD-9339-7BFE5377689F", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:1.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "35C2CFEF-2F6D-4F9A-9DDF-4CC6448BADC8", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:1.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "6D04C072-7D90-428F-A226-BAD0105D22B7", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:1.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "856959BA-9945-4AA8-95D3-B3752C0D895D", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:1.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "13109084-931E-4565-BEE5-794B83E6978D", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:1.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "4ED3EA46-88F7-438D-B8FC-D6C5E1C8984C", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:1.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "726B9C10-ACD5-41C2-A552-FD0046A75966", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:1.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "87D72A75-EDB9-4AD1-B6FC-8A918804DE0B", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:1.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "B55A7A26-C994-4956-BBE7-BF3A51971295", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:1.4.5:*:*:*:*:*:*:*", "matchCriteriaId": "FB9E26AB-915A-477F-BA5C-10965A7098F9", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:1.4.6:*:*:*:*:*:*:*", "matchCriteriaId": "DFD49A9B-16A7-4362-8D62-6EB5ECBE4296", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:1.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "7B0CB798-F4ED-44E5-9B15-B7009EAC6303", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:1.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "FC3F6E5C-CF55-4CEB-A5B6-D49E0234FF3F", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:1.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "C2C1DD29-88D2-49DE-9B77-D925A4B9EB7E", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:1.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "67130DAF-AE81-43D2-A208-58A53746A7E3", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:1.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "FB9F8426-38CB-46B4-B0D0-8D16B48DD53F", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:1.5.5:*:*:*:*:*:*:*", "matchCriteriaId": "90631FFA-9AB2-483D-B162-31A47428D280", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:1.5.6:*:*:*:*:*:*:*", "matchCriteriaId": "8BD5A981-3FDD-4E74-8EB2-5F324246FFF5", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:1.5.7:*:*:*:*:*:*:*", "matchCriteriaId": "88F4E8C9-671B-4DA3-9D0D-98539D8D4FE0", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:1.5.8:*:*:*:*:*:*:*", "matchCriteriaId": "341F900B-5179-4CB4-9F41-91B58B29C414", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:1.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "3F34F463-6350-4F48-B037-856DDBB1A4FE", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:1.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "B2C813BA-B8F9-446B-A07F-B51F26815578", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:1.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "3DF4080D-0D95-429E-88AA-1051A5520C01", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:1.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "CF50F098-A055-4B79-AC35-6BD6F32D70F2", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:1.6.4:*:*:*:*:*:*:*", "matchCriteriaId": "540461D4-87F4-42AB-ADDC-C7A067FE2893", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:1.6.5:*:*:*:*:*:*:*", "matchCriteriaId": "3E676744-C623-4894-8764-43588E56D2FC", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:1.6.6:*:*:*:*:*:*:*", "matchCriteriaId": "669735D1-1C14-4CD7-AA7C-AD2CA63A1979", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:1.6.7:*:*:*:*:*:*:*", "matchCriteriaId": "D4C568FD-54BC-4506-AF60-BFE7CE14D0F5", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:1.6.8:*:*:*:*:*:*:*", "matchCriteriaId": "D5F71F24-D909-49D9-8B4F-FA757FDF1C25", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:1.6.9:*:*:*:*:*:*:*", "matchCriteriaId": "034D1C36-B73E-443E-A6B4-44CC6E7BC043", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:1.6.10:*:*:*:*:*:*:*", "matchCriteriaId": "6D373245-8384-45E4-BE2E-E0518BD7F84F", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:1.6.11:*:*:*:*:*:*:*", "matchCriteriaId": "EED44413-D313-4588-9A4B-25F79D0925A3", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:1.6.12:*:*:*:*:*:*:*", "matchCriteriaId": "C193EB08-BBC2-43A2-B11A-9C7E2098862D", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:1.6.13:*:*:*:*:*:*:*", "matchCriteriaId": "022A5BCE-A1DC-48E2-829D-AD9261562095", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:m1:*:*:*:*:*:*:*", "matchCriteriaId": "ADEF93A5-5D53-4EA7-8865-CA0EABC18A89", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:m2:*:*:*:*:*:*:*", "matchCriteriaId": "023127A5-04AD-4725-85EB-3D08C08DFB91", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:m3:*:*:*:*:*:*:*", "matchCriteriaId": "689E87D0-BAA7-420D-A700-C07376F312F3", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:m4\\/m5:*:*:*:*:*:*:*", "matchCriteriaId": "D3073CF2-E398-408C-9782-702F83663557", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The walk function in repos.c in the mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.15, allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via vectors that trigger the walking of SVNParentPath collections."}, {"lang": "es", "value": "La funci\u00f3n walk en repos.c en el m\u00f3dulo mod_dav_svn para el servidor Apache HTTP, como los distribuidos en Apache Subversion anteriores a v1.6.15, permite a usuarios remotos autenticados causar una denegaci\u00f3n de servicio (desreferencia a puntero NULL y ca\u00edda del demonio) a trav\u00e9s de vectores que provocan el seguimiento de Las colecciones SVNParentPath."}], "id": "CVE-2010-4539", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 6.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2011-01-07T19:00:19.313", "references": [{"source": "secalert@redhat.com", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053230.html"}, {"source": "secalert@redhat.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html"}, {"source": "secalert@redhat.com", "url": "http://mail-archives.apache.org/mod_mbox/subversion-users/201011.mbox/%3C3923B919-C2BE-41AD-84ED-7207837FAD1A%40ncsa.illinois.edu%3E"}, {"source": "secalert@redhat.com", "url": "http://mail-archives.apache.org/mod_mbox/www-announce/201011.mbox/%3CAANLkTi=5+NOi-Cp=fKCx6mAW-TofFVW=ikEQkXgQB8Bt%40mail.gmail.com%3E"}, {"source": "secalert@redhat.com", "tags": ["Patch"], "url": "http://openwall.com/lists/oss-security/2011/01/02/1"}, {"source": "secalert@redhat.com", "url": "http://openwall.com/lists/oss-security/2011/01/03/9"}, {"source": "secalert@redhat.com", "tags": ["Patch"], "url": "http://openwall.com/lists/oss-security/2011/01/04/10"}, {"source": "secalert@redhat.com", "tags": ["Patch"], "url": "http://openwall.com/lists/oss-security/2011/01/04/8"}, {"source": "secalert@redhat.com", "tags": ["Patch"], "url": "http://openwall.com/lists/oss-security/2011/01/05/4"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/42780"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/42969"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/43115"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/43139"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/43346"}, {"source": "secalert@redhat.com", "url": "http://svn.apache.org/repos/asf/subversion/tags/1.6.15/CHANGES"}, {"source": "secalert@redhat.com", "tags": ["Patch"], "url": "http://svn.apache.org/viewvc?view=revision&revision=1033166"}, {"source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:006"}, {"source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2011-0257.html"}, {"source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2011-0258.html"}, {"source": "secalert@redhat.com", "url": "http://www.securityfocus.com/bid/45655"}, {"source": "secalert@redhat.com", "url": "http://www.securitytracker.com/id?1024934"}, {"source": "secalert@redhat.com", "url": "http://www.ubuntu.com/usn/USN-1053-1"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2011/0015"}, {"source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2011/0103"}, {"source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2011/0162"}, {"source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2011/0264"}, {"source": "secalert@redhat.com", "tags": ["Exploit", "Patch"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=667407"}, {"source": "secalert@redhat.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64472"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053230.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://mail-archives.apache.org/mod_mbox/subversion-users/201011.mbox/%3C3923B919-C2BE-41AD-84ED-7207837FAD1A%40ncsa.illinois.edu%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://mail-archives.apache.org/mod_mbox/www-announce/201011.mbox/%3CAANLkTi=5+NOi-Cp=fKCx6mAW-TofFVW=ikEQkXgQB8Bt%40mail.gmail.com%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://openwall.com/lists/oss-security/2011/01/02/1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://openwall.com/lists/oss-security/2011/01/03/9"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://openwall.com/lists/oss-security/2011/01/04/10"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://openwall.com/lists/oss-security/2011/01/04/8"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://openwall.com/lists/oss-security/2011/01/05/4"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/42780"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/42969"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/43115"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/43139"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/43346"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://svn.apache.org/repos/asf/subversion/tags/1.6.15/CHANGES"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://svn.apache.org/viewvc?view=revision&revision=1033166"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:006"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2011-0257.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2011-0258.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/45655"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1024934"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ubuntu.com/usn/USN-1053-1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2011/0015"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2011/0103"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2011/0162"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2011/0264"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Patch"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=667407"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64472"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-399"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2011:0257", "cpe": "cpe:/o:redhat:enterprise_linux:5", "package": "subversion-0:1.6.11-7.el5_6.1", "product_name": "Red Hat Enterprise Linux 5", "release_date": "2011-02-15T00:00:00Z"}, {"advisory": "RHSA-2011:0258", "cpe": "cpe:/o:redhat:enterprise_linux:6", "package": "subversion-0:1.6.11-2.el6_0.2", "product_name": "Red Hat Enterprise Linux 6", "release_date": "2011-02-15T00:00:00Z"}], "bugzilla": {"description": "(mod_dav_svn): DoS (crash) by processing certain requests to display all available repositories to a web browser", "id": "667407", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=667407"}, "csaw": false, "cvss": {"cvss_base_score": "3.5", "cvss_scoring_vector": "AV:N/AC:M/Au:S/C:N/I:N/A:P", "status": "verified"}, "details": ["The walk function in repos.c in the mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.15, allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via vectors that trigger the walking of SVNParentPath collections."], "name": "CVE-2010-4539", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:4", "fix_state": "Not affected", "package_name": "subversion", "product_name": "Red Hat Enterprise Linux 4"}], "public_date": "2010-11-26T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2010-4539\nhttps://nvd.nist.gov/vuln/detail/CVE-2010-4539"], "threat_severity": "Low"}

Metrics

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

Affected Vendors & Products

Metrics

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object