The svnserve server in Subversion before 1.6.23 and 1.7.x before 1.7.10 allows remote attackers to cause a denial of service (exit) by aborting a connection.

Metrics

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

AV:N/AC:L/Au:N/C:N/I:N/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Affected Vendors & Products

Vendors Products
Apache
  • Subversion
Canonical
  • Ubuntu Linux
Collabnet
  • Subversion
Opensuse
  • Opensuse
Redhat
  • Enterprise Linux

Configuration 1 [-]

OR cpe:2.3:a:apache:subversion:*:*:*:*:*:*:*:*
cpe:2.3:a:apache:subversion:1.6.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:subversion:1.6.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:subversion:1.6.2:*:*:*:*:*:*:*
cpe:2.3:a:apache:subversion:1.6.3:*:*:*:*:*:*:*
cpe:2.3:a:apache:subversion:1.6.4:*:*:*:*:*:*:*
cpe:2.3:a:apache:subversion:1.6.5:*:*:*:*:*:*:*
cpe:2.3:a:apache:subversion:1.6.6:*:*:*:*:*:*:*
cpe:2.3:a:apache:subversion:1.6.7:*:*:*:*:*:*:*
cpe:2.3:a:apache:subversion:1.6.8:*:*:*:*:*:*:*
cpe:2.3:a:apache:subversion:1.6.9:*:*:*:*:*:*:*
cpe:2.3:a:apache:subversion:1.6.10:*:*:*:*:*:*:*
cpe:2.3:a:apache:subversion:1.6.11:*:*:*:*:*:*:*
cpe:2.3:a:apache:subversion:1.6.12:*:*:*:*:*:*:*
cpe:2.3:a:apache:subversion:1.6.13:*:*:*:*:*:*:*
cpe:2.3:a:apache:subversion:1.6.14:*:*:*:*:*:*:*
cpe:2.3:a:apache:subversion:1.6.15:*:*:*:*:*:*:*
cpe:2.3:a:apache:subversion:1.6.16:*:*:*:*:*:*:*
cpe:2.3:a:apache:subversion:1.6.17:*:*:*:*:*:*:*
cpe:2.3:a:apache:subversion:1.6.18:*:*:*:*:*:*:*
cpe:2.3:a:apache:subversion:1.6.19:*:*:*:*:*:*:*
cpe:2.3:a:apache:subversion:1.6.20:*:*:*:*:*:*:*
cpe:2.3:a:collabnet:subversion:1.6.17:*:*:*:*:*:*:*

Configuration 2 [-]

OR cpe:2.3:a:apache:subversion:1.7.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:subversion:1.7.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:subversion:1.7.2:*:*:*:*:*:*:*
cpe:2.3:a:apache:subversion:1.7.3:*:*:*:*:*:*:*
cpe:2.3:a:apache:subversion:1.7.4:*:*:*:*:*:*:*
cpe:2.3:a:apache:subversion:1.7.5:*:*:*:*:*:*:*
cpe:2.3:a:apache:subversion:1.7.6:*:*:*:*:*:*:*
cpe:2.3:a:apache:subversion:1.7.7:*:*:*:*:*:*:*
cpe:2.3:a:apache:subversion:1.7.8:*:*:*:*:*:*:*
cpe:2.3:a:apache:subversion:1.7.9:*:*:*:*:*:*:*

Configuration 3 [-]

OR cpe:2.3:o:canonical:ubuntu_linux:12.04:-:lts:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*
Package CPE Advisory Released Date
Red Hat Enterprise Linux 5
subversion-0:1.6.11-12.el5_10 cpe:/o:redhat:enterprise_linux:5 RHSA-2014:0255 2014-03-05T00:00:00Z
Red Hat Enterprise Linux 6
subversion-0:1.6.11-10.el6_5 cpe:/o:redhat:enterprise_linux:6 RHSA-2014:0255 2014-03-05T00:00:00Z
References
Link Providers
http://lists.opensuse.org/opensuse-updates/2013-07/msg00015.html cve-icon cve-icon
http://mail-archives.apache.org/mod_mbox/subversion-announce/201305.mbox/%3CCADkdwvRK51pQsybfvsAzjxQJrmVpL0fEa1K4WGkUP9Tzz6KFDw%40mail.gmail.com%3E cve-icon cve-icon
http://mail-archives.apache.org/mod_mbox/subversion-announce/201305.mbox/%3CCADkdwvTxsMFeHgc8bK2V-2PrSrKoBffTi8%2BxbHA5tocrrewWew%40mail.gmail.com%3E cve-icon cve-icon
http://rhn.redhat.com/errata/RHSA-2014-0255.html cve-icon cve-icon
http://www.debian.org/security/2013/dsa-2703 cve-icon cve-icon
http://www.ubuntu.com/usn/USN-1893-1 cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2013-2112 cve-icon
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19057 cve-icon cve-icon
https://subversion.apache.org/security/CVE-2013-2112-advisory.txt cve-icon cve-icon
https://www.cve.org/CVERecord?id=CVE-2013-2112 cve-icon
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2013-07-31T10:00:00.000Z

Updated: 2024-08-06T15:27:40.658Z

Reserved: 2013-02-19T00:00:00.000Z

Link: CVE-2013-2112

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2013-07-31T13:20:24.727

Modified: 2026-04-29T01:13:23.040

Link: CVE-2013-2112

cve-icon Redhat

Severity : Low

Publid Date: 2013-05-31T00:00:00Z

Links: CVE-2013-2112 - Bugzilla