Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2014-3580

Опубликовано: 15 дек. 2014
Источник: redhat
CVSS2: 4.3
EPSS Средний

Описание

The mod_dav_svn Apache HTTPD server module in Apache Subversion 1.x before 1.7.19 and 1.8.x before 1.8.11 allows remote attackers to cause a denial of service (NULL pointer dereference and server crash) via a REPORT request for a resource that does not exist.

A NULL pointer dereference flaw was found in the way the mod_dav_svn module handled REPORT requests. A remote, unauthenticated attacker could use a specially crafted REPORT request to crash mod_dav_svn.

Отчет

Red Hat Enterprise Linux 5 is now in Production 3 Phase of the support and maintenance life cycle. This has been rated as having Moderate security impact and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5subversionWill not fix
Red Hat Enterprise Linux 6subversionFixedRHSA-2015:016510.02.2015
Red Hat Enterprise Linux 7subversionFixedRHSA-2015:016610.02.2015

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-476
https://bugzilla.redhat.com/show_bug.cgi?id=1174054subversion: NULL pointer dereference flaw in mod_dav_svn when handling REPORT requests

EPSS

Процентиль: 93%
0.11576
Средний

4.3 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2014-3580

ubuntu
больше 10 лет назад

The mod_dav_svn Apache HTTPD server module in Apache Subversion 1.x before 1.7.19 and 1.8.x before 1.8.11 allows remote attackers to cause a denial of service (NULL pointer dereference and server crash) via a REPORT request for a resource that does not exist.

nvd логотип

CVE-2014-3580

nvd
больше 10 лет назад

The mod_dav_svn Apache HTTPD server module in Apache Subversion 1.x before 1.7.19 and 1.8.x before 1.8.11 allows remote attackers to cause a denial of service (NULL pointer dereference and server crash) via a REPORT request for a resource that does not exist.

debian логотип

CVE-2014-3580

debian
больше 10 лет назад

The mod_dav_svn Apache HTTPD server module in Apache Subversion 1.x be ...

github логотип

GHSA-x4g6-pj88-5h4h

github
около 3 лет назад

The mod_dav_svn Apache HTTPD server module in Apache Subversion 1.x before 1.7.19 and 1.8.x before 1.8.11 allows remote attackers to cause a denial of service (NULL pointer dereference and server crash) via a REPORT request for a resource that does not exist.

oracle-oval логотип

ELSA-2015-0165

oracle-oval
больше 10 лет назад

ELSA-2015-0165: subversion security update (MODERATE)

EPSS

Процентиль: 93%
0.11576
Средний

4.3 Medium

CVSS2