Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2015-0248

Опубликовано: 31 мар. 2015
Источник: redhat
CVSS2: 5
EPSS Средний

Описание

The (1) mod_dav_svn and (2) svnserve servers in Subversion 1.6.0 through 1.7.19 and 1.8.0 through 1.8.11 allow remote attackers to cause a denial of service (assertion failure and abort) via crafted parameter combinations related to dynamically evaluated revision numbers.

An assertion failure flaw was found in the way the SVN server processed certain requests with dynamically evaluated revision numbers. A remote attacker could use this flaw to cause the SVN server (both svnserve and httpd with the mod_dav_svn module) to crash.

Отчет

Red Hat Enterprise Linux 5 is now in Production 3 Phase of the support and maintenance life cycle. This has been rated as having Moderate security impact and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5subversionWill not fix
Red Hat Enterprise Linux 6subversionFixedRHSA-2015:163317.08.2015
Red Hat Enterprise Linux 7subversionFixedRHSA-2015:174208.09.2015

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-617
https://bugzilla.redhat.com/show_bug.cgi?id=1205138subversion: (mod_dav_svn) remote denial of service with certain requests with dynamically evaluated revision numbers

EPSS

Процентиль: 93%
0.11428
Средний

5 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2015-0248

ubuntu
больше 10 лет назад

The (1) mod_dav_svn and (2) svnserve servers in Subversion 1.6.0 through 1.7.19 and 1.8.0 through 1.8.11 allow remote attackers to cause a denial of service (assertion failure and abort) via crafted parameter combinations related to dynamically evaluated revision numbers.

nvd логотип

CVE-2015-0248

nvd
больше 10 лет назад

The (1) mod_dav_svn and (2) svnserve servers in Subversion 1.6.0 through 1.7.19 and 1.8.0 through 1.8.11 allow remote attackers to cause a denial of service (assertion failure and abort) via crafted parameter combinations related to dynamically evaluated revision numbers.

debian логотип

CVE-2015-0248

debian
больше 10 лет назад

The (1) mod_dav_svn and (2) svnserve servers in Subversion 1.6.0 throu ...

github логотип

GHSA-8pfv-rvrh-7fhw

github
больше 3 лет назад

The (1) mod_dav_svn and (2) svnserve servers in Subversion 1.6.0 through 1.7.19 and 1.8.0 through 1.8.11 allow remote attackers to cause a denial of service (assertion failure and abort) via crafted parameter combinations related to dynamically evaluated revision numbers.

fstec логотип

BDU:2020-04532

CVSS3: 5.3
fstec
больше 10 лет назад

Уязвимость серверного процессов mod_dav_svn и svnserve централизованной системы управления версиями Subversion, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 93%
0.11428
Средний

5 Medium

CVSS2