PT-2011-1598 · Apache+1 · Apache Subversion+1

Jan Lieskovsky

Publicado

2011-01-07

Atualizado

2024-06-15

CVE-2010-4539

CVSS v2.0

6.8

Média

Vetor

AV:N/AC:L/Au:S/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Apache Subversion versions prior to 1.6.15

Description The issue allows remote authenticated users to cause a denial of service, resulting in a daemon crash due to a NULL pointer dereference. This is achieved by triggering the walking of SVNParentPath collections.

Recommendations For versions prior to 1.6.15, update to version 1.6.15 or later to resolve the issue. As a temporary workaround, consider restricting access to the mod dav svn module to minimize the risk of exploitation.

Exploit

Correção

DoS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-399

Identificadores relacionados

CVE-2010-4539

OPENSUSE-SU-2024:10538-1

RHSA-2011:0257

RHSA-2011:0258

RHSA-2011_0257

RHSA-2011_0258

Produtos afetados

Apache Subversion

Red Hat

PT-2011-1598 · Apache+1 · Apache Subversion+1

CVE-2010-4539

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 80