PT-2014-5403 · Apache+5 · Apache Subversion+5

Publicado

2014-12-17

Atualizado

2024-06-15

CVE-2014-3580

CVSS v2.0

5.0

Média

Vetor

AV:N/AC:L/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions Apache Subversion versions 1.x prior to 1.7.19 Apache Subversion versions 1.8.x prior to 1.8.11

Description The issue allows remote attackers to cause a denial of service, resulting in a server crash due to a NULL pointer dereference. This can be achieved by sending a REPORT request for a resource that does not exist or for some malformed URIs.

Recommendations For Apache Subversion versions 1.x prior to 1.7.19, update to version 1.7.19 or later. For Apache Subversion versions 1.8.x prior to 1.8.11, update to version 1.8.11 or later.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

ALT-PU-2015-1708

CESA-2015_0165

CESA-2015_0166

CVE-2014-3580

DLA-119-1

DSA-3107-1

MGASA-2014-0545

OPENSUSE-SU-2024:10538-1

RHSA-2015:0165

RHSA-2015:0166

RHSA-2015_0165

RHSA-2015_0166

SUSE-SU-2015:0709-1

SUSE-SU-2015_0153-1

SUSE-SU-2015_0155-2

SUSE-SU-2017:2200-1

SUSE-SU-2017_2200-1

USN-2721-1

Produtos afetados

Alt Linux

Apache Subversion

Centos

Red Hat

Suse

Ubuntu

PT-2014-5403 · Apache+5 · Apache Subversion+5

CVE-2014-3580

Identificadores relacionados

Produtos afetados

Referências · 155