PT-2016-5044 · Apache+2 · Apache Subversion+2

Publicado

2016-04-29

Atualizado

2024-06-15

CVE-2016-2168

CVSS v3.1

6.5

Média

Vetor

AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Apache Subversion versions prior to 1.8.16 Apache Subversion versions 1.9.x prior to 1.9.4

Description The issue allows remote authenticated users to cause a denial of service, resulting in a crash, by sending a crafted header in a MOVE or COPY request. This is due to a NULL pointer dereference in the req check access function within the mod authz svn module of the httpd server.

Recommendations For Apache Subversion versions prior to 1.8.16, update to version 1.8.16 or later. For Apache Subversion versions 1.9.x prior to 1.9.4, update to version 1.9.4 or later.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

ALT-PU-2020-1641

ALT-PU-2020-2914

CVE-2016-2168

DLA-448-1

DSA-3561-1

MGASA-2016-0161

OPENSUSE-SU-2024:10538-1

SUSE-SU-2016:1249-1

SUSE-SU-2016:1511-1

SUSE-SU-2017:2200-1

USN-3388-2

Produtos afetados

Alt Linux

Apache Subversion

Suse

PT-2016-5044 · Apache+2 · Apache Subversion+2

CVE-2016-2168

Identificadores relacionados

Produtos afetados

Referências · 112