The get_resource function in repos.c in the mod_dav_svn module in Apache Subversion prior to 1.7.15 and 1.8.x prior to 1.8.6, when SVNListParentPath is enabled, allows remote malicious users to cause a denial of service (crash) via vectors related to the server root and request methods other than GET, as demonstrated by the "svn ls svn.example.com" command.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apache subversion 1.8.2 |
||
apache subversion 1.8.0 |
||
apache subversion 1.8.1 |
||
apache subversion 1.8.5 |
||
apache subversion 1.8.4 |
||
apache subversion 1.8.3 |
||
apache subversion 1.7.3 |
||
apache subversion 1.7.1 |
||
apache subversion 1.7.11 |
||
apache subversion 1.7.4 |
||
apache subversion 1.7.6 |
||
apache subversion 1.7.9 |
||
apache subversion 1.7.12 |
||
apache subversion 1.7.10 |
||
apache subversion 1.7.7 |
||
apache subversion |
||
apache subversion 1.7.2 |
||
apache subversion 1.7.13 |
||
apache subversion 1.7.8 |
||
apache subversion 1.7.5 |
||
apache subversion 1.7.0 |