The req_check_access function in the mod_authz_svn module in the httpd server in Apache Subversion prior to 1.8.16 and 1.9.x prior to 1.9.4 allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) via a crafted header in a (1) MOVE or (2) COPY request, involving an authorization check.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apache subversion |
||
apache subversion 1.9.3 |
||
apache subversion 1.9.1 |
||
apache subversion 1.9.0 |
||
apache subversion 1.9.2 |