CVE-2010-4539

Severity

68%

Complexity

80%

Confidentiality

115%

The walk function in repos.c in the mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.15, allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via vectors that trigger the walking of SVNParentPath collections.

The walk function in repos.c in the mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.15, allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via vectors that trigger the walking of SVNParentPath collections.

CVSS 2.0 Base Score 6.8. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (AV:N/AC:L/Au:S/C:N/I:N/A:C).

Overview

Type

Apache Software Foundation Subversion

First reported 14 years ago

2011-01-07 19:00:00

Last updated 7 years ago

2017-08-17 01:33:00

Affected Software

Apache Software Foundation Subversion 0.6

0.6

Apache Software Foundation Subversion 0.7

0.7

Apache Software Foundation Subversion 0.8

0.8

Apache Software Foundation Subversion 0.9

0.9

Apache Software Foundation Subversion 0.10.0

0.10.0

Apache Software Foundation Subversion 0.10.1

0.10.1

Apache Software Foundation Subversion 0.10.2

0.10.2

Apache Software Foundation Subversion 0.11.1

0.11.1

Apache Software Foundation Subversion 0.12.0

0.12.0

Apache Software Foundation Subversion 0.13.0

0.13.0

Apache Software Foundation Subversion 0.13.1

0.13.1

Apache Software Foundation Subversion 0.13.2

0.13.2

Apache Software Foundation Subversion 0.14.0

0.14.0

Apache Software Foundation Subversion 0.14.1

0.14.1

Apache Software Foundation Subversion 0.14.2

0.14.2

Apache Software Foundation Subversion 0.14.3

0.14.3

Apache Software Foundation Subversion 0.14.4

0.14.4

Apache Software Foundation Subversion 0.14.5

0.14.5

Apache Software Foundation Subversion 0.15

0.15

Apache Software Foundation Subversion 0.16

0.16

Apache Software Foundation Subversion 0.16.1

0.16.1

Apache Software Foundation Subversion 0.17.0

0.17.0

Apache Software Foundation Subversion 0.17.1

0.17.1

Apache Software Foundation Subversion 0.18.0

0.18.0

Apache Software Foundation Subversion 0.18.1

0.18.1

Apache Software Foundation Subversion 0.19.0

0.19.0

Apache Software Foundation Subversion 0.19.1

0.19.1

Apache Software Foundation Subversion 0.20.0

0.20.0

Apache Software Foundation Subversion 0.20.1

0.20.1

Apache Software Foundation Subversion 0.21.0

0.21.0

Apache Software Foundation Subversion 0.22.0

0.22.0

Apache Software Foundation Subversion 0.22.1

0.22.1

Apache Software Foundation Subversion 0.22.2

0.22.2

Apache Software Foundation Subversion 0.23.0

0.23.0

Apache Software Foundation Subversion 0.24.0

0.24.0

Apache Software Foundation Subversion 0.24.1

0.24.1

Apache Software Foundation Subversion 0.24.2

0.24.2

Apache Software Foundation Subversion 0.25.0

0.25.0

Apache Software Foundation Subversion 0.26.0

0.26.0

Apache Software Foundation Subversion 0.27.0

0.27.0

Apache Software Foundation Subversion 0.28.0

0.28.0

Apache Software Foundation Subversion 0.28.1

0.28.1

Apache Software Foundation Subversion 0.28.2

0.28.2

Apache Software Foundation Subversion 0.29.0

0.29.0

Apache Software Foundation Subversion 0.30.0

0.30.0

Apache Software Foundation Subversion 0.31.0

0.31.0

Apache Software Foundation Subversion 0.32.1

0.32.1

Apache Software Foundation Subversion 0.33.0

0.33.0

Apache Software Foundation Subversion 0.33.1

0.33.1

Apache Software Foundation Subversion 0.34.0

0.34.0

Apache Software Foundation Subversion 0.35.0

0.35.0

Apache Software Foundation Subversion 0.35.1

0.35.1

Apache Software Foundation Subversion 0.36.0

0.36.0

Apache Software Foundation Subversion 0.37.0

0.37.0

Apache Software Foundation Subversion 1.0.0

1.0.0

Apache Software Foundation Subversion 1.0.1

1.0.1

Apache Software Foundation Subversion 1.0.2

1.0.2

Apache Software Foundation Subversion 1.0.3

1.0.3

Apache Software Foundation Subversion 1.0.4

1.0.4

Apache Software Foundation Subversion 1.0.5

1.0.5

Apache Software Foundation Subversion 1.0.6

1.0.6

Apache Software Foundation Subversion 1.0.7

1.0.7

Apache Software Foundation Subversion 1.0.8

1.0.8

Apache Software Foundation Subversion 1.0.9

1.0.9

Apache Software Foundation Subversion 1.1.0

1.1.0

Apache Software Foundation Subversion 1.1.1

1.1.1

Apache Software Foundation Subversion 1.1.2

1.1.2

Apache Software Foundation Subversion 1.1.3

1.1.3

Apache Software Foundation Subversion 1.1.4

1.1.4

Apache Software Foundation Subversion 1.2.0

1.2.0

Apache Software Foundation Subversion 1.2.1

1.2.1

Apache Software Foundation Subversion 1.2.2

1.2.2

Apache Software Foundation Subversion 1.2.3

1.2.3

Apache Software Foundation Subversion 1.3.0

1.3.0

Apache Software Foundation Subversion 1.3.1

1.3.1

Apache Software Foundation Subversion 1.3.2

1.3.2

Apache Software Foundation Subversion 1.4.0

1.4.0

Apache Software Foundation Subversion 1.4.1

1.4.1

Apache Software Foundation Subversion 1.4.2

1.4.2

Apache Software Foundation Subversion 1.4.3

1.4.3

Apache Software Foundation Subversion 1.4.4

1.4.4

Apache Software Foundation Subversion 1.4.5

1.4.5

Apache Software Foundation Subversion 1.4.6

1.4.6

Apache Software Foundation Subversion 1.5.0

1.5.0

Apache Software Foundation Subversion 1.5.1

1.5.1

Apache Software Foundation Subversion 1.5.2

1.5.2

Apache Software Foundation Subversion 1.5.3

1.5.3

Apache Software Foundation Subversion 1.5.4

1.5.4

Apache Software Foundation Subversion 1.5.5

1.5.5

Apache Software Foundation Subversion 1.5.6

1.5.6

Apache Software Foundation Subversion 1.5.7

1.5.7

Apache Software Foundation Subversion 1.5.8

1.5.8

Apache Software Foundation Subversion 1.6.0

1.6.0

Apache Software Foundation Subversion 1.6.1

1.6.1

Apache Software Foundation Subversion 1.6.2

1.6.2

Apache Software Foundation Subversion 1.6.3

1.6.3

Apache Software Foundation Subversion 1.6.4

1.6.4

Apache Software Foundation Subversion 1.6.5

1.6.5

Apache Software Foundation Subversion 1.6.6

1.6.6

Apache Software Foundation Subversion 1.6.7

1.6.7

Apache Software Foundation Subversion 1.6.8

1.6.8

Apache Software Foundation Subversion 1.6.9

1.6.9

Apache Software Foundation Subversion 1.6.10

1.6.10

Apache Software Foundation Subversion 1.6.11

1.6.11

Apache Software Foundation Subversion 1.6.12

1.6.12

Apache Software Foundation Subversion 1.6.13

1.6.13

Apache Software Foundation Subversion Milestone 1

m1

Apache Software Foundation Subversion Milestone 2

m2

Apache Software Foundation Subversion Milestone 3

m3

Apache Software Foundation Subversion Milestone 4/5

m4\/m5

References

FEDORA-2011-0099

SUSE-SR:2011:005

[subversion-users] 20101104 apache coredump in mod_dav_svn

Exploit

[www-announce] 20101124 Apache Subversion 1.6.15 Released

[oss-security] 20110102 CVE request for subversion

Patch

[oss-security] 20110103 Re: CVE request for subversion

[oss-security] 20110104 Re: CVE request for subversion

Patch

[oss-security] 20110104 Re: CVE request for subversion

Patch

[oss-security] 20110105 Re: CVE request for subversion

Patch

42780

Vendor Advisory

42969

43115

43139

43346

http://svn.apache.org/repos/asf/subversion/tags/1.6.15/CHANGES

http://svn.apache.org/viewvc?view=revision&revision=1033166

Patch

MDVSA-2011:006

RHSA-2011:0257

RHSA-2011:0258

45655

1024934

USN-1053-1

ADV-2011-0015

Vendor Advisory

ADV-2011-0103

ADV-2011-0162

ADV-2011-0264

https://bugzilla.redhat.com/show_bug.cgi?id=667407

Exploit, Patch

subversion-walk-dos(64472)

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.