CVE-2010-4644

Severity

35%

Complexity

68%

Confidentiality

48%

Multiple memory leaks in rev_hunt.c in Apache Subversion before 1.6.15 allow remote authenticated users to cause a denial of service (memory consumption and daemon crash) via the -g option to the blame command.

Multiple memory leaks in rev_hunt.c in Apache Subversion before 1.6.15 allow remote authenticated users to cause a denial of service (memory consumption and daemon crash) via the -g option to the blame command.

CVSS 2.0 Base Score 3.5. CVSS Attack Vector: network. CVSS Attack Complexity: medium. CVSS Vector: (AV:N/AC:M/Au:S/C:N/I:N/A:P).

Overview

Type

Apache Software Foundation Subversion

First reported 14 years ago

2011-01-07 19:00:00

Last updated 7 years ago

2017-08-17 01:33:00

Affected Software

Apache Software Foundation Subversion 0.6

0.6

Apache Software Foundation Subversion 0.7

0.7

Apache Software Foundation Subversion 0.8

0.8

Apache Software Foundation Subversion 0.9

0.9

Apache Software Foundation Subversion 0.10.0

0.10.0

Apache Software Foundation Subversion 0.10.1

0.10.1

Apache Software Foundation Subversion 0.10.2

0.10.2

Apache Software Foundation Subversion 0.11.1

0.11.1

Apache Software Foundation Subversion 0.12.0

0.12.0

Apache Software Foundation Subversion 0.13.0

0.13.0

Apache Software Foundation Subversion 0.13.1

0.13.1

Apache Software Foundation Subversion 0.13.2

0.13.2

Apache Software Foundation Subversion 0.14.0

0.14.0

Apache Software Foundation Subversion 0.14.1

0.14.1

Apache Software Foundation Subversion 0.14.2

0.14.2

Apache Software Foundation Subversion 0.14.3

0.14.3

Apache Software Foundation Subversion 0.14.4

0.14.4

Apache Software Foundation Subversion 0.14.5

0.14.5

Apache Software Foundation Subversion 0.15

0.15

Apache Software Foundation Subversion 0.16

0.16

Apache Software Foundation Subversion 0.16.1

0.16.1

Apache Software Foundation Subversion 0.17.0

0.17.0

Apache Software Foundation Subversion 0.17.1

0.17.1

Apache Software Foundation Subversion 0.18.0

0.18.0

Apache Software Foundation Subversion 0.18.1

0.18.1

Apache Software Foundation Subversion 0.19.0

0.19.0

Apache Software Foundation Subversion 0.19.1

0.19.1

Apache Software Foundation Subversion 0.20.0

0.20.0

Apache Software Foundation Subversion 0.20.1

0.20.1

Apache Software Foundation Subversion 0.21.0

0.21.0

Apache Software Foundation Subversion 0.22.0

0.22.0

Apache Software Foundation Subversion 0.22.1

0.22.1

Apache Software Foundation Subversion 0.22.2

0.22.2

Apache Software Foundation Subversion 0.23.0

0.23.0

Apache Software Foundation Subversion 0.24.0

0.24.0

Apache Software Foundation Subversion 0.24.1

0.24.1

Apache Software Foundation Subversion 0.24.2

0.24.2

Apache Software Foundation Subversion 0.25.0

0.25.0

Apache Software Foundation Subversion 0.26.0

0.26.0

Apache Software Foundation Subversion 0.27.0

0.27.0

Apache Software Foundation Subversion 0.28.0

0.28.0

Apache Software Foundation Subversion 0.28.1

0.28.1

Apache Software Foundation Subversion 0.28.2

0.28.2

Apache Software Foundation Subversion 0.29.0

0.29.0

Apache Software Foundation Subversion 0.30.0

0.30.0

Apache Software Foundation Subversion 0.31.0

0.31.0

Apache Software Foundation Subversion 0.32.1

0.32.1

Apache Software Foundation Subversion 0.33.0

0.33.0

Apache Software Foundation Subversion 0.33.1

0.33.1

Apache Software Foundation Subversion 0.34.0

0.34.0

Apache Software Foundation Subversion 0.35.0

0.35.0

Apache Software Foundation Subversion 0.35.1

0.35.1

Apache Software Foundation Subversion 0.36.0

0.36.0

Apache Software Foundation Subversion 0.37.0

0.37.0

Apache Software Foundation Subversion 1.0.0

1.0.0

Apache Software Foundation Subversion 1.0.1

1.0.1

Apache Software Foundation Subversion 1.0.2

1.0.2

Apache Software Foundation Subversion 1.0.3

1.0.3

Apache Software Foundation Subversion 1.0.4

1.0.4

Apache Software Foundation Subversion 1.0.5

1.0.5

Apache Software Foundation Subversion 1.0.6

1.0.6

Apache Software Foundation Subversion 1.0.7

1.0.7

Apache Software Foundation Subversion 1.0.8

1.0.8

Apache Software Foundation Subversion 1.0.9

1.0.9

Apache Software Foundation Subversion 1.1.0

1.1.0

Apache Software Foundation Subversion 1.1.1

1.1.1

Apache Software Foundation Subversion 1.1.2

1.1.2

Apache Software Foundation Subversion 1.1.3

1.1.3

Apache Software Foundation Subversion 1.1.4

1.1.4

Apache Software Foundation Subversion 1.2.0

1.2.0

Apache Software Foundation Subversion 1.2.1

1.2.1

Apache Software Foundation Subversion 1.2.2

1.2.2

Apache Software Foundation Subversion 1.2.3

1.2.3

Apache Software Foundation Subversion 1.3.0

1.3.0

Apache Software Foundation Subversion 1.3.1

1.3.1

Apache Software Foundation Subversion 1.3.2

1.3.2

Apache Software Foundation Subversion 1.4.0

1.4.0

Apache Software Foundation Subversion 1.4.1

1.4.1

Apache Software Foundation Subversion 1.4.2

1.4.2

Apache Software Foundation Subversion 1.4.3

1.4.3

Apache Software Foundation Subversion 1.4.4

1.4.4

Apache Software Foundation Subversion 1.4.5

1.4.5

Apache Software Foundation Subversion 1.4.6

1.4.6

Apache Software Foundation Subversion 1.5.0

1.5.0

Apache Software Foundation Subversion 1.5.1

1.5.1

Apache Software Foundation Subversion 1.5.2

1.5.2

Apache Software Foundation Subversion 1.5.3

1.5.3

Apache Software Foundation Subversion 1.5.4

1.5.4

Apache Software Foundation Subversion 1.5.5

1.5.5

Apache Software Foundation Subversion 1.5.6

1.5.6

Apache Software Foundation Subversion 1.5.7

1.5.7

Apache Software Foundation Subversion 1.5.8

1.5.8

Apache Software Foundation Subversion 1.6.0

1.6.0

Apache Software Foundation Subversion 1.6.1

1.6.1

Apache Software Foundation Subversion 1.6.2

1.6.2

Apache Software Foundation Subversion 1.6.3

1.6.3

Apache Software Foundation Subversion 1.6.4

1.6.4

Apache Software Foundation Subversion 1.6.5

1.6.5

Apache Software Foundation Subversion 1.6.6

1.6.6

Apache Software Foundation Subversion 1.6.7

1.6.7

Apache Software Foundation Subversion 1.6.8

1.6.8

Apache Software Foundation Subversion 1.6.9

1.6.9

Apache Software Foundation Subversion 1.6.10

1.6.10

Apache Software Foundation Subversion 1.6.11

1.6.11

Apache Software Foundation Subversion 1.6.12

1.6.12

Apache Software Foundation Subversion 1.6.13

1.6.13

Apache Software Foundation Subversion Milestone 1

m1

Apache Software Foundation Subversion Milestone 2

m2

Apache Software Foundation Subversion Milestone 3

m3

Apache Software Foundation Subversion Milestone 4/5

m4\/m5

References

FEDORA-2011-0099

SUSE-SR:2011:005

[subversion-users] 20101104 svnserve.exe (Win32) using 2GB of memory and then crashing?

[www-announce] 20101124 Apache Subversion 1.6.15 Released

[oss-security] 20110102 CVE request for subversion

[oss-security] 20110104 Re: CVE request for subversion

[oss-security] 20110104 Re: CVE request for subversion

[oss-security] 20110105 Re: CVE request for subversion

42780

Vendor Advisory

42969

43115

43139

43346

http://svn.apache.org/repos/asf/subversion/tags/1.6.15/CHANGES

http://svn.apache.org/viewvc?view=revision&revision=1032808

[dev] 20101104 "svn blame -g" causing svnserve to hang & mem usage to hit 2GB

Exploit

MDVSA-2011:006

RHSA-2011:0257

RHSA-2011:0258

45655

1024935

USN-1053-1

ADV-2011-0015

Vendor Advisory

ADV-2011-0103

ADV-2011-0162

ADV-2011-0264

subversion-blameg-dos(64473)

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.