Your submission was sent successfully! Close

CVE-2011-1783

Published: 2 June 2011

The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x and 1.6.x before 1.6.17, when the SVNPathAuthz short_circuit option is enabled, allows remote attackers to cause a denial of service (infinite loop and memory consumption) in opportunistic circumstances by requesting data.

Priority

Medium

Status

Package Release Status
subversion
Launchpad, Ubuntu, Debian
hardy Ignored
(reached end-of-life)
lucid
Released (1.6.6dfsg-2ubuntu1.3)
maverick
Released (1.6.12dfsg-1ubuntu1.3)
natty
Released (1.6.12dfsg-4ubuntu2.1)
upstream
Released (1.6.17)
Patches:
upstream: http://svn.apache.org/viewvc?view=revision&revision=1130303