Bug 709112 – CVE-2011-1783 subversion (mod_dav_svn): DoS (excessive memory use) when configured to provide path-based access control

Bugzilla will be upgraded to version 5.0 on a still to be determined date in the near future. The original upgrade date has been delayed.

Bug 709112 - (CVE-2011-1783) CVE-2011-1783 subversion (mod_dav_svn): DoS (excessive memory use) when configured to provide path-based access control

Summary:	CVE-2011-1783 subversion (mod_dav_svn): DoS (excessive memory use) when confi...

Status:	CLOSED ERRATA

Aliases:	CVE-2011-1783

Product:	Security Response
Classification:	Other
Component:	vulnerability (Show other bugs)
Sub Component:
Version:	unspecified
Hardware:	All Linux

Priority	medium Severity medium
Target Milestone:	---
Target Release:	---
Assigned To:	Red Hat Product Security
QA Contact:
Docs Contact:

URL:
Whiteboard:	public=20110601,reported=20110527,sou...
Keywords:	Security

Depends On:	709218 709219 709220 709221 709952 812251 893085
Blocks:
	Show dependency tree / graph

Reported:	2011-05-30 12:56 EDT by Jan Lieskovsky
Modified:	2015-07-29 08:48 EDT (History)
CC List:	2 users (show)

See Also:
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Story Points:	---
Clone Of:
Environment:
Last Closed:	2015-07-29 08:48:34 EDT
Type:	---
Regression:	---
Mount Type:	---
Documentation:	---
CRM:
Verified Versions:
Category:	---
oVirt Team:	---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

External Trackers
Tracker	ID	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2011:0862	normal	SHIPPED_LIVE	Moderate: subversion security update	2011-06-08 11:47:05 EDT

Groups: None (edit)

Description Jan Lieskovsky 2011-05-30 12:56:01 EDT

An infinite loop was found in the way mod_dav_svn module of the subversion
concurrent version control system processed certain data sets, when
SVNPathAuthz configuration directive with value of 'short_circuit' was used.
A remote attacker could use this flaw to cause the httpd child process to
consume excessive amount of system memory.

Acknowledgements:

Red Hat would like to thank the Apache Subversion project for reporting this
issue. Upstream acknowledges Ivan Zhakov of VisualSVN as the original reporter.

Comment 2 Jan Lieskovsky 2011-05-30 12:59:30 EDT

This issue did NOT affect the version of the subversion package, as shipped
with Red Hat Enterprise Linux 4.

--

This issue affects the versions of the subversion package, as shipped with
Red Hat Enterprise Linux 5 and 6.

--

This issue affects the versions of the subversion package, as shipped with
Fedora release of 13, 14, and 15.

Comment 4 Huzaifa S. Sidhpurwala 2011-06-02 01:03:36 EDT

Public via:
http://subversion.apache.org/security/CVE-2011-1783-advisory.txt

Comment 5 Huzaifa S. Sidhpurwala 2011-06-02 01:06:02 EDT

Created subversion tracking bugs for this issue

Affects: fedora-all [bug 709952]

Comment 6 errata-xmlrpc 2011-06-08 11:47:14 EDT

This issue has been addressed in following products:

  Red Hat Enterprise Linux 6
  Red Hat Enterprise Linux 5

Via RHSA-2011:0862 https://rhn.redhat.com/errata/RHSA-2011-0862.html

Note You need to log in before you can comment on or make changes to this bug.