Bug 929090 (CVE-2013-1847) - CVE-2013-1847 Subversion (mod_dav_svn): DoS (crash) via LOCK requests against a non-existent URL
Summary: CVE-2013-1847 Subversion (mod_dav_svn): DoS (crash) via LOCK requests against...
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2013-1847
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
low
low
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 947369 947370 947372 947374 948813
Blocks: 929099
TreeView+ depends on / blocked
 
Reported: 2013-03-29 08:51 UTC by Huzaifa S. Sidhpurwala
Modified: 2019-09-29 13:02 UTC (History)
4 users (show)

Fixed In Version: Subversion 1.6.21, Subversion 1.7.9
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2013-11-18 13:13:49 UTC


Attachments (Terms of Use)
patch-against-1.6.20 (2.19 KB, patch)
2013-03-29 08:52 UTC, Huzaifa S. Sidhpurwala
no flags Details | Diff
patch-against-1.7.8 (2.22 KB, patch)
2013-03-29 08:52 UTC, Huzaifa S. Sidhpurwala
no flags Details | Diff


Links
System ID Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2013:0737 normal SHIPPED_LIVE Moderate: subversion security update 2013-04-11 21:47:11 UTC

Description Huzaifa S. Sidhpurwala 2013-03-29 08:51:01 UTC
It was found that Subversion's mod_dav_svn Apache HTTPD server module will crash in some circumstances when a LOCK request is made against a non-existent URL. This can lead to DoS.

The vulnerability can be triggered by doing a LOCK request against a URL for a path that does not exist in the repository or an invalid activity URL where authentication is not required for the LOCK method.

Acknowledgements:

Red Hat would like to thank the Apache Subversion project for reporting this issue. Upstream acknowledges Philip Martin and Ben Reser as the original reporter of this flaw.

Comment 1 Huzaifa S. Sidhpurwala 2013-03-29 08:52:06 UTC
Created attachment 717972 [details]
patch-against-1.6.20

Comment 2 Huzaifa S. Sidhpurwala 2013-03-29 08:52:30 UTC
Created attachment 717973 [details]
patch-against-1.7.8

Comment 5 Huzaifa S. Sidhpurwala 2013-04-04 09:09:21 UTC
This issue affects the version of subversion as shipped with Red Hat Enterprise Linux 5 and 6.

This issue affects the version of subversion as shipped with Fedora 17 and Fedora 18.

Comment 6 Jan Lieskovsky 2013-04-05 12:47:37 UTC
External References:

http://subversion.apache.org/security/CVE-2013-1847-advisory.txt

Comment 8 Jan Lieskovsky 2013-04-05 12:59:24 UTC
Created subversion tracking bugs for this issue

Affects: fedora-all [bug 948813]

Comment 10 errata-xmlrpc 2013-04-11 17:49:23 UTC
This issue has been addressed in following products:

  Red Hat Enterprise Linux 6
  Red Hat Enterprise Linux 5

Via RHSA-2013:0737 https://rhn.redhat.com/errata/RHSA-2013-0737.html


Note You need to log in before you can comment on or make changes to this bug.