Bug 929090 - (CVE-2013-1847) CVE-2013-1847 Subversion (mod_dav_svn): DoS (crash) via LOCK requests against a non-existent URL
CVE-2013-1847 Subversion (mod_dav_svn): DoS (crash) via LOCK requests against...
Status: CLOSED ERRATA
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
unspecified
All Linux
low Severity low
: ---
: ---
Assigned To: Red Hat Product Security
impact=low,public=20130404,reported=2...
: Security
Depends On: 947369 947370 947372 947374 948813
Blocks: 929099
  Show dependency treegraph
 
Reported: 2013-03-29 04:51 EDT by Huzaifa S. Sidhpurwala
Modified: 2015-11-24 10:30 EST (History)
4 users (show)

See Also:
Fixed In Version: Subversion 1.6.21, Subversion 1.7.9
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2013-11-18 08:13:49 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
patch-against-1.6.20 (2.19 KB, patch)
2013-03-29 04:52 EDT, Huzaifa S. Sidhpurwala
no flags Details | Diff
patch-against-1.7.8 (2.22 KB, patch)
2013-03-29 04:52 EDT, Huzaifa S. Sidhpurwala
no flags Details | Diff

  None (edit)
Description Huzaifa S. Sidhpurwala 2013-03-29 04:51:01 EDT
It was found that Subversion's mod_dav_svn Apache HTTPD server module will crash in some circumstances when a LOCK request is made against a non-existent URL. This can lead to DoS.

The vulnerability can be triggered by doing a LOCK request against a URL for a path that does not exist in the repository or an invalid activity URL where authentication is not required for the LOCK method.

Acknowledgements:

Red Hat would like to thank the Apache Subversion project for reporting this issue. Upstream acknowledges Philip Martin and Ben Reser as the original reporter of this flaw.
Comment 1 Huzaifa S. Sidhpurwala 2013-03-29 04:52:06 EDT
Created attachment 717972 [details]
patch-against-1.6.20
Comment 2 Huzaifa S. Sidhpurwala 2013-03-29 04:52:30 EDT
Created attachment 717973 [details]
patch-against-1.7.8
Comment 5 Huzaifa S. Sidhpurwala 2013-04-04 05:09:21 EDT
This issue affects the version of subversion as shipped with Red Hat Enterprise Linux 5 and 6.

This issue affects the version of subversion as shipped with Fedora 17 and Fedora 18.
Comment 6 Jan Lieskovsky 2013-04-05 08:47:37 EDT
External References:

http://subversion.apache.org/security/CVE-2013-1847-advisory.txt
Comment 8 Jan Lieskovsky 2013-04-05 08:59:24 EDT
Created subversion tracking bugs for this issue

Affects: fedora-all [bug 948813]
Comment 10 errata-xmlrpc 2013-04-11 13:49:23 EDT
This issue has been addressed in following products:

  Red Hat Enterprise Linux 6
  Red Hat Enterprise Linux 5

Via RHSA-2013:0737 https://rhn.redhat.com/errata/RHSA-2013-0737.html

Note You need to log in before you can comment on or make changes to this bug.