Bug 929095 (CVE-2013-1884) - CVE-2013-1884 Subversion (mod_dav_svn): DoS (crash) via malformed log REPORT requests
Summary: CVE-2013-1884 Subversion (mod_dav_svn): DoS (crash) via malformed log REPORT ...
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2013-1884
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 948813
Blocks: 929099
TreeView+ depends on / blocked
 
Reported: 2013-03-29 09:11 UTC by Huzaifa S. Sidhpurwala
Modified: 2023-05-11 22:20 UTC (History)
4 users (show)

Fixed In Version: Subversion 1.7.9
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2013-11-18 13:13:26 UTC
Embargoed:

Attachments (Terms of Use)
patch (819 bytes, patch)
2013-03-29 09:12 UTC, Huzaifa S. Sidhpurwala 		no flags Details | Diff
View All

Description Huzaifa S. Sidhpurwala 2013-03-29 09:11:04 UTC 
It was found that Subversion's mod_dav_svn Apache HTTPD server module will crash when a log REPORT request receives a limit that is out of the allowed range. This can lead to a DoS.


Acknowledgements:

Red Hat would like to thank the Apache Subversion for reporting this issue. Upstream acknowledges Greg McMullin, Stefan Fuhrmann, Philip Martin and Ben Reser as the original reporters of this flaw.
Comment 2 Huzaifa S. Sidhpurwala 2013-03-29 09:12:28 UTC 
Created attachment 717976 [details]
patch
Comment 4 Huzaifa S. Sidhpurwala 2013-04-04 09:10:32 UTC 
Statement:

Not Vulnerable. This issue does not affect the version of subversion as shipped with Red Hat Enterprise Linux 5 and 6.
Comment 5 Jan Lieskovsky 2013-04-05 12:52:32 UTC 
External References:
http://subversion.apache.org/security/CVE-2013-1884-advisory.txt
Comment 6 Jan Lieskovsky 2013-04-05 12:53:17 UTC 
Announcement:
http://mail-archives.apache.org/mod_mbox/subversion-announce/201304.mbox/%3CCADkdwvRoyVrZV12tgC0FMGrc6%2BMisd3qTcZ%2BDdpFGgTahkgAkQ%40mail.gmail.com%3E
Comment 7 Jan Lieskovsky 2013-04-05 13:00:49 UTC 
Created subversion tracking bugs for this issue

Affects: fedora-all [bug 948813]
Note You need to log in before you can comment on or make changes to this bug.