2017-10-16 12:31:07 -04:00
{
2019-03-18 05:44:54 +00:00
"CVE_data_meta" : {
"ASSIGNER" : "secalert@redhat.com" ,
"ID" : "CVE-2014-0032" ,
"STATE" : "PUBLIC"
} ,
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a" ,
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
} ,
"vendor_name" : "n/a"
}
2017-10-16 12:31:07 -04:00
]
2019-03-18 05:44:54 +00:00
}
} ,
"data_format" : "MITRE" ,
"data_type" : "CVE" ,
"data_version" : "4.0" ,
"description" : {
"description_data" : [
{
"lang" : "eng" ,
"value" : "The get_resource function in repos.c in the mod_dav_svn module in Apache Subversion before 1.7.15 and 1.8.x before 1.8.6, when SVNListParentPath is enabled, allows remote attackers to cause a denial of service (crash) via vectors related to the server root and request methods other than GET, as demonstrated by the \"svn ls http://svn.example.com\" command."
}
]
} ,
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng" ,
"value" : "n/a"
}
]
}
]
} ,
"references" : {
"reference_data" : [
{
"name" : "http://svn.apache.org/repos/asf/subversion/tags/1.8.6/CHANGES" ,
"refsource" : "CONFIRM" ,
"url" : "http://svn.apache.org/repos/asf/subversion/tags/1.8.6/CHANGES"
} ,
{
"name" : "56822" ,
"refsource" : "SECUNIA" ,
"url" : "http://secunia.com/advisories/56822"
} ,
{
"name" : "61321" ,
"refsource" : "SECUNIA" ,
"url" : "http://secunia.com/advisories/61321"
} ,
{
"name" : "USN-2316-1" ,
"refsource" : "UBUNTU" ,
"url" : "http://www.ubuntu.com/usn/USN-2316-1"
} ,
{
"name" : "102927" ,
"refsource" : "OSVDB" ,
"url" : "http://www.osvdb.org/102927"
} ,
{
"name" : "RHSA-2014:0255" ,
"refsource" : "REDHAT" ,
"url" : "http://rhn.redhat.com/errata/RHSA-2014-0255.html"
} ,
{
"name" : "[subversion-dev] 20140110 2 Re: Segfault in mod_dav_svn with repositories on /" ,
"refsource" : "MLIST" ,
"url" : "http://mail-archives.apache.org/mod_mbox/subversion-dev/201401.mbox/%3C52D328AB.8090502@reser.org%3E"
} ,
{
"name" : "http://svn.apache.org/viewvc?view=revision&revision=1557320" ,
"refsource" : "CONFIRM" ,
"url" : "http://svn.apache.org/viewvc?view=revision&revision=1557320"
} ,
{
"name" : "65434" ,
"refsource" : "BID" ,
"url" : "http://www.securityfocus.com/bid/65434"
} ,
{
"name" : "http://support.apple.com/kb/HT6444" ,
"refsource" : "CONFIRM" ,
"url" : "http://support.apple.com/kb/HT6444"
} ,
{
"name" : "[subversion-dev] 20140110 Sin mod_dav_svn with repositories on /" ,
"refsource" : "MLIST" ,
"url" : "http://mail-archives.apache.org/mod_mbox/subversion-dev/201401.mbox/%3CCANvU9scLHr2yOLABW8q6_wNzhEf7pWM=NiavGcobqvUuyhKyAA@mail.gmail.com%3E"
} ,
{
"name" : "openSUSE-SU-2014:0307" ,
"refsource" : "SUSE" ,
"url" : "http://lists.opensuse.org/opensuse-updates/2014-02/msg00086.html"
} ,
{
"name" : "60722" ,
"refsource" : "SECUNIA" ,
"url" : "http://secunia.com/advisories/60722"
} ,
{
"name" : "[subversion-dev] 20140110 Re: Segfault in mod_dav_svn with repositories on /" ,
"refsource" : "MLIST" ,
"url" : "http://mail-archives.apache.org/mod_mbox/subversion-dev/201401.mbox/%3C871u0gqb0d.fsf@ntlworld.com%3E"
} ,
{
"name" : "http://svn.apache.org/repos/asf/subversion/tags/1.7.15/CHANGES" ,
"refsource" : "CONFIRM" ,
"url" : "http://svn.apache.org/repos/asf/subversion/tags/1.7.15/CHANGES"
} ,
{
"name" : "apache-subversion-cve20140032-dos(90986)" ,
"refsource" : "XF" ,
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/90986"
} ,
{
"name" : "openSUSE-SU-2014:0334" ,
"refsource" : "SUSE" ,
"url" : "http://lists.opensuse.org/opensuse-updates/2014-03/msg00011.html"
} ,
{
"name" : "GLSA-201610-05" ,
"refsource" : "GENTOO" ,
"url" : "https://security.gentoo.org/glsa/201610-05"
} ,
{
"name" : "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html" ,
"refsource" : "CONFIRM" ,
"url" : "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
}
]
}
}
