Red Hat Customer Portal

Skip to main content

CVE-2013-1849

The mod_dav_svn Apache HTTPD server module in Subversion 1.6.x through 1.6.20 and 1.7.0 through 1.7.8 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a PROPFIND request for an activity URL.

Details Source

Mitre

Public Date

2013-03-05 00:00:00

Impact

Moderate

Bugzilla

CVE-2013-1849 Subversion (mod_dav_svn): DoS (crash) via PROPFIND request made against activity URLs

Bugzilla ID

929 093

CVSS Status

verified

Base Score

4.30

Base Metrics

AV:N/AC:M/Au:N/C:N/I:N/A:P

External References

http://subversion.apache.org/security/CVE-2013-1849-advisory.txt

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 5 (subversion) RHSA-2013:0737 2013-04-11
Red Hat Enterprise Linux 6 (subversion) RHSA-2013:0737 2013-04-11