Denial of Service Vulnerability in Apache Subversion mod_dav_svn
CVE-2014-0032

Currently unrated

Key Information:

Vendor: Apache
Status: Subversion
Vendor: CVE Published:; 14 February 2014

Summary

The mod_dav_svn module in Apache Subversion can be exploited to trigger a Denial of Service attack. When the SVNListParentPath directive is enabled, attackers can remotely crash the server using specific request methods, leading to service disruption. This flaw particularly impacts server configurations where the root directory and certain HTTP methods are involved, highlighting the need for careful security configurations and patching of affected versions.

References

http://svn.apache.org/repos/asf/subversion/tags/1.8.6/CHA...

x_refsource_CONFIRM

http://secunia.com/advisories/56822

third-party-advisoryx_refsource_SECUNIA

http://secunia.com/advisories/61321

third-party-advisoryx_refsource_SECUNIA

EPSS Score

31% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Feb 14, 2014
Vulnerability Reserved
Dec 3, 2013