Denial of Service Vulnerability in Subversion by Apache
CVE-2015-0202

Currently unrated

Key Information:

Vendor: Apache
Status: Subversion
Vendor: CVE Published:; 8 April 2015

Summary

A vulnerability in the mod_dav_svn server of Apache Subversion versions 1.8.0 through 1.8.11 can be exploited by remote attackers to induce denial of service. This is achieved through the transmission of a high volume of REPORT requests, which results in excessive memory consumption as the service attempts to traverse the FSFS repository nodes.

References

http://www.securityfocus.com/bid/76446

vdb-entryx_refsource_BID

http://www.mandriva.com/security/advisories?name=MDVSA-20...

vendor-advisoryx_refsource_MANDRIVA

http://www.securitytracker.com/id/1032100

vdb-entryx_refsource_SECTRACK

Timeline

Vulnerability published
Apr 8, 2015
Vulnerability Reserved
Nov 18, 2014