CVE-2010-4644

EUVD-2010-4609
Multiple memory leaks in rev_hunt.c in Apache Subversion before 1.6.15 allow remote authenticated users to cause a denial of service (memory consumption and daemon crash) via the -g option to the blame command.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
3.5 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:S/C:N/I:N/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 80%
Affected Products (NVD)
VendorProductVersion
apachesubversion
𝑥
≤ 1.6.14
apachesubversion
0.6
apachesubversion
0.7
apachesubversion
0.8
apachesubversion
0.9
apachesubversion
0.10.0
apachesubversion
0.10.1
apachesubversion
0.10.2
apachesubversion
0.11.1
apachesubversion
0.12.0
apachesubversion
0.13.0
apachesubversion
0.13.1
apachesubversion
0.13.2
apachesubversion
0.14.0
apachesubversion
0.14.1
apachesubversion
0.14.2
apachesubversion
0.14.3
apachesubversion
0.14.4
apachesubversion
0.14.5
apachesubversion
0.15
apachesubversion
0.16
apachesubversion
0.16.1
apachesubversion
0.17.0
apachesubversion
0.17.1
apachesubversion
0.18.0
apachesubversion
0.18.1
apachesubversion
0.19.0
apachesubversion
0.19.1
apachesubversion
0.20.0
apachesubversion
0.20.1
apachesubversion
0.21.0
apachesubversion
0.22.0
apachesubversion
0.22.1
apachesubversion
0.22.2
apachesubversion
0.23.0
apachesubversion
0.24.0
apachesubversion
0.24.1
apachesubversion
0.24.2
apachesubversion
0.25.0
apachesubversion
0.26.0
apachesubversion
0.27.0
apachesubversion
0.28.0
apachesubversion
0.28.1
apachesubversion
0.28.2
apachesubversion
0.29.0
apachesubversion
0.30.0
apachesubversion
0.31.0
apachesubversion
0.32.1
apachesubversion
0.33.0
apachesubversion
0.33.1
apachesubversion
0.34.0
apachesubversion
0.35.0
apachesubversion
0.35.1
apachesubversion
0.36.0
apachesubversion
0.37.0
apachesubversion
1.0.0
apachesubversion
1.0.1
apachesubversion
1.0.2
apachesubversion
1.0.3
apachesubversion
1.0.4
apachesubversion
1.0.5
apachesubversion
1.0.6
apachesubversion
1.0.7
apachesubversion
1.0.8
apachesubversion
1.0.9
apachesubversion
1.1.0
apachesubversion
1.1.1
apachesubversion
1.1.2
apachesubversion
1.1.3
apachesubversion
1.1.4
apachesubversion
1.2.0
apachesubversion
1.2.1
apachesubversion
1.2.2
apachesubversion
1.2.3
apachesubversion
1.3.0
apachesubversion
1.3.1
apachesubversion
1.3.2
apachesubversion
1.4.0
apachesubversion
1.4.1
apachesubversion
1.4.2
apachesubversion
1.4.3
apachesubversion
1.4.4
apachesubversion
1.4.5
apachesubversion
1.4.6
apachesubversion
1.5.0
apachesubversion
1.5.1
apachesubversion
1.5.2
apachesubversion
1.5.3
apachesubversion
1.5.4
apachesubversion
1.5.5
apachesubversion
1.5.6
apachesubversion
1.5.7
apachesubversion
1.5.8
apachesubversion
1.6.0
apachesubversion
1.6.1
apachesubversion
1.6.2
apachesubversion
1.6.3
apachesubversion
1.6.4
apachesubversion
1.6.5
apachesubversion
1.6.6
apachesubversion
1.6.7
apachesubversion
1.6.8
apachesubversion
1.6.9
apachesubversion
1.6.10
apachesubversion
1.6.11
apachesubversion
1.6.12
apachesubversion
1.6.13
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
subversion
bookworm
1.14.2-4
fixed
bullseye
1.14.1-3+deb11u1
fixed
bullseye (security)
1.14.1-3+deb11u1
fixed
lenny
no-dsa
sid
1.14.4-2
fixed
trixie
1.14.4-2
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
subversion
dapper
not-affected
hardy
not-affected
karmic
Fixed 1.6.5dfsg-1ubuntu1.1
released
lucid
Fixed 1.6.6dfsg-2ubuntu1.1
released
maverick
Fixed 1.6.12dfsg-1ubuntu1.1
released
Common Weakness Enumeration
References
http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053230.html
http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html
http://mail-archives.apache.org/mod_mbox/subversion-users/201011.mbox/%3C4CD33B61.7030203%40thepond.com%3E
http://mail-archives.apache.org/mod_mbox/www-announce/201011.mbox/%3CAANLkTi=5+NOi-Cp=fKCx6mAW-TofFVW=ikEQkXgQB8Bt%40mail.gmail.com%3E
http://openwall.com/lists/oss-security/2011/01/02/1
http://openwall.com/lists/oss-security/2011/01/04/10
http://openwall.com/lists/oss-security/2011/01/04/8
http://openwall.com/lists/oss-security/2011/01/05/4
http://secunia.com/advisories/42780
http://secunia.com/advisories/42969
http://secunia.com/advisories/43115
http://secunia.com/advisories/43139
http://secunia.com/advisories/43346
http://svn.apache.org/repos/asf/subversion/tags/1.6.15/CHANGES
http://svn.apache.org/viewvc?view=revision&revision=1032808
http://svn.haxx.se/dev/archive-2010-11/0102.shtml
http://www.mandriva.com/security/advisories?name=MDVSA-2011:006
http://www.redhat.com/support/errata/RHSA-2011-0257.html
http://www.redhat.com/support/errata/RHSA-2011-0258.html
http://www.securityfocus.com/bid/45655
http://www.securitytracker.com/id?1024935
http://www.ubuntu.com/usn/USN-1053-1
http://www.vupen.com/english/advisories/2011/0015
http://www.vupen.com/english/advisories/2011/0103
http://www.vupen.com/english/advisories/2011/0162
http://www.vupen.com/english/advisories/2011/0264
https://exchange.xforce.ibmcloud.com/vulnerabilities/64473
http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053230.html
http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html
http://mail-archives.apache.org/mod_mbox/subversion-users/201011.mbox/%3C4CD33B61.7030203%40thepond.com%3E
http://mail-archives.apache.org/mod_mbox/www-announce/201011.mbox/%3CAANLkTi=5+NOi-Cp=fKCx6mAW-TofFVW=ikEQkXgQB8Bt%40mail.gmail.com%3E
http://openwall.com/lists/oss-security/2011/01/02/1
http://openwall.com/lists/oss-security/2011/01/04/10
http://openwall.com/lists/oss-security/2011/01/04/8
http://openwall.com/lists/oss-security/2011/01/05/4
http://secunia.com/advisories/42780
http://secunia.com/advisories/42969
http://secunia.com/advisories/43115
http://secunia.com/advisories/43139
http://secunia.com/advisories/43346
http://svn.apache.org/repos/asf/subversion/tags/1.6.15/CHANGES
http://svn.apache.org/viewvc?view=revision&revision=1032808
http://svn.haxx.se/dev/archive-2010-11/0102.shtml
http://www.mandriva.com/security/advisories?name=MDVSA-2011:006
http://www.redhat.com/support/errata/RHSA-2011-0257.html
http://www.redhat.com/support/errata/RHSA-2011-0258.html
http://www.securityfocus.com/bid/45655
http://www.securitytracker.com/id?1024935
http://www.ubuntu.com/usn/USN-1053-1
http://www.vupen.com/english/advisories/2011/0015
http://www.vupen.com/english/advisories/2011/0103
http://www.vupen.com/english/advisories/2011/0162
http://www.vupen.com/english/advisories/2011/0264
https://exchange.xforce.ibmcloud.com/vulnerabilities/64473