CVE-2011-0715

EUVD-2011-0730
The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.16, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a request that contains a lock token.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:N/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 93%
Affected Products (NVD)
VendorProductVersion
apachesubversion
𝑥
≤ 1.6.15
apachesubversion
0.6
apachesubversion
0.7
apachesubversion
0.8
apachesubversion
0.9
apachesubversion
0.10.0
apachesubversion
0.10.1
apachesubversion
0.10.2
apachesubversion
0.11.1
apachesubversion
0.12.0
apachesubversion
0.13.0
apachesubversion
0.13.1
apachesubversion
0.13.2
apachesubversion
0.14.0
apachesubversion
0.14.1
apachesubversion
0.14.2
apachesubversion
0.14.3
apachesubversion
0.14.4
apachesubversion
0.14.5
apachesubversion
0.15
apachesubversion
0.16
apachesubversion
0.16.1
apachesubversion
0.17.0
apachesubversion
0.17.1
apachesubversion
0.18.0
apachesubversion
0.18.1
apachesubversion
0.19.0
apachesubversion
0.19.1
apachesubversion
0.20.0
apachesubversion
0.20.1
apachesubversion
0.21.0
apachesubversion
0.22.0
apachesubversion
0.22.1
apachesubversion
0.22.2
apachesubversion
0.23.0
apachesubversion
0.24.0
apachesubversion
0.24.1
apachesubversion
0.24.2
apachesubversion
0.25.0
apachesubversion
0.26.0
apachesubversion
0.27.0
apachesubversion
0.28.0
apachesubversion
0.28.1
apachesubversion
0.28.2
apachesubversion
0.29.0
apachesubversion
0.30.0
apachesubversion
0.31.0
apachesubversion
0.32.1
apachesubversion
0.33.0
apachesubversion
0.33.1
apachesubversion
0.34.0
apachesubversion
0.35.0
apachesubversion
0.35.1
apachesubversion
0.36.0
apachesubversion
0.37.0
apachesubversion
1.0.0
apachesubversion
1.0.1
apachesubversion
1.0.2
apachesubversion
1.0.3
apachesubversion
1.0.4
apachesubversion
1.0.5
apachesubversion
1.0.6
apachesubversion
1.0.7
apachesubversion
1.0.8
apachesubversion
1.0.9
apachesubversion
1.1.0
apachesubversion
1.1.1
apachesubversion
1.1.2
apachesubversion
1.1.3
apachesubversion
1.1.4
apachesubversion
1.2.0
apachesubversion
1.2.1
apachesubversion
1.2.2
apachesubversion
1.2.3
apachesubversion
1.3.0
apachesubversion
1.3.1
apachesubversion
1.3.2
apachesubversion
1.4.0
apachesubversion
1.4.1
apachesubversion
1.4.2
apachesubversion
1.4.3
apachesubversion
1.4.4
apachesubversion
1.4.5
apachesubversion
1.4.6
apachesubversion
1.5.0
apachesubversion
1.5.1
apachesubversion
1.5.2
apachesubversion
1.5.3
apachesubversion
1.5.4
apachesubversion
1.5.5
apachesubversion
1.5.6
apachesubversion
1.5.7
apachesubversion
1.5.8
apachesubversion
1.6.0
apachesubversion
1.6.1
apachesubversion
1.6.2
apachesubversion
1.6.3
apachesubversion
1.6.4
apachesubversion
1.6.5
apachesubversion
1.6.6
apachesubversion
1.6.7
apachesubversion
1.6.8
apachesubversion
1.6.9
apachesubversion
1.6.10
apachesubversion
1.6.11
apachesubversion
1.6.12
apachesubversion
1.6.13
apachesubversion
1.6.14
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
subversion
bookworm
1.14.2-4
fixed
bullseye
1.14.1-3+deb11u1
fixed
bullseye (security)
1.14.1-3+deb11u1
fixed
sid
1.14.4-2
fixed
trixie
1.14.4-2
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
subversion
dapper
Fixed 1.3.1-3ubuntu1.4
released
hardy
Fixed 1.4.6dfsg1-2ubuntu1.3
released
karmic
Fixed 1.6.5dfsg-1ubuntu1.2
released
lucid
Fixed 1.6.6dfsg-2ubuntu1.2
released
maverick
Fixed 1.6.12dfsg-1ubuntu1.2
released
References
http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056071.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056072.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056736.html
http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html
http://secunia.com/advisories/43583
http://secunia.com/advisories/43603
http://secunia.com/advisories/43672
http://secunia.com/advisories/43794
http://securitytracker.com/id?1025161
http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.479953
http://subversion.apache.org/security/CVE-2011-0715-advisory.txt
http://support.apple.com/kb/HT4723
http://svn.apache.org/repos/asf/subversion/tags/1.6.16/CHANGES
http://svn.apache.org/viewvc?view=revision&revision=1071239
http://svn.apache.org/viewvc?view=revision&revision=1071307
http://svn.haxx.se/dev/archive-2011-03/0122.shtml
http://www.debian.org/security/2011/dsa-2181
http://www.mandriva.com/security/advisories?name=MDVSA-2011:067
http://www.osvdb.org/70964
http://www.securityfocus.com/bid/46734
http://www.ubuntu.com/usn/USN-1096-1
http://www.vupen.com/english/advisories/2011/0567
http://www.vupen.com/english/advisories/2011/0568
http://www.vupen.com/english/advisories/2011/0624
http://www.vupen.com/english/advisories/2011/0660
http://www.vupen.com/english/advisories/2011/0684
http://www.vupen.com/english/advisories/2011/0776
http://www.vupen.com/english/advisories/2011/0885
https://bugzilla.redhat.com/show_bug.cgi?id=680755
https://exchange.xforce.ibmcloud.com/vulnerabilities/65876
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18967
https://rhn.redhat.com/errata/RHSA-2011-0327.html
https://rhn.redhat.com/errata/RHSA-2011-0328.html
http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056071.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056072.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056736.html
http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html
http://secunia.com/advisories/43583
http://secunia.com/advisories/43603
http://secunia.com/advisories/43672
http://secunia.com/advisories/43794
http://securitytracker.com/id?1025161
http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.479953
http://subversion.apache.org/security/CVE-2011-0715-advisory.txt
http://support.apple.com/kb/HT4723
http://svn.apache.org/repos/asf/subversion/tags/1.6.16/CHANGES
http://svn.apache.org/viewvc?view=revision&revision=1071239
http://svn.apache.org/viewvc?view=revision&revision=1071307
http://svn.haxx.se/dev/archive-2011-03/0122.shtml
http://www.debian.org/security/2011/dsa-2181
http://www.mandriva.com/security/advisories?name=MDVSA-2011:067
http://www.osvdb.org/70964
http://www.securityfocus.com/bid/46734
http://www.ubuntu.com/usn/USN-1096-1
http://www.vupen.com/english/advisories/2011/0567
http://www.vupen.com/english/advisories/2011/0568
http://www.vupen.com/english/advisories/2011/0624
http://www.vupen.com/english/advisories/2011/0660
http://www.vupen.com/english/advisories/2011/0684
http://www.vupen.com/english/advisories/2011/0776
http://www.vupen.com/english/advisories/2011/0885
https://bugzilla.redhat.com/show_bug.cgi?id=680755
https://exchange.xforce.ibmcloud.com/vulnerabilities/65876
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18967
https://rhn.redhat.com/errata/RHSA-2011-0327.html
https://rhn.redhat.com/errata/RHSA-2011-0328.html