Vigil@nce - Apache Subversion: buffer overflow of mod_dav_svn
February 2016 by Vigil@nce
This bulletin was written by Vigil@nce : https://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An authenticated attacker can generate a buffer overflow in the
mod_dav_svn module of Apache Subversion, in order to trigger a
denial of service, and possibly to run code.
– Impacted products: Subversion, Debian, Fedora, openSUSE, openSUSE
Leap.
– Severity: 2/4.
– Creation date: 16/12/2015.
DESCRIPTION OF THE VULNERABILITY
The Apache Subversion product uses the mod_dav_svn module to be
accessed with a web client.
However, an attacker with a write access can send a query too
large. An overflow thus occurs in the subversion/mod_dav_svn/util.c
file.
An authenticated attacker can therefore generate a buffer overflow
in the mod_dav_svn module of Apache Subversion, in order to
trigger a denial of service, and possibly to run code.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
https://vigilance.fr/vulnerability/Apache-Subversion-buffer-overflow-of-mod-dav-svn-18537