5

CVE-2011-1752

The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.17, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a request for a baselined WebDAV resource, as exploited in the wild in May 2011.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
ApacheSubversion Version < 1.6.17
CanonicalUbuntu Linux Version10.04 SwEdition-
CanonicalUbuntu Linux Version10.10
CanonicalUbuntu Linux Version11.04
DebianDebian Linux Version5.0
DebianDebian Linux Version6.0
FedoraprojectFedora Version14
FedoraprojectFedora Version15
ApplemacOS X Version < 10.7.3
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 8.08% 0.918
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P
CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

http://www.securityfocus.com/bid/48091
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id?1025617
Third Party Advisory
VDB Entry
https://bugzilla.redhat.com/show_bug.cgi?id=709111
Third Party Advisory
Issue Tracking