Vulnerabilities > CVE-2011-0715 - Denial Of Service vulnerability in Subversion 'mod_dav_svn' Apache Server NULL Pointer Dereference
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.16, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a request that contains a lock token. Per: http://cwe.mitre.org/data/definitions/476.html 'CWE-476: NULL Pointer Dereference'
Vulnerable Configurations
Nessus
NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201309-11.NASL description The remote host is affected by the vulnerability described in GLSA-201309-11 (Subversion: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Subversion. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could cause a Denial of Service condition or obtain sensitive information. A local attacker could escalate his privileges to the user running svnserve. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 70084 published 2013-09-24 reporter This script is Copyright (C) 2013-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/70084 title GLSA-201309-11 : Subversion: Multiple vulnerabilities code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Gentoo Linux Security Advisory GLSA 201309-11. # # The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc. # and licensed under the Creative Commons - Attribution / Share Alike # license. See http://creativecommons.org/licenses/by-sa/3.0/ # include("compat.inc"); if (description) { script_id(70084); script_version("1.7"); script_cvs_date("Date: 2018/07/11 17:09:26"); script_cve_id("CVE-2010-4539", "CVE-2010-4644", "CVE-2011-0715", "CVE-2011-1752", "CVE-2011-1783", "CVE-2011-1921", "CVE-2013-1845", "CVE-2013-1846", "CVE-2013-1847", "CVE-2013-1849", "CVE-2013-1884", "CVE-2013-1968", "CVE-2013-2088", "CVE-2013-2112", "CVE-2013-4131", "CVE-2013-4277"); script_bugtraq_id(45655, 46734, 48091, 58323, 58895, 58896, 58897, 58898, 60264, 60265, 60267, 61454, 62266); script_xref(name:"GLSA", value:"201309-11"); script_name(english:"GLSA-201309-11 : Subversion: Multiple vulnerabilities"); script_summary(english:"Checks for updated package(s) in /var/db/pkg"); script_set_attribute( attribute:"synopsis", value: "The remote Gentoo host is missing one or more security-related patches." ); script_set_attribute( attribute:"description", value: "The remote host is affected by the vulnerability described in GLSA-201309-11 (Subversion: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Subversion. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could cause a Denial of Service condition or obtain sensitive information. A local attacker could escalate his privileges to the user running svnserve. Workaround : There is no known workaround at this time." ); script_set_attribute( attribute:"see_also", value:"https://security.gentoo.org/glsa/201309-11" ); script_set_attribute( attribute:"solution", value: "All Subversion users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=dev-vcs/subversion-1.7.13'" ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:subversion"); script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux"); script_set_attribute(attribute:"patch_publication_date", value:"2013/09/23"); script_set_attribute(attribute:"plugin_publication_date", value:"2013/09/24"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc."); script_family(english:"Gentoo Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("qpkg.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo"); if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (qpkg_check(package:"dev-vcs/subversion", unaffected:make_list("ge 1.7.13"), vulnerable:make_list("lt 1.7.13"))) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get()); else security_hole(0); exit(0); } else { tested = qpkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "Subversion"); }NASL family MacOS X Local Security Checks NASL id MACOSX_SECUPD2011-004.NASL description The remote host is running a version of Mac OS X 10.5 that does not have Security Update 2011-004 applied. This update contains security- related fixes for the following components : - AirPort - App Store - ColorSync - CoreGraphics - ImageIO - Libsystem - libxslt - MySQL - patch - Samba - servermgrd - subversion last seen 2020-06-01 modified 2020-06-02 plugin id 55415 published 2011-06-24 reporter This script is Copyright (C) 2011-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/55415 title Mac OS X Multiple Vulnerabilities (Security Update 2011-004) NASL family Mandriva Local Security Checks NASL id MANDRIVA_MDVSA-2011-067.NASL description A vulnerability was discovered and corrected in subversion : The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.16, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a request that contains a lock token (CVE-2011-0715). Additionally for Corporate Server 4 and Enterprise Server 5 subversion have been upgraded to the 1.6.16 version due to of numerous upstream fixes and new features, the serf packages has also been upgraded to the now required 0.3.0 version. Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149 products_id=490 The updated packages have been upgraded to the 1.6.16 version which is not vulnerable to this issue. last seen 2020-06-01 modified 2020-06-02 plugin id 53309 published 2011-04-07 reporter This script is Copyright (C) 2011-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/53309 title Mandriva Linux Security Advisory : subversion (MDVSA-2011:067) NASL family Scientific Linux Local Security Checks NASL id SL_20110308_SUBVERSION_ON_SL5_X.NASL description A NULL pointer dereference flaw was found in the way the mod_dav_svn module processed certain requests to lock working copy paths in a repository. A remote attacker could issue a lock request that could cause the httpd process serving the request to crash. (CVE-2011-0715) This update also fixes the following bug : - A regression was found in the handling of repositories which do not have a last seen 2020-06-01 modified 2020-06-02 plugin id 60982 published 2012-08-01 reporter This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/60982 title Scientific Linux Security Update : subversion on SL5.x i386/x86_64 NASL family Debian Local Security Checks NASL id DEBIAN_DSA-2181.NASL description Philip Martin discovered that HTTP-based Subversion servers crash when processing lock requests on repositories which support unauthenticated read access. last seen 2020-03-17 modified 2011-03-07 plugin id 52548 published 2011-03-07 reporter This script is Copyright (C) 2011-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/52548 title Debian DSA-2181-1 : subversion - denial of service NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-1096-1.NASL description Philip Martin discovered that the Subversion mod_dav_svn module for Apache did not properly handle certain requests containing a lock token. A remote attacker could use this flaw to cause the service to crash, leading to a denial of service. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 53220 published 2011-03-30 reporter Ubuntu Security Notice (C) 2011-2019 Canonical, Inc. / NASL script (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/53220 title Ubuntu 6.06 LTS / 8.04 LTS / 9.10 / 10.04 LTS / 10.10 : subversion vulnerability (USN-1096-1) NASL family SuSE Local Security Checks NASL id SUSE_CVS2SVN-7560.NASL description Subversion was updated to fix several security issues : - The mod_dav_svn Apache HTTPD server module can be crashed though when asked to deliver baselined WebDAV resources. (CVE-2011-1752) - The mod_dav_svn Apache HTTPD server module can trigger a loop which consumes all available memory on the system. (CVE-2011-1783) - Remote attackers could crash an svn server by causing a NULL deref. (CVE-2011-0715) last seen 2020-06-01 modified 2020-06-02 plugin id 57173 published 2011-12-13 reporter This script is Copyright (C) 2011-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/57173 title SuSE 10 Security Update : subversion (ZYPP Patch Number 7560) NASL family SuSE Local Security Checks NASL id SUSE_11_4_LIBSVN_AUTH_GNOME_KEYRING-1-0-110309.NASL description Remote attackers could crash an svn server by causing a NULL deref (CVE-2011-0715). last seen 2020-06-01 modified 2020-06-02 plugin id 75922 published 2014-06-13 reporter This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/75922 title openSUSE Security Update : libsvn_auth_gnome_keyring-1-0 (openSUSE-SU-2011:0238-1) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2011-0328.NASL description From Red Hat Security Advisory 2011:0328 : Updated subversion packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. Subversion (SVN) is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. The mod_dav_svn module is used with the Apache HTTP Server to allow access to Subversion repositories via HTTP. A NULL pointer dereference flaw was found in the way the mod_dav_svn module processed certain requests to lock working copy paths in a repository. A remote attacker could issue a lock request that could cause the httpd process serving the request to crash. (CVE-2011-0715) Red Hat would like to thank Hyrum Wright of the Apache Subversion project for reporting this issue. Upstream acknowledges Philip Martin, WANdisco, Inc. as the original reporter. All Subversion users should upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the updated packages, you must restart the httpd daemon, if you are using mod_dav_svn, for the update to take effect. last seen 2020-06-01 modified 2020-06-02 plugin id 68221 published 2013-07-12 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/68221 title Oracle Linux 6 : subversion (ELSA-2011-0328) NASL family Fedora Local Security Checks NASL id FEDORA_2011-2657.NASL description A NULL pointer dereference flaw was found in the way the mod_dav_svn module processed certain requests to lock working copy paths in a repository. A remote attacker could issue a lock request that could cause the httpd process serving the request to crash. (CVE-2011-0715) The Fedora Project would like to thank Hyrum Wright of the Apache Subversion project for reporting this issue. Upstream acknowledges Philip Martin, WANdisco, Inc. as the original reporter. Several bugs are also fixed in this update : - more improvement to the last seen 2020-06-01 modified 2020-06-02 plugin id 52692 published 2011-03-17 reporter This script is Copyright (C) 2011-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/52692 title Fedora 14 : subversion-1.6.16-1.fc14 (2011-2657) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2011-0327.NASL description Updated subversion packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. Subversion (SVN) is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. The mod_dav_svn module is used with the Apache HTTP Server to allow access to Subversion repositories via HTTP. A NULL pointer dereference flaw was found in the way the mod_dav_svn module processed certain requests to lock working copy paths in a repository. A remote attacker could issue a lock request that could cause the httpd process serving the request to crash. (CVE-2011-0715) Red Hat would like to thank Hyrum Wright of the Apache Subversion project for reporting this issue. Upstream acknowledges Philip Martin, WANdisco, Inc. as the original reporter. This update also fixes the following bug : * A regression was found in the handling of repositories which do not have a last seen 2020-06-01 modified 2020-06-02 plugin id 52594 published 2011-03-09 reporter This script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/52594 title RHEL 5 : subversion (RHSA-2011:0327) NASL family FreeBSD Local Security Checks NASL id FREEBSD_PKG_E27CA763472111E0BDC4001E8C75030D.NASL description Subversion project reports : Subversion HTTP servers up to 1.5.9 (inclusive) or 1.6.15 (inclusive) are vulnerable to a remotely triggerable NULL pointer dereference. last seen 2020-06-01 modified 2020-06-02 plugin id 52563 published 2011-03-07 reporter This script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/52563 title FreeBSD : subversion -- remote HTTP DoS vulnerability (e27ca763-4721-11e0-bdc4-001e8c75030d) NASL family Fedora Local Security Checks NASL id FEDORA_2011-3775.NASL description A NULL pointer dereference flaw was found in the way the mod_dav_svn module processed certain requests to lock working copy paths in a repository. A remote attacker could issue a lock request that could cause the httpd process serving the request to crash. (CVE-2011-0715) The Fedora Project would like to thank Hyrum Wright of the Apache Subversion project for reporting this issue. Upstream acknowledges Philip Martin, WANdisco, Inc. as the original reporter. Several bugs are also fixed in this update : - more improvement to the last seen 2020-06-01 modified 2020-06-02 plugin id 52985 published 2011-03-27 reporter This script is Copyright (C) 2011-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/52985 title Fedora 15 : subversion-1.6.16-1.fc15 (2011-3775) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2011-0328.NASL description Updated subversion packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. Subversion (SVN) is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. The mod_dav_svn module is used with the Apache HTTP Server to allow access to Subversion repositories via HTTP. A NULL pointer dereference flaw was found in the way the mod_dav_svn module processed certain requests to lock working copy paths in a repository. A remote attacker could issue a lock request that could cause the httpd process serving the request to crash. (CVE-2011-0715) Red Hat would like to thank Hyrum Wright of the Apache Subversion project for reporting this issue. Upstream acknowledges Philip Martin, WANdisco, Inc. as the original reporter. All Subversion users should upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the updated packages, you must restart the httpd daemon, if you are using mod_dav_svn, for the update to take effect. last seen 2020-06-01 modified 2020-06-02 plugin id 52595 published 2011-03-09 reporter This script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/52595 title RHEL 6 : subversion (RHSA-2011:0328) NASL family SuSE Local Security Checks NASL id SUSE_11_3_LIBSVN_AUTH_GNOME_KEYRING-1-0-110607.NASL description - CVE-2011-1752: The mod_dav_svn Apache HTTPD server module can be crashed though when asked to deliver baselined WebDAV resources. - CVE-2011-1783: The mod_dav_svn Apache HTTPD server module can trigger a loop which consumes all available memory on the system. - CVE-2011-1921: The mod_dav_svn Apache HTTPD server module may leak to remote users the file contents of files configured to be unreadable by those users. - CVE-2011-0715: Remote attackers could crash an svn server by causing a NULL deref last seen 2020-06-01 modified 2020-06-02 plugin id 75617 published 2014-06-13 reporter This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/75617 title openSUSE Security Update : libsvn_auth_gnome_keyring-1-0 (openSUSE-SU-2011:0693-1) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2011-0327.NASL description Updated subversion packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. Subversion (SVN) is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. The mod_dav_svn module is used with the Apache HTTP Server to allow access to Subversion repositories via HTTP. A NULL pointer dereference flaw was found in the way the mod_dav_svn module processed certain requests to lock working copy paths in a repository. A remote attacker could issue a lock request that could cause the httpd process serving the request to crash. (CVE-2011-0715) Red Hat would like to thank Hyrum Wright of the Apache Subversion project for reporting this issue. Upstream acknowledges Philip Martin, WANdisco, Inc. as the original reporter. This update also fixes the following bug : * A regression was found in the handling of repositories which do not have a last seen 2020-06-01 modified 2020-06-02 plugin id 53425 published 2011-04-15 reporter This script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/53425 title CentOS 5 : subversion (CESA-2011:0327) NASL family MacOS X Local Security Checks NASL id MACOSX_10_6_8.NASL description The remote host is running a version of Mac OS X 10.6.x that is prior to 10.6.8. This update contains security-related fixes for the following components : - App Store - ATS - Certificate Trust Policy - CoreFoundation - CoreGraphics - FTP Server - ImageIO - International Components for Unicode - Kernel - Libsystem - libxslt - MobileMe - MySQL - OpenSSL - patch - QuickLook - QuickTime - Samba - servermgrd - subversion last seen 2020-06-01 modified 2020-06-02 plugin id 55416 published 2011-06-24 reporter This script is Copyright (C) 2011-2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/55416 title Mac OS X 10.6.x < 10.6.8 Multiple Vulnerabilities NASL family Fedora Local Security Checks NASL id FEDORA_2011-2698.NASL description A NULL pointer dereference flaw was found in the way the mod_dav_svn module processed certain requests to lock working copy paths in a repository. A remote attacker could issue a lock request that could cause the httpd process serving the request to crash. (CVE-2011-0715) The Fedora Project would like to thank Hyrum Wright of the Apache Subversion project for reporting this issue. Upstream acknowledges Philip Martin, WANdisco, Inc. as the original reporter. Several bugs are also fixed in this update : - more improvement to the last seen 2020-06-01 modified 2020-06-02 plugin id 52693 published 2011-03-17 reporter This script is Copyright (C) 2011-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/52693 title Fedora 13 : subversion-1.6.16-1.fc13 (2011-2698) NASL family Slackware Local Security Checks NASL id SLACKWARE_SSA_2011-070-01.NASL description New subversion packages are available for Slackware 12.0, 12.1, 12.2, 13.0, 13.1, and -current to fix a security issue. last seen 2020-06-01 modified 2020-06-02 plugin id 52635 published 2011-03-14 reporter This script is Copyright (C) 2011-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/52635 title Slackware 12.0 / 12.1 / 12.2 / 13.0 / 13.1 / current : subversion (SSA:2011-070-01) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2011-0327.NASL description From Red Hat Security Advisory 2011:0327 : Updated subversion packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. Subversion (SVN) is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. The mod_dav_svn module is used with the Apache HTTP Server to allow access to Subversion repositories via HTTP. A NULL pointer dereference flaw was found in the way the mod_dav_svn module processed certain requests to lock working copy paths in a repository. A remote attacker could issue a lock request that could cause the httpd process serving the request to crash. (CVE-2011-0715) Red Hat would like to thank Hyrum Wright of the Apache Subversion project for reporting this issue. Upstream acknowledges Philip Martin, WANdisco, Inc. as the original reporter. This update also fixes the following bug : * A regression was found in the handling of repositories which do not have a last seen 2020-06-01 modified 2020-06-02 plugin id 68220 published 2013-07-12 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/68220 title Oracle Linux 5 : subversion (ELSA-2011-0327)
Oval
| accepted | 2015-05-04T04:00:12.671-04:00 | ||||||||
| class | vulnerability | ||||||||
| contributors |
| ||||||||
| definition_extensions |
| ||||||||
| description | The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.16, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a request that contains a lock token. | ||||||||
| family | windows | ||||||||
| id | oval:org.mitre.oval:def:18967 | ||||||||
| status | accepted | ||||||||
| submitted | 2013-10-02T13:00:00 | ||||||||
| title | Apache Subversion vulnerability before 1.6.16 in VisualSVN Server (CVE-2011-0715) | ||||||||
| version | 8 |
Redhat
| advisories |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| rpms |
|
References
- http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html
- http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056071.html
- http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056072.html
- http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056736.html
- http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html
- http://secunia.com/advisories/43583
- http://secunia.com/advisories/43603
- http://secunia.com/advisories/43672
- http://secunia.com/advisories/43794
- http://securitytracker.com/id?1025161
- http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.479953
- http://subversion.apache.org/security/CVE-2011-0715-advisory.txt
- http://support.apple.com/kb/HT4723
- http://svn.apache.org/repos/asf/subversion/tags/1.6.16/CHANGES
- http://svn.apache.org/viewvc?view=revision&revision=1071239
- http://svn.apache.org/viewvc?view=revision&revision=1071307
- http://svn.haxx.se/dev/archive-2011-03/0122.shtml
- http://www.debian.org/security/2011/dsa-2181
- http://www.mandriva.com/security/advisories?name=MDVSA-2011:067
- http://www.osvdb.org/70964
- http://www.securityfocus.com/bid/46734
- http://www.ubuntu.com/usn/USN-1096-1
- http://www.vupen.com/english/advisories/2011/0567
- http://www.vupen.com/english/advisories/2011/0568
- http://www.vupen.com/english/advisories/2011/0624
- http://www.vupen.com/english/advisories/2011/0660
- http://www.vupen.com/english/advisories/2011/0684
- http://www.vupen.com/english/advisories/2011/0776
- http://www.vupen.com/english/advisories/2011/0885
- https://bugzilla.redhat.com/show_bug.cgi?id=680755
- https://exchange.xforce.ibmcloud.com/vulnerabilities/65876
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18967
- https://rhn.redhat.com/errata/RHSA-2011-0327.html
- https://rhn.redhat.com/errata/RHSA-2011-0328.html