Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-1752

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2011-1752
Last Modified 02 Nov 2013 11:13:08
Published 06 Jun 2011 03:55:01
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2011-1752

Summary

The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.17, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a request for a baselined WebDAV resource, as exploited in the wild in May 2011.

Vulnerable Systems

Application

  • Apache Http Server

  • Apache Subversion 0.10.0

  • Apache Subversion 0.10.1

  • Apache Subversion 0.10.2

  • Apache Subversion 0.11.1

  • Apache Subversion 0.12.0

  • Apache Subversion 0.13.0

  • Apache Subversion 0.13.1

  • Apache Subversion 0.13.2

  • Apache Subversion 0.14.0

  • Apache Subversion 0.14.1

  • Apache Subversion 0.14.2

  • Apache Subversion 0.14.3

  • Apache Subversion 0.14.4

  • Apache Subversion 0.14.5

  • Apache Subversion 0.15

  • Apache Subversion 0.16

  • Apache Subversion 0.16.1

  • Apache Subversion 0.17.0

  • Apache Subversion 0.17.1

  • Apache Subversion 0.18.0

  • Apache Subversion 0.18.1

  • Apache Subversion 0.19.0

  • Apache Subversion 0.19.1

  • Apache Subversion 0.20.0

  • Apache Subversion 0.20.1

  • Apache Subversion 0.21.0

  • Apache Subversion 0.22.0

  • Apache Subversion 0.22.1

  • Apache Subversion 0.22.2

  • Apache Subversion 0.23.0

  • Apache Subversion 0.24.0

  • Apache Subversion 0.24.1

  • Apache Subversion 0.24.2

  • Apache Subversion 0.25.0

  • Apache Subversion 0.26.0

  • Apache Subversion 0.27.0

  • Apache Subversion 0.28.0

  • Apache Subversion 0.28.1

  • Apache Subversion 0.28.2

  • Apache Subversion 0.29.0

  • Apache Subversion 0.30.0

  • Apache Subversion 0.31.0

  • Apache Subversion 0.32.1

  • Apache Subversion 0.33.0

  • Apache Subversion 0.33.1

  • Apache Subversion 0.34.0

  • Apache Subversion 0.35.0

  • Apache Subversion 0.35.1

  • Apache Subversion 0.36.0

  • Apache Subversion 0.37.0

  • Apache Subversion 0.6

  • Apache Subversion 0.7

  • Apache Subversion 0.8

  • Apache Subversion 0.9

  • Apache Subversion 1.0.0

  • Apache Subversion 1.0.1

  • Apache Subversion 1.0.2

  • Apache Subversion 1.0.3

  • Apache Subversion 1.0.4

  • Apache Subversion 1.0.5

  • Apache Subversion 1.0.6

  • Apache Subversion 1.0.7

  • Apache Subversion 1.0.8

  • Apache Subversion 1.0.9

  • Apache Subversion 1.1.0

  • Apache Subversion 1.1.1

  • Apache Subversion 1.1.2

  • Apache Subversion 1.1.3

  • Apache Subversion 1.1.4

  • Apache Subversion 1.2.0

  • Apache Subversion 1.2.1

  • Apache Subversion 1.2.2

  • Apache Subversion 1.2.3

  • Apache Subversion 1.3.0

  • Apache Subversion 1.3.1

  • Apache Subversion 1.3.2

  • Apache Subversion 1.4.0

  • Apache Subversion 1.4.1

  • Apache Subversion 1.4.2

  • Apache Subversion 1.4.3

  • Apache Subversion 1.4.4

  • Apache Subversion 1.4.5

  • Apache Subversion 1.4.6

  • Apache Subversion 1.5.0

  • Apache Subversion 1.5.1

  • Apache Subversion 1.5.2

  • Apache Subversion 1.5.3

  • Apache Subversion 1.5.4

  • Apache Subversion 1.5.5

  • Apache Subversion 1.5.6

  • Apache Subversion 1.5.7

  • Apache Subversion 1.5.8

  • Apache Subversion 1.6.0

  • Apache Subversion 1.6.1

  • Apache Subversion 1.6.10

  • Apache Subversion 1.6.11

  • Apache Subversion 1.6.12

  • Apache Subversion 1.6.13

  • Apache Subversion 1.6.14

  • Apache Subversion 1.6.15

  • Apache Subversion 1.6.16

  • Apache Subversion 1.6.2

  • Apache Subversion 1.6.3

  • Apache Subversion 1.6.4

  • Apache Subversion 1.6.5

  • Apache Subversion 1.6.6

  • Apache Subversion 1.6.7

  • Apache Subversion 1.6.8

  • Apache Subversion 1.6.9

  • Apache Subversion M1

  • Apache Subversion M2

  • Apache Subversion M3

  • Apache Subversion M4%2fm5


References

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=709111

UBUNTU - USN-1144-1

SECTRACK - 1025617

BID - 48091

REDHAT - RHSA-2011:0862

REDHAT - RHSA-2011:0861

MANDRIVA - MDVSA-2011:106

DEBIAN - DSA-2251

CONFIRM - http://svn.apache.org/repos/asf/subversion/tags/1.6.17/CHANGES

CONFIRM - http://subversion.apache.org/security/CVE-2011-1752-advisory.txt

SECUNIA - 45162

SECUNIA - 44888

SECUNIA - 44879

SECUNIA - 44849

SECUNIA - 44681

SECUNIA - 44633

FEDORA - FEDORA-2011-8352

FEDORA - FEDORA-2011-8341

CONFIRM - http://support.apple.com/kb/HT5130

APPLE - APPLE-SA-2012-02-01-1

Related Patches

Apple 2012-02-01 Mac OS X Server 10.7.3 Update

Apple 2012-02-01 Mac OS X 10.7.3 Update

Apple 2012-02-01 Mac OS X Server 10.7.3 Combo Update

Apple 2012-02-01 Mac OS X 10.7.3 Combo Update

Apple 2012-02-01 Security Update 2012-001 v1.1 Server (Snow Leopard)

Apple 2012-02-01 Security Update 2012-001 v1.1 (Snow Leopard)

Red Hat 2011:0862-01 RHSA Moderate: subversion security update for RHEL 5 x86


Last Updated: 27 May 2016 10:58:08