FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

subversion -- remotely triggerable "Assertion failed" DoS vulnerability or read overflow.

Affected packages
1.8.0 <= subversion < 1.8.1
1.7.0 <= subversion < 1.7.11

Details

VuXML ID 2ae24334-f2e6-11e2-8346-001e8c75030d
Discovery 2013-07-19
Entry 2013-07-24
Modified 2013-07-25

Subversion Project reports:

Subversion's mod_dav_svn Apache HTTPD server module will trigger an assertion on some requests made against a revision root. This can lead to a DoS. If assertions are disabled it will trigger a read overflow which may cause a SEGFAULT (or equivalent) or undefined behavior.

Commit access is required to exploit this.

References

CVE Name CVE-2013-4131
URL http://subversion.apache.org/security/CVE-2013-4131-advisory.txt