FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

subversion -- multiple vulnerabilities

Affected packages
1.9.0 <= subversion < 1.9.4
1.0.0 <= subversion < 1.8.15
1.0.0 <= subversion18 < 1.8.15

Details

VuXML ID c8174b63-0d3a-11e6-b06e-d43d7eed0ce2
Discovery 2016-04-21
Entry 2016-04-28

Subversion project reports:

svnserve, the svn:// protocol server, can optionally use the Cyrus SASL library for authentication, integrity protection, and encryption. Due to a programming oversight, authentication against Cyrus SASL would permit the remote user to specify a realm string which is a prefix of the expected realm string.

Subversion's httpd servers are vulnerable to a remotely triggerable crash in the mod_authz_svn module. The crash can occur during an authorization check for a COPY or MOVE request with a specially crafted header value.

This allows remote attackers to cause a denial of service.

References

CVE Name CVE-2016-2167
CVE Name CVE-2016-2168
URL http://subversion.apache.org/security/CVE-2016-2167-advisory.txt
URL http://subversion.apache.org/security/CVE-2016-2168-advisory.txt