Wind River Support Network

HomeDefectsLIN6-5087

Fixed

LIN6-5087 : Security Advisory - apache - CVE-2013-1849

Created: May 14, 2013 Updated: Dec 3, 2018

Resolved Date: Apr 3, 2014

Previous ID: LIN3-9190

Found In Version: 6.0

Fix Version: 6.0.0.6

Severity: Standard

Applicable for: Wind River Linux 6

Component/s: Userspace

Description

The mod_dav_svn Apache HTTPD server module in Subversion 1.6.x through 1.6.20 and 1.7.0 through 1.7.8 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a PROPFIND request for an activity URL.Per: http://cwe.mitre.org/data/definitions/476.html

'CWE-476: NULL Pointer Dereference'

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-1849

Workaround

Unknown

Steps to Reproduce

Unknown

Other Downloads

Wind River Linux 6.0.0.29
Wind River Linux 6.0.0.30
Wind River Linux 6.0.0.31
Wind River Linux 6.0.0.32
Wind River Linux 6.0.0.33
Wind River Linux 6.0.0.34
Wind River Linux 6.0.0.35
Wind River Linux 6.0.0.36
Wind River Linux 6.0.0.37
Wind River Linux 6.0.0.38