Wind River Support Network

HomeDefectsLIN8-3523
Fixed

LIN8-3523 : Security Advisory - subversion - CVE-2016-2168

Created: May 17, 2016    Updated: Dec 3, 2018
Resolved Date: Jul 20, 2016
Found In Version: 8.0
Fix Version: 8.0.0.8
Severity: Standard
Applicable for: Wind River Linux 8
Component/s: Userspace

Description

The req_check_access function in the mod_authz_svn module in the httpd server in Apache Subversion before 1.8.16 and 1.9.x before 1.9.4 allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) via a crafted header in a (1) MOVE or (2) COPY request, involving an authorization check.<a href=http://cwe.mitre.org/data/definitions/476.html>CWE-476: NULL Pointer Dereference</a>

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2168

Other Downloads


CVEs


Live chat
Online