FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-05-17 11:57:46 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
e27ca763-4721-11e0-bdc4-001e8c75030d	subversion -- remote HTTP DoS vulnerability Subversion project reports: Subversion HTTP servers up to 1.5.9 (inclusive) or 1.6.15 (inclusive) are vulnerable to a remotely triggerable NULL-pointer dereference. Discovery 2011-02-27 Entry 2011-03-05 subversion ge 1.6 le 1.6.15 ge 1.5 le 1.6.9 subversion-freebsd ge 1.6 le 1.6.15 ge 1.5 le 1.6.9 CVE-2011-0715
e27a1af3-8d21-11e0-a45d-001e8c75030d	Subversion -- multiple vulnerabilities Subversion team reports: Subversion's mod_dav_svn Apache HTTPD server module will dereference a NULL pointer if asked to deliver baselined WebDAV resources. This can lead to a DoS. An exploit has been tested, and tools or users have been observed triggering this problem in the wild. Subversion's mod_dav_svn Apache HTTPD server module may in certain scenarios enter a logic loop which does not exit and which allocates memory in each iteration, ultimately exhausting all the available memory on the server. This can lead to a DoS. There are no known instances of this problem being observed in the wild, but an exploit has been tested. Subversion's mod_dav_svn Apache HTTPD server module may leak to remote users the file contents of files configured to be unreadable by those users. There are no known instances of this problem being observed in the wild, but an exploit has been tested. Discovery 2011-05-28 Entry 2011-06-02 subversion < 1.6.17 subversion-freebsd < 1.6.17 CVE-2011-1752 CVE-2011-1783 CVE-2011-1921
71612099-1e93-11e0-a587-001b77d09812	subversion -- multiple DoS Entry for CVE-2010-4539 says: The walk function in repos.c in the mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.15, allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via vectors that trigger the walking of SVNParentPath collections. Entry for CVE-2010-4644 says: Multiple memory leaks in rev_hunt.c in Apache Subversion before 1.6.15 allow remote authenticated users to cause a denial of service (memory consumption and daemon crash) via the -g option to the blame command. Discovery 2011-01-02 Entry 2011-01-13 subversion < 1.6.15 subversion-freebsd < 1.6.15 45655 CVE-2010-4539 CVE-2010-4644

VuXML ID

Description

e27ca763-4721-11e0-bdc4-001e8c75030d

subversion -- remote HTTP DoS vulnerability

Subversion project reports:

Subversion HTTP servers up to 1.5.9 (inclusive) or 1.6.15 (inclusive) are vulnerable to a remotely triggerable NULL-pointer dereference.

Discovery 2011-02-27
Entry 2011-03-05
subversion

ge 1.6 le 1.6.15

ge 1.5 le 1.6.9

subversion-freebsd

ge 1.6 le 1.6.15

ge 1.5 le 1.6.9

CVE-2011-0715

e27a1af3-8d21-11e0-a45d-001e8c75030d

Subversion -- multiple vulnerabilities

Subversion team reports:

Subversion's mod_dav_svn Apache HTTPD server module will dereference a NULL pointer if asked to deliver baselined WebDAV resources.

This can lead to a DoS. An exploit has been tested, and tools or users have been observed triggering this problem in the wild.

Subversion's mod_dav_svn Apache HTTPD server module may in certain scenarios enter a logic loop which does not exit and which allocates memory in each iteration, ultimately exhausting all the available memory on the server.

This can lead to a DoS. There are no known instances of this problem being observed in the wild, but an exploit has been tested.

Subversion's mod_dav_svn Apache HTTPD server module may leak to remote users the file contents of files configured to be unreadable by those users.

There are no known instances of this problem being observed in the wild, but an exploit has been tested.

Discovery 2011-05-28
Entry 2011-06-02
subversion

< 1.6.17

subversion-freebsd

< 1.6.17

CVE-2011-1752
CVE-2011-1783
CVE-2011-1921

71612099-1e93-11e0-a587-001b77d09812

subversion -- multiple DoS

Entry for CVE-2010-4539 says:

The walk function in repos.c in the mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.15, allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via vectors that trigger the walking of SVNParentPath collections.

Entry for CVE-2010-4644 says:

Multiple memory leaks in rev_hunt.c in Apache Subversion before 1.6.15 allow remote authenticated users to cause a denial of service (memory consumption and daemon crash) via the -g option to the blame command.

Discovery 2011-01-02
Entry 2011-01-13
subversion

< 1.6.15

subversion-freebsd

< 1.6.15

45655
CVE-2010-4539
CVE-2010-4644