Apache.Subversion.mod_authz_svn.DoS
Description
This indicates an attack attempt to exploit a Denial of Service Vulnerability in Apache Subversion.
The vulnerability is due to improper handling of requests when the server is using in-repository authz rules with the AuthzSVNReposRelativeAccessFile option and a client sends a request for a non-existing repository URL. A remote, unauthenticated attacker can exploit this vulnerability by sending a request to a non-exiting repository which results in a denial of service conditions.
Affected Products
mod_dav_svn+mod_authz_svn servers 1.9.0 through 1.10.6.
mod_dav_svn+mod_authz_svn servers 1.11.0 through 1.14.0.
Impact
Denial of Service: Remote attackers can crash vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://subversion.apache.org/packages.html
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2022-07-20 | 21.360 | Sig Added |
2022-02-07 | 19.254 | Default_action:pass:drop |
2022-01-26 | 19.248 |