First published: Fri Jan 07 2011(Updated: )
Multiple memory leaks in rev_hunt.c in Apache Subversion before 1.6.15 allow remote authenticated users to cause a denial of service (memory consumption and daemon crash) via the -g option to the blame command.
Credit: secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
Apache Subversion | =1.2.0 | |
Apache Subversion | =1.0.4 | |
Apache Subversion | =1.6.10 | |
Apache Subversion | =0.22.0 | |
Apache Subversion | =1.0.8 | |
Apache Subversion | =1.4.5 | |
Apache Subversion | =1.0.2 | |
Apache Subversion | =1.1.2 | |
Apache Subversion | =0.26.0 | |
Apache Subversion | =0.10.1 | |
Apache Subversion | =0.15 | |
Apache Subversion | =1.0.9 | |
Apache Subversion | =1.4.2 | |
Apache Subversion | =0.37.0 | |
Apache Subversion | =m2 | |
Apache Subversion | =1.6.2 | |
Apache Subversion | =0.9 | |
Apache Subversion | =0.7 | |
Apache Subversion | =0.19.0 | |
Apache Subversion | =0.22.2 | |
Apache Subversion | =0.12.0 | |
Apache Subversion | =1.5.5 | |
Apache Subversion | =1.6.5 | |
Apache Subversion | =0.13.1 | |
Apache Subversion | =1.1.1 | |
Apache Subversion | =0.19.1 | |
Apache Subversion | =1.5.3 | |
Apache Subversion | =1.2.3 | |
Apache Subversion | =0.20.0 | |
Apache Subversion | =1.4.0 | |
Apache Subversion | =0.14.5 | |
Apache Subversion | =0.24.0 | |
Apache Subversion | =1.4.4 | |
Apache Subversion | =1.5.7 | |
Apache Subversion | =0.21.0 | |
Apache Subversion | =0.14.0 | |
Apache Subversion | =0.17.0 | |
Apache Subversion | =1.4.6 | |
Apache Subversion | =1.3.1 | |
Apache Subversion | =0.14.3 | |
Apache Subversion | =1.6.3 | |
Apache Subversion | =1.6.8 | |
Apache Subversion | =0.18.1 | |
Apache Subversion | =0.35.0 | |
Apache Subversion | =0.30.0 | |
Apache Subversion | =0.18.0 | |
Apache Subversion | =1.6.13 | |
Apache Subversion | =0.17.1 | |
Apache Subversion | =1.0.3 | |
Apache Subversion | =0.28.0 | |
Apache Subversion | =0.33.1 | |
Apache Subversion | =0.27.0 | |
Apache Subversion | =0.10.0 | |
Apache Subversion | =1.6.0 | |
Apache Subversion | =1.1.4 | |
Apache Subversion | =1.5.8 | |
Apache Subversion | =0.10.2 | |
Apache Subversion | =1.5.2 | |
Apache Subversion | =0.25.0 | |
Apache Subversion | <=1.6.14 | |
Apache Subversion | =1.0.6 | |
Apache Subversion | =1.6.7 | |
Apache Subversion | =1.0.1 | |
Apache Subversion | =0.36.0 | |
Apache Subversion | =1.3.2 | |
Apache Subversion | =1.6.12 | |
Apache Subversion | =0.33.0 | |
Apache Subversion | =0.24.1 | |
Apache Subversion | =0.6 | |
Apache Subversion | =0.14.2 | |
Apache Subversion | =1.0.5 | |
Apache Subversion | =1.6.1 | |
Apache Subversion | =0.16 | |
Apache Subversion | =0.24.2 | |
Apache Subversion | =1.6.4 | |
Apache Subversion | =1.2.1 | |
Apache Subversion | =0.28.1 | |
Apache Subversion | =0.11.1 | |
Apache Subversion | =m1 | |
Apache Subversion | =0.13.0 | |
Apache Subversion | =0.28.2 | |
Apache Subversion | =0.22.1 | |
Apache Subversion | =1.4.3 | |
Apache Subversion | =0.16.1 | |
Apache Subversion | =0.23.0 | |
Apache Subversion | =1.5.4 | |
Apache Subversion | =1.3.0 | |
Apache Subversion | =0.34.0 | |
Apache Subversion | =0.13.2 | |
Apache Subversion | =0.35.1 | |
Apache Subversion | =m4\/m5 | |
Apache Subversion | =1.6.11 | |
Apache Subversion | =0.32.1 | |
Apache Subversion | =1.1.3 | |
Apache Subversion | =1.2.2 | |
Apache Subversion | =1.1.0 | |
Apache Subversion | =1.5.1 | |
Apache Subversion | =0.8 | |
Apache Subversion | =1.5.6 | |
Apache Subversion | =1.0.7 | |
Apache Subversion | =1.5.0 | |
Apache Subversion | =0.31.0 | |
Apache Subversion | =1.0.0 | |
Apache Subversion | =1.6.6 | |
Apache Subversion | =1.6.9 | |
Apache Subversion | =0.14.1 | |
Apache Subversion | =0.29.0 | |
Apache Subversion | =1.4.1 | |
Apache Subversion | =m3 | |
Apache Subversion | =0.14.4 | |
Apache Subversion | =0.20.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2010-4644 is rated as low with a score of 3.5.
To fix CVE-2010-4644, upgrade to Apache Subversion version 1.6.15 or later.
CVE-2010-4644 is caused by multiple memory leaks in rev_hunt.c that allow denial of service through excessive memory consumption.
CVE-2010-4644 affects remote authenticated users of Apache Subversion versions prior to 1.6.15.
The potential impacts of CVE-2010-4644 include memory consumption leading to daemon crashes and denial of service.