CVE-2013-1845: Buffer Overflow
First published: Fri Mar 29 2013(Updated: )
It was found that Subversion's mod_dav_svn Apache HTTPD server module will use excessive amounts of memory when a large number of properties are set or deleted on a node. This can lead to a DoS. Setting or deleting a large number of properties on a node (file or directory) will result in a large amount of memory use. Due to the memory pooling behavior of Apache httpd and Subversion the completion of the request will not result in the immediate release of memory used. Repeated commits with the same properties will result in each httpd process plateauing out at some amount of memory. This could result in a Denial of Service if the system is exhausted of all available memory. Acknowledgements: Red Hat would like to thank the Apache Subversion project for reporting this issue. Upstream acknowledges Alexander Klink as the original reporter of this flaw.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/Subversion | <1.6.21 | 1.6.21 |
| redhat/Subversion | <1.7.9 | 1.7.9 |
| Subversion | =1.6.0 | |
| Subversion | =1.6.1 | |
| Subversion | =1.6.2 | |
| Subversion | =1.6.3 | |
| Subversion | =1.6.4 | |
| Subversion | =1.6.5 | |
| Subversion | =1.6.6 | |
| Subversion | =1.6.7 | |
| Subversion | =1.6.8 | |
| Subversion | =1.6.9 | |
| Subversion | =1.6.10 | |
| Subversion | =1.6.11 | |
| Subversion | =1.6.12 | |
| Subversion | =1.6.13 | |
| Subversion | =1.6.14 | |
| Subversion | =1.6.15 | |
| Subversion | =1.6.16 | |
| Subversion | =1.6.17 | |
| Subversion | =1.6.18 | |
| Subversion | =1.6.19 | |
| Subversion | =1.6.20 | |
| Subversion | =1.7.0 | |
| Subversion | =1.7.1 | |
| Subversion | =1.7.2 | |
| Subversion | =1.7.3 | |
| Subversion | =1.7.4 | |
| Subversion | =1.7.5 | |
| Subversion | =1.7.6 | |
| Subversion | =1.7.7 | |
| Subversion | =1.7.8 | |
| SUSE Linux | =12.1 | |
| SUSE Linux | =12.2 | |
| SUSE Linux | =12.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://lists.opensuse.org/opensuse-updates/2013-04/msg00095.html
- http://lists.opensuse.org/opensuse-updates/2013-06/msg00069.html
- http://mail-archives.apache.org/mod_mbox/subversion-announce/201304.mbox/%3CCADkdwvRoyVrZV12tgC0FMGrc6%2BMisd3qTcZ%2BDdpFGgTahkgAkQ%40mail.gmail.com%3E
- http://mail-archives.apache.org/mod_mbox/subversion-announce/201304.mbox/%3CCADkdwvSTMLbn4q_KM3Ph2UOeSiPGhEK4%3DSvwEjaHW_GUGkYWPQ%40mail.gmail.com%3E
- http://rhn.redhat.com/errata/RHSA-2013-0737.html
- http://subversion.apache.org/security/CVE-2013-1845-advisory.txt
- http://www.mandriva.com/security/advisories?name=MDVSA-2013:153
- http://www.ubuntu.com/usn/USN-1893-1
- https://bugzilla.redhat.com/show_bug.cgi?id=929082
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18973
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=717966&action=diff
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=717966&action=edit
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=717967&action=diff
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=717967&action=edit
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=948813
- https://rhn.redhat.com/errata/RHSA-2013-0737.html
Frequently Asked Questions
What is the severity of CVE-2013-1845?
CVE-2013-1845 is classified as a vulnerability that can lead to a denial of service due to excessive memory usage.
How do I fix CVE-2013-1845?
To fix CVE-2013-1845, upgrade Subversion to versions 1.6.21 or later, or 1.7.9 or later.
Which versions of Subversion are affected by CVE-2013-1845?
CVE-2013-1845 affects Subversion versions prior to 1.6.21 and 1.7.9.
What type of attack can exploit CVE-2013-1845?
CVE-2013-1845 can be exploited through a denial of service attack by setting or deleting a large number of properties on a node.
Is there a specific software that is vulnerable to CVE-2013-1845?
Yes, the Apache HTTPD server module mod_dav_svn within Subversion is vulnerable to CVE-2013-1845.
- agent/references
- agent/type
- agent/first-publish-date
- agent/author
- agent/severity
- agent/weakness
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2013-1845
- agent/software-canonical-lookup
- agent/event
- agent/trending
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-index
- agent/software-canonical-lookup-request
- package-manager/redhat
- vendor/apache
- canonical/subversion
- version/subversion/1.6.0
- version/subversion/1.6.1
- version/subversion/1.6.2
- version/subversion/1.6.3
- version/subversion/1.6.4
- version/subversion/1.6.5
- version/subversion/1.6.6
- version/subversion/1.6.7
- version/subversion/1.6.8
- version/subversion/1.6.9
- version/subversion/1.6.10
- version/subversion/1.6.11
- version/subversion/1.6.12
- version/subversion/1.6.13
- version/subversion/1.6.14
- version/subversion/1.6.15
- version/subversion/1.6.16
- version/subversion/1.6.17
- version/subversion/1.6.18
- version/subversion/1.6.19
- version/subversion/1.6.20
- version/subversion/1.7.0
- version/subversion/1.7.1
- version/subversion/1.7.2
- version/subversion/1.7.3
- version/subversion/1.7.4
- version/subversion/1.7.5
- version/subversion/1.7.6
- version/subversion/1.7.7
- version/subversion/1.7.8
- vendor/opensuse
- canonical/suse linux
- version/suse linux/12.1
- version/suse linux/12.2
- version/suse linux/12.3