Vulnerability Name:

CVE-2004-0413 (CCN-16396)

Assigned:2004-06-11
Published:2004-06-11
Updated:2017-07-11
Summary:libsvn_ra_svn in Subversion 1.0.4 trusts the length field of (1) svn://, (2) svn+ssh://, and (3) other svn protocol URL strings, which allows remote attackers to cause a denial of service (memory consumption) and possibly execute arbitrary code via an integer overflow that leads to a heap-based buffer overflow.
CVSS v3 Severity:10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
10.0 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-Other
Vulnerability Consequences:Gain Access
References:Source: CCN
Type: Full-Disclosure Mailing List, Thu Jun 10 2004 - 18:16:02 CDT
[ GLSA 200406-07 ] Subversion: Remote heap overflow

Source: MITRE
Type: CNA
CVE-2004-0413

Source: CONFIRM
Type: UNKNOWN
http://subversion.tigris.org/security/CAN-2004-0413-advisory.txt

Source: CCN
Type: Subversion Web site
subversion: Documents & files: Source tarballs

Source: CCN
Type: GLSA-200406-07
Subversion: Remote heap overflow

Source: GENTOO
Type: Vendor Advisory
GLSA-200406-07

Source: SUSE
Type: UNKNOWN
SuSE-SA:2004:018

Source: CCN
Type: OpenPKG-SA-2004.028
Subversion

Source: CCN
Type: OSVDB ID: 6935
Subversion (SVN) svnserver svn:// Protocol Handler Remote Overflow

Source: FEDORA
Type: UNKNOWN
FEDORA-2004-165

Source: BUGTRAQ
Type: UNKNOWN
20041012 [FMADV] Subversion <= 1.04 Heap Overflow

Source: BID
Type: Patch, Vendor Advisory
10519

Source: CCN
Type: BID-10519
Subversion SVN Protocol Parser Remote Integer Overflow Vulnerability

Source: FEDORA
Type: UNKNOWN
FLSA:1748

Source: XF
Type: UNKNOWN
subversion-svn-bo(16396)

Source: XF
Type: UNKNOWN
subversion-svn-bo(16396)

Source: SUSE
Type: SUSE-SA:2004:018
subversion: remote system compromise

Vulnerable Configuration:Configuration 1:
  • cpe:/a:openpkg:openpkg:*:*:*:*:*:*:*:*
  • OR cpe:/a:openpkg:openpkg:2.0:*:*:*:*:*:*:*
  • OR cpe:/a:subversion:subversion:1.0:*:*:*:*:*:*:*
  • OR cpe:/a:subversion:subversion:1.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:subversion:subversion:1.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:subversion:subversion:1.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:subversion:subversion:1.0.4:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    openpkg openpkg *
    openpkg openpkg 2.0
    subversion subversion 1.0
    subversion subversion 1.0.1
    subversion subversion 1.0.2
    subversion subversion 1.0.3
    subversion subversion 1.0.4