Rewterz Threat Advisory – Linux Kernel denial of service
February 11, 2021Rewterz Threat Advisory – Windows Win32k Elevation of Privilege Vulnerability
February 11, 2021Rewterz Threat Advisory – Linux Kernel denial of service
February 11, 2021Rewterz Threat Advisory – Windows Win32k Elevation of Privilege Vulnerability
February 11, 2021Severity
High
Analysis Summary
CVE-2020-17525
Apache Subversion is vulnerable to a denial of service, caused by a NULL pointer dereference flaw when using in-repository authz rules with the AuthzSVNReposRelativeAccessFile option. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause the mod_authz_svn module to crash, and results in a denial of service condition.
Impact
Denial of Service
Affected Vendors
Apache
Affected Products
- Apache Subversion 0.14.0
- Apache Subversion 1.10.0
Remediation
Upgrade to the latest version of Subversion (1.10.7, 1.14.1 or later).