cvelistv5 - cve-2013-4505

cve-2013-4505

Vulnerability from cvelistv5

Published

2013-12-07 20:00

Modified

2024-08-06 16:45

Severity ?

Summary

The is_this_legal function in mod_dontdothat for Apache Subversion 1.4.0 through 1.7.13 and 1.8.0 through 1.8.4 allows remote attackers to bypass intended access restrictions and possibly cause a denial of service (resource consumption) via a relative URL in a REPORT request.

References

URL	Tags
secalert@redhat.com	http://lists.opensuse.org/opensuse-updates/2013-12/msg00029.html
secalert@redhat.com	http://lists.opensuse.org/opensuse-updates/2013-12/msg00048.html
secalert@redhat.com	http://osvdb.org/100364
secalert@redhat.com	http://secunia.com/advisories/55855	Vendor Advisory
secalert@redhat.com	http://subversion.apache.org/security/CVE-2013-4505-advisory.txt	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-updates/2013-12/msg00029.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-updates/2013-12/msg00048.html
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/100364
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/55855	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://subversion.apache.org/security/CVE-2013-4505-advisory.txt	Patch, Vendor Advisory

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T16:45:14.869Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "55855",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/55855"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://subversion.apache.org/security/CVE-2013-4505-advisory.txt"
          },
          {
            "name": "100364",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/100364"
          },
          {
            "name": "openSUSE-SU-2013:1836",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00029.html"
          },
          {
            "name": "openSUSE-SU-2013:1860",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00048.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-11-25T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The is_this_legal function in mod_dontdothat for Apache Subversion 1.4.0 through 1.7.13 and 1.8.0 through 1.8.4 allows remote attackers to bypass intended access restrictions and possibly cause a denial of service (resource consumption) via a relative URL in a REPORT request."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2013-12-17T15:57:00",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "55855",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/55855"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://subversion.apache.org/security/CVE-2013-4505-advisory.txt"
        },
        {
          "name": "100364",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/100364"
        },
        {
          "name": "openSUSE-SU-2013:1836",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00029.html"
        },
        {
          "name": "openSUSE-SU-2013:1860",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00048.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2013-4505",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The is_this_legal function in mod_dontdothat for Apache Subversion 1.4.0 through 1.7.13 and 1.8.0 through 1.8.4 allows remote attackers to bypass intended access restrictions and possibly cause a denial of service (resource consumption) via a relative URL in a REPORT request."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "55855",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/55855"
            },
            {
              "name": "http://subversion.apache.org/security/CVE-2013-4505-advisory.txt",
              "refsource": "CONFIRM",
              "url": "http://subversion.apache.org/security/CVE-2013-4505-advisory.txt"
            },
            {
              "name": "100364",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/100364"
            },
            {
              "name": "openSUSE-SU-2013:1836",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00029.html"
            },
            {
              "name": "openSUSE-SU-2013:1860",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00048.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2013-4505",
    "datePublished": "2013-12-07T20:00:00",
    "dateReserved": "2013-06-12T00:00:00",
    "dateUpdated": "2024-08-06T16:45:14.869Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:mod_dontdothat:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A25A7E22-19B7-4A4A-97D3-655434BC242F\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:subversion:1.4.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"13109084-931E-4565-BEE5-794B83E6978D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:subversion:1.4.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4ED3EA46-88F7-438D-B8FC-D6C5E1C8984C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:subversion:1.4.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"726B9C10-ACD5-41C2-A552-FD0046A75966\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:subversion:1.4.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"87D72A75-EDB9-4AD1-B6FC-8A918804DE0B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:subversion:1.4.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B55A7A26-C994-4956-BBE7-BF3A51971295\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:subversion:1.4.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FB9E26AB-915A-477F-BA5C-10965A7098F9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:subversion:1.4.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DFD49A9B-16A7-4362-8D62-6EB5ECBE4296\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:subversion:1.5.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7B0CB798-F4ED-44E5-9B15-B7009EAC6303\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:subversion:1.5.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FC3F6E5C-CF55-4CEB-A5B6-D49E0234FF3F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:subversion:1.5.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C2C1DD29-88D2-49DE-9B77-D925A4B9EB7E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:subversion:1.5.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"67130DAF-AE81-43D2-A208-58A53746A7E3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:subversion:1.5.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FB9F8426-38CB-46B4-B0D0-8D16B48DD53F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:subversion:1.5.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"90631FFA-9AB2-483D-B162-31A47428D280\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:subversion:1.5.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8BD5A981-3FDD-4E74-8EB2-5F324246FFF5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:subversion:1.5.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"88F4E8C9-671B-4DA3-9D0D-98539D8D4FE0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:subversion:1.5.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"341F900B-5179-4CB4-9F41-91B58B29C414\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:subversion:1.6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3F34F463-6350-4F48-B037-856DDBB1A4FE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:subversion:1.6.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B2C813BA-B8F9-446B-A07F-B51F26815578\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:subversion:1.6.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3DF4080D-0D95-429E-88AA-1051A5520C01\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:subversion:1.6.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CF50F098-A055-4B79-AC35-6BD6F32D70F2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:subversion:1.6.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"540461D4-87F4-42AB-ADDC-C7A067FE2893\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:subversion:1.6.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3E676744-C623-4894-8764-43588E56D2FC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:subversion:1.6.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"669735D1-1C14-4CD7-AA7C-AD2CA63A1979\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:subversion:1.6.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D4C568FD-54BC-4506-AF60-BFE7CE14D0F5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:subversion:1.6.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D5F71F24-D909-49D9-8B4F-FA757FDF1C25\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:subversion:1.6.9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"034D1C36-B73E-443E-A6B4-44CC6E7BC043\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:subversion:1.6.10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6D373245-8384-45E4-BE2E-E0518BD7F84F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:subversion:1.6.11:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EED44413-D313-4588-9A4B-25F79D0925A3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:subversion:1.6.12:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C193EB08-BBC2-43A2-B11A-9C7E2098862D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:subversion:1.6.13:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"022A5BCE-A1DC-48E2-829D-AD9261562095\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:subversion:1.6.14:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"155F83A1-A04A-48C0-A801-B38F129F310F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:subversion:1.6.15:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"302DC06D-5FB1-4EF9-B5E1-6407B88D65FA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:subversion:1.6.16:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"27A15D05-29BA-4CCC-9348-A516E1E2C079\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:subversion:1.6.17:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2004B474-9869-445D-957D-20EF254FB461\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:subversion:1.6.18:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8F91A5E0-0DD8-47DD-B52E-A15E8064945F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:subversion:1.6.19:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9C34BE8D-6DFF-4E57-971C-8CCEF13E6500\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:subversion:1.6.20:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2CDBC5BA-6A3C-4DB9-BE16-83A4EB85100C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:subversion:1.6.21:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DF1B4950-4D56-47A2-BCE8-FB3714EA1B2C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:subversion:1.6.23:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3194C6CE-3E8A-4861-AED1-942824974AE0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:subversion:1.7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8D102460-B5D5-46C4-8021-7C3510A5FCF3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:subversion:1.7.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"92265E60-7BBF-4E8E-A438-4132D8FD57BB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:subversion:1.7.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"346DE008-472F-47E1-8B96-F968C7D0A003\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:subversion:1.7.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4C9BDB22-29E0-48A3-8765-FAC6A3442A35\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:subversion:1.7.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FA5EB3A7-DE33-42CB-9B5E-646B9D4FFBFB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:subversion:1.7.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F63AB9E5-FD99-40A8-B24F-623BDDBCA427\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:subversion:1.7.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0CEA6C3E-C41B-4EF9-84E1-72BC6B72D1C6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:subversion:1.7.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B0B873C1-E7D6-4E55-A5A7-85000B686071\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:subversion:1.7.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"87D2E8DD-4225-476A-AF17-7621C9A28391\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:subversion:1.7.9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"40D913E2-0FBD-4F6C-8A21-43A0681237BB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:subversion:1.7.10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4B869CEB-7637-48C3-8A4C-171CFB766B97\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:subversion:1.7.11:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"75CF5BC1-7071-48A3-86A9-C843485CAED5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:subversion:1.7.12:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9EB23250-EBD2-4A5F-BF5E-1DAE1A64EF0E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:subversion:1.8.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A57A3347-6C48-4803-AB4E-A4BC0E6BFA41\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"The is_this_legal function in mod_dontdothat for Apache Subversion 1.4.0 through 1.7.13 and 1.8.0 through 1.8.4 allows remote attackers to bypass intended access restrictions and possibly cause a denial of service (resource consumption) via a relative URL in a REPORT request.\"}, {\"lang\": \"es\", \"value\": \"La funci\\u00f3n is_this_legal en mod_dontdothat para Apache Subversion 1.4.0 a 1.7.13 y 1.8.0 a 1.8.4 permite a atacantes remotos sortear restricciones de acceso intencionadas y posiblemente causar denegaci\\u00f3n de servicio (consumo de recursos) a trav\\u00e9s de URL relativas en una petici\\u00f3n REPORT.\"}]",
      "id": "CVE-2013-4505",
      "lastModified": "2024-11-21T01:55:42.063",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:H/Au:N/C:N/I:N/A:P\", \"baseScore\": 2.6, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"HIGH\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"LOW\", \"exploitabilityScore\": 4.9, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2013-12-07T20:55:02.540",
      "references": "[{\"url\": \"http://lists.opensuse.org/opensuse-updates/2013-12/msg00029.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://lists.opensuse.org/opensuse-updates/2013-12/msg00048.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://osvdb.org/100364\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://secunia.com/advisories/55855\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://subversion.apache.org/security/CVE-2013-4505-advisory.txt\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-updates/2013-12/msg00029.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.opensuse.org/opensuse-updates/2013-12/msg00048.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://osvdb.org/100364\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/55855\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://subversion.apache.org/security/CVE-2013-4505-advisory.txt\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}]",
      "sourceIdentifier": "secalert@redhat.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-264\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2013-4505\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2013-12-07T20:55:02.540\",\"lastModified\":\"2024-11-21T01:55:42.063\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The is_this_legal function in mod_dontdothat for Apache Subversion 1.4.0 through 1.7.13 and 1.8.0 through 1.8.4 allows remote attackers to bypass intended access restrictions and possibly cause a denial of service (resource consumption) via a relative URL in a REPORT request.\"},{\"lang\":\"es\",\"value\":\"La funci\u00f3n is_this_legal en mod_dontdothat para Apache Subversion 1.4.0 a 1.7.13 y 1.8.0 a 1.8.4 permite a atacantes remotos sortear restricciones de acceso intencionadas y posiblemente causar denegaci\u00f3n de servicio (consumo de recursos) a trav\u00e9s de URL relativas en una petici\u00f3n REPORT.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:H/Au:N/C:N/I:N/A:P\",\"baseScore\":2.6,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"HIGH\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":4.9,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-264\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:mod_dontdothat:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A25A7E22-19B7-4A4A-97D3-655434BC242F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"13109084-931E-4565-BEE5-794B83E6978D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4ED3EA46-88F7-438D-B8FC-D6C5E1C8984C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"726B9C10-ACD5-41C2-A552-FD0046A75966\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.4.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"87D72A75-EDB9-4AD1-B6FC-8A918804DE0B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.4.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B55A7A26-C994-4956-BBE7-BF3A51971295\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.4.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FB9E26AB-915A-477F-BA5C-10965A7098F9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.4.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DFD49A9B-16A7-4362-8D62-6EB5ECBE4296\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7B0CB798-F4ED-44E5-9B15-B7009EAC6303\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FC3F6E5C-CF55-4CEB-A5B6-D49E0234FF3F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.5.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C2C1DD29-88D2-49DE-9B77-D925A4B9EB7E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.5.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"67130DAF-AE81-43D2-A208-58A53746A7E3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.5.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FB9F8426-38CB-46B4-B0D0-8D16B48DD53F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.5.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"90631FFA-9AB2-483D-B162-31A47428D280\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.5.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8BD5A981-3FDD-4E74-8EB2-5F324246FFF5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.5.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"88F4E8C9-671B-4DA3-9D0D-98539D8D4FE0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.5.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"341F900B-5179-4CB4-9F41-91B58B29C414\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3F34F463-6350-4F48-B037-856DDBB1A4FE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B2C813BA-B8F9-446B-A07F-B51F26815578\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.6.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3DF4080D-0D95-429E-88AA-1051A5520C01\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.6.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CF50F098-A055-4B79-AC35-6BD6F32D70F2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.6.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"540461D4-87F4-42AB-ADDC-C7A067FE2893\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.6.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3E676744-C623-4894-8764-43588E56D2FC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.6.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"669735D1-1C14-4CD7-AA7C-AD2CA63A1979\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.6.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D4C568FD-54BC-4506-AF60-BFE7CE14D0F5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.6.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D5F71F24-D909-49D9-8B4F-FA757FDF1C25\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.6.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"034D1C36-B73E-443E-A6B4-44CC6E7BC043\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.6.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D373245-8384-45E4-BE2E-E0518BD7F84F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.6.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EED44413-D313-4588-9A4B-25F79D0925A3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.6.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C193EB08-BBC2-43A2-B11A-9C7E2098862D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.6.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"022A5BCE-A1DC-48E2-829D-AD9261562095\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.6.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"155F83A1-A04A-48C0-A801-B38F129F310F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.6.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"302DC06D-5FB1-4EF9-B5E1-6407B88D65FA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.6.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"27A15D05-29BA-4CCC-9348-A516E1E2C079\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.6.17:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2004B474-9869-445D-957D-20EF254FB461\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.6.18:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8F91A5E0-0DD8-47DD-B52E-A15E8064945F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.6.19:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9C34BE8D-6DFF-4E57-971C-8CCEF13E6500\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.6.20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2CDBC5BA-6A3C-4DB9-BE16-83A4EB85100C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.6.21:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DF1B4950-4D56-47A2-BCE8-FB3714EA1B2C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.6.23:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3194C6CE-3E8A-4861-AED1-942824974AE0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8D102460-B5D5-46C4-8021-7C3510A5FCF3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"92265E60-7BBF-4E8E-A438-4132D8FD57BB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.7.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"346DE008-472F-47E1-8B96-F968C7D0A003\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.7.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4C9BDB22-29E0-48A3-8765-FAC6A3442A35\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.7.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA5EB3A7-DE33-42CB-9B5E-646B9D4FFBFB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.7.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F63AB9E5-FD99-40A8-B24F-623BDDBCA427\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.7.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0CEA6C3E-C41B-4EF9-84E1-72BC6B72D1C6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.7.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B0B873C1-E7D6-4E55-A5A7-85000B686071\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.7.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"87D2E8DD-4225-476A-AF17-7621C9A28391\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.7.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"40D913E2-0FBD-4F6C-8A21-43A0681237BB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.7.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4B869CEB-7637-48C3-8A4C-171CFB766B97\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.7.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"75CF5BC1-7071-48A3-86A9-C843485CAED5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.7.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9EB23250-EBD2-4A5F-BF5E-1DAE1A64EF0E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:1.8.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A57A3347-6C48-4803-AB4E-A4BC0E6BFA41\"}]}]}],\"references\":[{\"url\":\"http://lists.opensuse.org/opensuse-updates/2013-12/msg00029.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2013-12/msg00048.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://osvdb.org/100364\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/55855\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://subversion.apache.org/security/CVE-2013-4505-advisory.txt\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2013-12/msg00029.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2013-12/msg00048.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://osvdb.org/100364\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/55855\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://subversion.apache.org/security/CVE-2013-4505-advisory.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]}]}}"
  }
}

cve-2013-4505

Vulnerability from fkie_nvd

Published

2013-12-07 20:55

Modified

2024-11-21 01:55

Severity ?

Summary

References

URL	Tags
secalert@redhat.com	http://lists.opensuse.org/opensuse-updates/2013-12/msg00029.html
secalert@redhat.com	http://lists.opensuse.org/opensuse-updates/2013-12/msg00048.html
secalert@redhat.com	http://osvdb.org/100364
secalert@redhat.com	http://secunia.com/advisories/55855	Vendor Advisory
secalert@redhat.com	http://subversion.apache.org/security/CVE-2013-4505-advisory.txt	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-updates/2013-12/msg00029.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-updates/2013-12/msg00048.html
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/100364
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/55855	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://subversion.apache.org/security/CVE-2013-4505-advisory.txt	Patch, Vendor Advisory

Impacted products

Vendor	Product	Version
apache	mod_dontdothat	-
apache	subversion	1.4.0
apache	subversion	1.4.1
apache	subversion	1.4.2
apache	subversion	1.4.3
apache	subversion	1.4.4
apache	subversion	1.4.5
apache	subversion	1.4.6
apache	subversion	1.5.0
apache	subversion	1.5.1
apache	subversion	1.5.2
apache	subversion	1.5.3
apache	subversion	1.5.4
apache	subversion	1.5.5
apache	subversion	1.5.6
apache	subversion	1.5.7
apache	subversion	1.5.8
apache	subversion	1.6.0
apache	subversion	1.6.1
apache	subversion	1.6.2
apache	subversion	1.6.3
apache	subversion	1.6.4
apache	subversion	1.6.5
apache	subversion	1.6.6
apache	subversion	1.6.7
apache	subversion	1.6.8
apache	subversion	1.6.9
apache	subversion	1.6.10
apache	subversion	1.6.11
apache	subversion	1.6.12
apache	subversion	1.6.13
apache	subversion	1.6.14
apache	subversion	1.6.15
apache	subversion	1.6.16
apache	subversion	1.6.17
apache	subversion	1.6.18
apache	subversion	1.6.19
apache	subversion	1.6.20
apache	subversion	1.6.21
apache	subversion	1.6.23
apache	subversion	1.7.0
apache	subversion	1.7.1
apache	subversion	1.7.2
apache	subversion	1.7.3
apache	subversion	1.7.4
apache	subversion	1.7.5
apache	subversion	1.7.6
apache	subversion	1.7.7
apache	subversion	1.7.8
apache	subversion	1.7.9
apache	subversion	1.7.10
apache	subversion	1.7.11
apache	subversion	1.7.12
apache	subversion	1.8.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:apache:mod_dontdothat:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A25A7E22-19B7-4A4A-97D3-655434BC242F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:apache:subversion:1.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "13109084-931E-4565-BEE5-794B83E6978D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:subversion:1.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4ED3EA46-88F7-438D-B8FC-D6C5E1C8984C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:subversion:1.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "726B9C10-ACD5-41C2-A552-FD0046A75966",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:subversion:1.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "87D72A75-EDB9-4AD1-B6FC-8A918804DE0B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:subversion:1.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "B55A7A26-C994-4956-BBE7-BF3A51971295",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:subversion:1.4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB9E26AB-915A-477F-BA5C-10965A7098F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:subversion:1.4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFD49A9B-16A7-4362-8D62-6EB5ECBE4296",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:subversion:1.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B0CB798-F4ED-44E5-9B15-B7009EAC6303",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:subversion:1.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC3F6E5C-CF55-4CEB-A5B6-D49E0234FF3F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:subversion:1.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2C1DD29-88D2-49DE-9B77-D925A4B9EB7E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:subversion:1.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "67130DAF-AE81-43D2-A208-58A53746A7E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:subversion:1.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB9F8426-38CB-46B4-B0D0-8D16B48DD53F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:subversion:1.5.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "90631FFA-9AB2-483D-B162-31A47428D280",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:subversion:1.5.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "8BD5A981-3FDD-4E74-8EB2-5F324246FFF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:subversion:1.5.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "88F4E8C9-671B-4DA3-9D0D-98539D8D4FE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:subversion:1.5.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "341F900B-5179-4CB4-9F41-91B58B29C414",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:subversion:1.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F34F463-6350-4F48-B037-856DDBB1A4FE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:subversion:1.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2C813BA-B8F9-446B-A07F-B51F26815578",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:subversion:1.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3DF4080D-0D95-429E-88AA-1051A5520C01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:subversion:1.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF50F098-A055-4B79-AC35-6BD6F32D70F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:subversion:1.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "540461D4-87F4-42AB-ADDC-C7A067FE2893",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:subversion:1.6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E676744-C623-4894-8764-43588E56D2FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:subversion:1.6.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "669735D1-1C14-4CD7-AA7C-AD2CA63A1979",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:subversion:1.6.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4C568FD-54BC-4506-AF60-BFE7CE14D0F5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:subversion:1.6.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5F71F24-D909-49D9-8B4F-FA757FDF1C25",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:subversion:1.6.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "034D1C36-B73E-443E-A6B4-44CC6E7BC043",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:subversion:1.6.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D373245-8384-45E4-BE2E-E0518BD7F84F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:subversion:1.6.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "EED44413-D313-4588-9A4B-25F79D0925A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:subversion:1.6.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "C193EB08-BBC2-43A2-B11A-9C7E2098862D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:subversion:1.6.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "022A5BCE-A1DC-48E2-829D-AD9261562095",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:subversion:1.6.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "155F83A1-A04A-48C0-A801-B38F129F310F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:subversion:1.6.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "302DC06D-5FB1-4EF9-B5E1-6407B88D65FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:subversion:1.6.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "27A15D05-29BA-4CCC-9348-A516E1E2C079",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:subversion:1.6.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "2004B474-9869-445D-957D-20EF254FB461",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:subversion:1.6.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F91A5E0-0DD8-47DD-B52E-A15E8064945F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:subversion:1.6.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C34BE8D-6DFF-4E57-971C-8CCEF13E6500",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:subversion:1.6.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CDBC5BA-6A3C-4DB9-BE16-83A4EB85100C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:subversion:1.6.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF1B4950-4D56-47A2-BCE8-FB3714EA1B2C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:subversion:1.6.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "3194C6CE-3E8A-4861-AED1-942824974AE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:subversion:1.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D102460-B5D5-46C4-8021-7C3510A5FCF3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:subversion:1.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "92265E60-7BBF-4E8E-A438-4132D8FD57BB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:subversion:1.7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "346DE008-472F-47E1-8B96-F968C7D0A003",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:subversion:1.7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C9BDB22-29E0-48A3-8765-FAC6A3442A35",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:subversion:1.7.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA5EB3A7-DE33-42CB-9B5E-646B9D4FFBFB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:subversion:1.7.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "F63AB9E5-FD99-40A8-B24F-623BDDBCA427",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:subversion:1.7.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CEA6C3E-C41B-4EF9-84E1-72BC6B72D1C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:subversion:1.7.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0B873C1-E7D6-4E55-A5A7-85000B686071",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:subversion:1.7.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "87D2E8DD-4225-476A-AF17-7621C9A28391",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:subversion:1.7.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "40D913E2-0FBD-4F6C-8A21-43A0681237BB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:subversion:1.7.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B869CEB-7637-48C3-8A4C-171CFB766B97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:subversion:1.7.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "75CF5BC1-7071-48A3-86A9-C843485CAED5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:subversion:1.7.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "9EB23250-EBD2-4A5F-BF5E-1DAE1A64EF0E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:subversion:1.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A57A3347-6C48-4803-AB4E-A4BC0E6BFA41",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The is_this_legal function in mod_dontdothat for Apache Subversion 1.4.0 through 1.7.13 and 1.8.0 through 1.8.4 allows remote attackers to bypass intended access restrictions and possibly cause a denial of service (resource consumption) via a relative URL in a REPORT request."
    },
    {
      "lang": "es",
      "value": "La funci\u00f3n is_this_legal en mod_dontdothat para Apache Subversion 1.4.0 a 1.7.13 y 1.8.0 a 1.8.4 permite a atacantes remotos sortear restricciones de acceso intencionadas y posiblemente causar denegaci\u00f3n de servicio (consumo de recursos) a trav\u00e9s de URL relativas en una petici\u00f3n REPORT."
    }
  ],
  "id": "CVE-2013-4505",
  "lastModified": "2024-11-21T01:55:42.063",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "HIGH",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 2.6,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 4.9,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2013-12-07T20:55:02.540",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00029.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00048.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://osvdb.org/100364"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/55855"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://subversion.apache.org/security/CVE-2013-4505-advisory.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00029.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00048.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/100364"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/55855"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://subversion.apache.org/security/CVE-2013-4505-advisory.txt"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

ghsa-cr4v-cvvq-g798

Vulnerability from github

Published

2022-05-17 04:56

Modified

2022-05-17 04:56

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2013-4505"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2013-12-07T20:55:00Z",
    "severity": "LOW"
  },
  "details": "The is_this_legal function in mod_dontdothat for Apache Subversion 1.4.0 through 1.7.13 and 1.8.0 through 1.8.4 allows remote attackers to bypass intended access restrictions and possibly cause a denial of service (resource consumption) via a relative URL in a REPORT request.",
  "id": "GHSA-cr4v-cvvq-g798",
  "modified": "2022-05-17T04:56:00Z",
  "published": "2022-05-17T04:56:00Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-4505"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00029.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00048.html"
    },
    {
      "type": "WEB",
      "url": "http://osvdb.org/100364"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/55855"
    },
    {
      "type": "WEB",
      "url": "http://subversion.apache.org/security/CVE-2013-4505-advisory.txt"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

gsd-2013-4505

Vulnerability from gsd

Modified

2023-12-13 01:22

Details

Aliases

CVE-2013-4505

Aliases

CVE-2013-4505

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2013-4505",
    "description": "The is_this_legal function in mod_dontdothat for Apache Subversion 1.4.0 through 1.7.13 and 1.8.0 through 1.8.4 allows remote attackers to bypass intended access restrictions and possibly cause a denial of service (resource consumption) via a relative URL in a REPORT request.",
    "id": "GSD-2013-4505",
    "references": [
      "https://www.suse.com/security/cve/CVE-2013-4505.html",
      "https://advisories.mageia.org/CVE-2013-4505.html",
      "https://alas.aws.amazon.com/cve/html/CVE-2013-4505.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2013-4505"
      ],
      "details": "The is_this_legal function in mod_dontdothat for Apache Subversion 1.4.0 through 1.7.13 and 1.8.0 through 1.8.4 allows remote attackers to bypass intended access restrictions and possibly cause a denial of service (resource consumption) via a relative URL in a REPORT request.",
      "id": "GSD-2013-4505",
      "modified": "2023-12-13T01:22:16.514289Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secalert@redhat.com",
        "ID": "CVE-2013-4505",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The is_this_legal function in mod_dontdothat for Apache Subversion 1.4.0 through 1.7.13 and 1.8.0 through 1.8.4 allows remote attackers to bypass intended access restrictions and possibly cause a denial of service (resource consumption) via a relative URL in a REPORT request."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "55855",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/55855"
          },
          {
            "name": "http://subversion.apache.org/security/CVE-2013-4505-advisory.txt",
            "refsource": "CONFIRM",
            "url": "http://subversion.apache.org/security/CVE-2013-4505-advisory.txt"
          },
          {
            "name": "100364",
            "refsource": "OSVDB",
            "url": "http://osvdb.org/100364"
          },
          {
            "name": "openSUSE-SU-2013:1836",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00029.html"
          },
          {
            "name": "openSUSE-SU-2013:1860",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00048.html"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:mod_dontdothat:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:subversion:1.8.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:subversion:1.4.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:subversion:1.5.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:subversion:1.5.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:subversion:1.5.8:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:subversion:1.6.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:subversion:1.6.16:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:subversion:1.6.17:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:subversion:1.6.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:subversion:1.6.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:subversion:1.7.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:subversion:1.7.10:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:subversion:1.4.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:subversion:1.4.6:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:subversion:1.5.6:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:subversion:1.5.7:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:subversion:1.6.14:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:subversion:1.6.15:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:subversion:1.6.21:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:subversion:1.6.23:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:subversion:1.6.9:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:subversion:1.7.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:subversion:1.7.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:subversion:1.7.6:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:subversion:1.4.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:subversion:1.4.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:subversion:1.5.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:subversion:1.5.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:subversion:1.6.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:subversion:1.6.10:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:subversion:1.6.18:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:subversion:1.6.19:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:subversion:1.6.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:subversion:1.6.6:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:subversion:1.7.11:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:subversion:1.7.12:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:subversion:1.7.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:subversion:1.7.9:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:subversion:1.7.7:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:subversion:1.7.8:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:subversion:1.4.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:subversion:1.4.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:subversion:1.5.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:subversion:1.5.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:subversion:1.6.11:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:subversion:1.6.12:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:subversion:1.6.13:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:subversion:1.6.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:subversion:1.6.20:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:subversion:1.6.7:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:subversion:1.6.8:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:subversion:1.7.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:subversion:1.7.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2013-4505"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "The is_this_legal function in mod_dontdothat for Apache Subversion 1.4.0 through 1.7.13 and 1.8.0 through 1.8.4 allows remote attackers to bypass intended access restrictions and possibly cause a denial of service (resource consumption) via a relative URL in a REPORT request."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-264"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "55855",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/55855"
            },
            {
              "name": "100364",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://osvdb.org/100364"
            },
            {
              "name": "http://subversion.apache.org/security/CVE-2013-4505-advisory.txt",
              "refsource": "CONFIRM",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://subversion.apache.org/security/CVE-2013-4505-advisory.txt"
            },
            {
              "name": "openSUSE-SU-2013:1860",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00048.html"
            },
            {
              "name": "openSUSE-SU-2013:1836",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00029.html"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "HIGH",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 2.6,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 4.9,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "LOW",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2013-12-20T04:36Z",
      "publishedDate": "2013-12-07T20:55Z"
    }
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

cve-2013-4505

Vulnerability from cvelistv5

cve-2013-4505

Vulnerability from fkie_nvd

ghsa-cr4v-cvvq-g798

Vulnerability from github

gsd-2013-4505

Vulnerability from gsd

Tags

Sightings

Nomenclature