CVE-2013-1968

Published: Jul 31, 2013Modified: Apr 29, 2026

5.5

Vector

AV:N/AC:L/Au:S/C:N/I:P/A:P

Exploitability: 8.0 / Impact: 4.9

Source: NVD

Description

Subversion before 1.6.23 and 1.7.x before 1.7.10 allows remote authenticated users to cause a denial of service (FSFS repository corruption) via a newline character in a file name.

Affected (37)

Products: Apache: Subversion · Collabnet: Subversion · Canonical: Ubuntu Linux · +1 more

Show all products

Apache: Subversion · Collabnet: Subversion · Canonical: Ubuntu Linux · Opensuse: Opensuse

1 product

1 product

1 product

1 product

Configuration A

23 vulnerable

Vulnerable Software	Affected Versions
Apache Subversion	Up to 1.6.21
Apache Subversion	Version 1.6.0
Apache Subversion	Version 1.6.10
Apache Subversion	Version 1.6.11
Apache Subversion	Version 1.6.12
Apache Subversion	Version 1.6.13
Apache Subversion	Version 1.6.14
Apache Subversion	Version 1.6.15
Apache Subversion	Version 1.6.16
Apache Subversion	Version 1.6.17
Apache Subversion	Version 1.6.18
Apache Subversion	Version 1.6.19
Apache Subversion	Version 1.6.1
Apache Subversion	Version 1.6.20
Apache Subversion	Version 1.6.2
Apache Subversion	Version 1.6.3
Apache Subversion	Version 1.6.4
Apache Subversion	Version 1.6.5
Apache Subversion	Version 1.6.6
Apache Subversion	Version 1.6.7
Apache Subversion	Version 1.6.8
Apache Subversion	Version 1.6.9
Collabnet Subversion	Version 1.6.17

Configuration B

10 vulnerable

Vulnerable Software	Affected Versions
Apache Subversion	Version 1.7.0
Apache Subversion	Version 1.7.1
Apache Subversion	Version 1.7.2
Apache Subversion	Version 1.7.3
Apache Subversion	Version 1.7.4
Apache Subversion	Version 1.7.5
Apache Subversion	Version 1.7.6
Apache Subversion	Version 1.7.7
Apache Subversion	Version 1.7.8
Apache Subversion	Version 1.7.9

Configuration C

4 vulnerable

Vulnerable Software	Affected Versions
Canonical Ubuntu Linux	Version 12.04
Canonical Ubuntu Linux	Version 12.10
Canonical Ubuntu Linux	Version 13.04
Opensuse Opensuse	Version 11.4

References (16)

http://lists.opensuse.org/opensuse-updates/2013-07/msg00015.html

Source: secalert@redhat.com

http://mail-archives.apache.org/mod_mbox/subversion-announce/201305.mbox/%3CCADkdwvRK51pQsybfvsAzjxQJrmVpL0fEa1K4WGkUP9Tzz6KFDw%40mail.gmail.com%3E

Source: secalert@redhat.com

http://mail-archives.apache.org/mod_mbox/subversion-announce/201305.mbox/%3CCADkdwvTxsMFeHgc8bK2V-2PrSrKoBffTi8%2BxbHA5tocrrewWew%40mail.gmail.com%3E

Source: secalert@redhat.com

http://rhn.redhat.com/errata/RHSA-2014-0255.html

Source: secalert@redhat.com

http://www.debian.org/security/2013/dsa-2703

Source: secalert@redhat.com

http://www.ubuntu.com/usn/USN-1893-1

Source: secalert@redhat.com

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18986

Source: secalert@redhat.com

https://subversion.apache.org/security/CVE-2013-1968-advisory.txt

Source: secalert@redhat.com

Vendor Advisory

http://lists.opensuse.org/opensuse-updates/2013-07/msg00015.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://mail-archives.apache.org/mod_mbox/subversion-announce/201305.mbox/%3CCADkdwvRK51pQsybfvsAzjxQJrmVpL0fEa1K4WGkUP9Tzz6KFDw%40mail.gmail.com%3E

Source: af854a3a-2127-422b-91ae-364da2661108

http://mail-archives.apache.org/mod_mbox/subversion-announce/201305.mbox/%3CCADkdwvTxsMFeHgc8bK2V-2PrSrKoBffTi8%2BxbHA5tocrrewWew%40mail.gmail.com%3E

Source: af854a3a-2127-422b-91ae-364da2661108

http://rhn.redhat.com/errata/RHSA-2014-0255.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.debian.org/security/2013/dsa-2703

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.ubuntu.com/usn/USN-1893-1

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18986

Source: af854a3a-2127-422b-91ae-364da2661108

https://subversion.apache.org/security/CVE-2013-1968-advisory.txt

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.