CVE-2011-1752
subversion - several
EPSS 22.7%
Description
The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.17, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a request for a baselined WebDAV resource, as exploited in the wild in May 2011.
How to fix CVE-2011-1752
To remediate CVE-2011-1752, upgrade the affected package to a fixed version below.
- Debian/subversion—upgrade to 1.6.17dfsg-1 or later
- Debian/subversion—upgrade to 1.6.12dfsg-6 or later
Is CVE-2011-1752 being exploited?
Moderate — EPSS is 22.7%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (2)
- from 0, < 1.6.17dfsg-1
- from 0, < 1.6.12dfsg-6