Unrated severityNVD Advisory· Published Mar 11, 2011· Updated Apr 29, 2026
CVE-2011-0715
CVE-2011-0715
Description
The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.16, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a request that contains a lock token.
Affected products
112cpe:2.3:a:apache:subversion:*:*:*:*:*:*:*:*+ 111 more
- cpe:2.3:a:apache:subversion:*:*:*:*:*:*:*:*range: <=1.6.15
- cpe:2.3:a:apache:subversion:0.10.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:0.10.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:0.10.2:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:0.11.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:0.12.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:0.13.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:0.13.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:0.13.2:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:0.14.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:0.14.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:0.14.2:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:0.14.3:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:0.14.4:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:0.14.5:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:0.15:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:0.16:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:0.16.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:0.17.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:0.17.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:0.18.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:0.18.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:0.19.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:0.19.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:0.20.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:0.20.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:0.21.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:0.22.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:0.22.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:0.22.2:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:0.23.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:0.24.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:0.24.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:0.24.2:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:0.25.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:0.26.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:0.27.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:0.28.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:0.28.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:0.28.2:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:0.29.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:0.30.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:0.31.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:0.32.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:0.33.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:0.33.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:0.34.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:0.35.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:0.35.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:0.36.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:0.37.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:0.6:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:0.7:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:0.8:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:0.9:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:1.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:1.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:1.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:1.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:1.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:1.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:1.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:1.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:1.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:1.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:1.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:1.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:1.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:1.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:1.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:1.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:1.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:1.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:1.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:1.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:1.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:1.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:1.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:1.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:1.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:1.4.4:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:1.4.5:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:1.4.6:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:1.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:1.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:1.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:1.5.3:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:1.5.4:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:1.5.5:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:1.5.6:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:1.5.7:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:1.5.8:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:1.6.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:1.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:1.6.10:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:1.6.11:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:1.6.12:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:1.6.13:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:1.6.14:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:1.6.2:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:1.6.3:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:1.6.4:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:1.6.5:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:1.6.6:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:1.6.7:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:1.6.8:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:1.6.9:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:m1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:m2:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:m3:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:m4\/m5:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
34- svn.apache.org/viewvcnvdPatch
- svn.haxx.se/dev/archive-2011-03/0122.shtmlnvdPatch
- bugzilla.redhat.com/show_bug.cginvdPatch
- secunia.com/advisories/43603nvdVendor Advisory
- subversion.apache.org/security/CVE-2011-0715-advisory.txtnvdVendor Advisory
- www.vupen.com/english/advisories/2011/0567nvdVendor Advisory
- lists.apple.com/archives/security-announce/2011//Jun/msg00000.htmlnvd
- lists.fedoraproject.org/pipermail/package-announce/2011-March/056071.htmlnvd
- lists.fedoraproject.org/pipermail/package-announce/2011-March/056072.htmlnvd
- lists.fedoraproject.org/pipermail/package-announce/2011-March/056736.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.htmlnvd
- secunia.com/advisories/43583nvd
- secunia.com/advisories/43672nvd
- secunia.com/advisories/43794nvd
- securitytracker.com/idnvd
- slackware.com/security/viewer.phpnvd
- support.apple.com/kb/HT4723nvd
- svn.apache.org/repos/asf/subversion/tags/1.6.16/CHANGESnvd
- svn.apache.org/viewvcnvd
- www.debian.org/security/2011/dsa-2181nvd
- www.mandriva.com/security/advisoriesnvd
- www.osvdb.org/70964nvd
- www.securityfocus.com/bid/46734nvd
- www.ubuntu.com/usn/USN-1096-1nvd
- www.vupen.com/english/advisories/2011/0568nvd
- www.vupen.com/english/advisories/2011/0624nvd
- www.vupen.com/english/advisories/2011/0660nvd
- www.vupen.com/english/advisories/2011/0684nvd
- www.vupen.com/english/advisories/2011/0776nvd
- www.vupen.com/english/advisories/2011/0885nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/65876nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18967nvd
- rhn.redhat.com/errata/RHSA-2011-0327.htmlnvd
- rhn.redhat.com/errata/RHSA-2011-0328.htmlnvd
News mentions
0No linked articles in our index yet.