The host is running Apache Subversion and is prone denial of service vulnerability.

Successful exploitation will let the remote attackers to cause a segfault by sending crafted log 'REPORT' request. Impact Level: Application NOTE : Configurations which allow anonymous read access to the repository will be vulnerable to this without authentication.

Upgrade to Apache Subversion version 1.7.9 or later, For updates refer to http://subversion.apache.org

An error within the 'mod_dav_svn' module when handling crafted log 'REPORT' request with a limit outside the allowed range.

Apache Subversion 1.7.0 through 1.7.8

• http://secunia.com/advisories/52966/
• http://subversion.apache.org/security/CVE-2013-1884-advisory.txt
• http://xforce.iss.net/xforce/xfdb/83259

---

Updated on 2015-03-25