⚠ Exploited in the wild
Exploitation observed in the wild. Not yet on CISA KEV.
CVE-2011-1752 — NULL Pointer Dereference in Apache Subversion
Severity
5.0MEDIUMNVD
EPSS
22.7%
top 4.13%
CISA KEV
Not in KEV
Exploit
Exploited in wild
Active exploitation observed
Affected products
Timeline
PublishedJun 6
Latest updateMay 13
Description
The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.17, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a request for a baselined WebDAV resource, as exploited in the wild in May 2011.
CVSS vector
AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9
Affected Packages3 packages
Also affects: Debian Linux 5.0, 6.0, Fedora 14, 15, Ubuntu Linux 10.04, 10.10, 11.04
🔴Vulnerability Details
4GHSA▶
GHSA-jg5g-xghx-3fqc: The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1↗2022-05-13
CVEList▶
CVE-2011-1752: The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1↗2011-06-06
OSV▶
CVE-2011-1752: The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1↗2011-06-06
📋Vendor Advisories
4Debian▶
CVE-2011-1752: subversion - The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subv...↗2011