Select Page

Mar 1, 2019

Vulnerability Notification: Apache Subversion mod_dav_svn Denial of Service



Subversion is an open source version control and software version control system that runs as a standalone server or as a module of the Apache HTTPD server. Recently, the denial of service vulnerability was fixed officially.

[Vulnerability Details]

CVE-2018-11803: The vulnerability is caused by improper dereference of an uninitialized pointer variable. A remote attacker could exploit this vulnerability by sending a recursive directory listing request. Successful exploitation could cause denial of service conditions of the target Subversion server.

Vulnerability Source:



[Affected Versions]

  • Apache Software Foundation Subversion 1.10.0 through 1.10.3
  • Apache Software Foundation Subversion 1.11.0


Update the official fixes to avoid being affected by the vulnerability

Official advice:

[Hillstone Networks Solutions]

Hillstone Networks has added signatures to the IPS signature database version 2.1.276. By deploying any Hillstone Networks solution with the IPS function, Apache Subversion mod_dav_svn Denial of Service Vulnerability can be quickly detected and effectively intercepted, preventing the server from being attacked.

Threat Events Detected by Hillstone Solutions

Vulnerability Detail Description