Select Page

[Overview]

Subversion is an open source version control and software version control system that runs as a standalone server or as a module of the Apache HTTPD server. Recently, the denial of service vulnerability was fixed officially.

[Vulnerability Details]

CVE-2018-11803: The vulnerability is caused by improper dereference of an uninitialized pointer variable. A remote attacker could exploit this vulnerability by sending a recursive directory listing request. Successful exploitation could cause denial of service conditions of the target Subversion server.

Vulnerability Source: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11803

[Severity]

High

[Affected Versions]

  • Apache Software Foundation Subversion 1.10.0 through 1.10.3
  • Apache Software Foundation Subversion 1.11.0

[Suggestions]

Update the official fixes to avoid being affected by the vulnerability


Official advice: http://subversion.apache.org/security/CVE-2018-11803-advisory.txt

[Hillstone Networks Solutions]

Hillstone Networks has added signatures to the IPS signature database version 2.1.276. By deploying any Hillstone Networks solution with the IPS function, Apache Subversion mod_dav_svn Denial of Service Vulnerability can be quickly detected and effectively intercepted, preventing the server from being attacked.

Threat Events Detected by Hillstone Solutions

Vulnerability Detail Description

Hillstone NGFWs Recognized for 8th Straight Year in Gartner® Magic Quadrant™, Named as a “Visionary”

Hillstone Networks Wins 2021 CybersecAsia Readers’ Choice Award

ZTNA: A Better Way to Control Access, Boost Security

Hillstone sBDS V3.4 Extends Supplementary Detection Capabilities

Kudos to the Hillstone Security Research Team for Being Acknowledge by Microsoft for Vulnerability Discovery

Hillstone Releases iSource, an Extended Detection and Response Platform

Hillstone’s A200W streamlines deployment of cost-effective perimeter solution

Endpoint Detection and Response: Getting from Good to Great

ADC V2.9 delivers traffic and balances links at an unprecedented level