VDB
GCVE-110-MAGEIA-2016-161
GCVE-110-MAGEIA-2016-161
Advisory Published
Updated subversion packages fix security vulnerabilities:
Daniel Shahaf and James McCoy discovered that an implementation error in the
authentication against the Cyrus SASL library would permit a remote user to
specify a realm string which is a prefix of the expected realm string and
potentially allowing a user to authenticate using the wrong realm
(CVE-2016-2167).
Ivan Zhakov of VisualSVN discovered a remotely triggerable denial of service
vulnerability in the mod_authz_svn module during COPY or MOVE authorization
check. An authenticated remote attacker could take advantage of this flaw to
cause a denial of service (Subversion server crash) via COPY or MOVE requests
with specially crafted header (CVE-2016-2168).
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | subversion | 0 (affected), 1.8.16-1.mga5 (unaffected) | — |
References
Browse GCVE Records
72,337 records in the GCVE database · Updated July 14, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.