CVE-2004-0413 | Vulnerability Database | Aqua Security

libsvn_ra_svn in Subversion 1.0.4 trusts the length field of (1) svn://, (2) svn+ssh://, and (3) other svn protocol URL strings, which allows remote attackers to cause a denial of service (memory consumption) and possibly execute arbitrary code via an integer overflow that leads to a heap-based buffer overflow.

Affected Software

Name	Vendor	Start Version	End Version
Openpkg	Openpkg	*	*
Openpkg	Openpkg	2.0 (including)	2.0 (including)
Subversion	Subversion	1.0 (including)	1.0 (including)
Subversion	Subversion	1.0.1 (including)	1.0.1 (including)
Subversion	Subversion	1.0.2 (including)	1.0.2 (including)
Subversion	Subversion	1.0.3 (including)	1.0.3 (including)
Subversion	Subversion	1.0.4 (including)	1.0.4 (including)

References

http://subversion.tigris.org/security/CAN-2004-0413-advisory.txt
http://www.gentoo.org/security/en/glsa/glsa-200406-07.xml
http://www.novell.com/linux/security/advisories/2004_18_subversion.html
http://www.securityfocus.com/advisories/6847
http://www.securityfocus.com/archive/1/365836
http://www.securityfocus.com/bid/10519
https://bugzilla.fedora.us/show_bug.cgi?id=1748
https://exchange.xforce.ibmcloud.com/vulnerabilities/16396

NVD	https://nvd.nist.gov/vuln/detail/CVE-2004-0413
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html