Subversion < 1.0.3 apr_time_t data Conversion Remote Overflow

High Nessus Plugin ID 12261


The remote service is vulnerable to a buffer overflow.


The remote host is vulnerable to a remote stack-based overflow. An attacker, exploiting this hole, would be given full access to the target machine. Versions of Subversion less than 1.0.3 are vulnerable to this attack.
This vulnerability was discovered by Stefan Esser and posted to public mailing lists.


Upgrade to version 1.0.3 or higher

See Also

Plugin Details

Severity: High

ID: 12261

File Name: subversion_1_0_4.nasl

Version: $Revision: 1.17 $

Type: remote

Family: Misc.

Published: 2004/06/08

Modified: 2016/12/14

Dependencies: 12259

Risk Information

Risk Factor: High


Base Score: 7.5

Temporal Score: 6.2

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

Vulnerability Information

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 2004/05/19

Exploitable With


Metasploit (Subversion Date Svnserve)

Reference Information

CVE: CVE-2004-0397

BID: 10386

OSVDB: 6301