Candidate: CVE-2009-5024
PublicDate: 2011-05-23 22:55:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-5024
Description:
 ViewVC before 1.1.11 allows remote attackers to bypass the cvsdb row_limit
 configuration setting, and consequently conduct resource-consumption
 attacks, via the limit parameter, as demonstrated by a "query revision
 history" request.
Ubuntu-Description:
Notes:
Bugs:
Priority: low
Discovered-by:
Assigned-to:
CVSS: 

Patches_viewvc:
upstream_viewvc: released (1.1.11)
dapper_viewvc: DNE
hardy_viewvc: ignored (reached end-of-life)
lucid_viewvc: ignored (reached end-of-life)
maverick_viewvc: ignored (reached end-of-life)
natty_viewvc: ignored (reached end-of-life)
oneiric_viewvc: ignored (reached end-of-life)
precise_viewvc: released (1.1.5-1.1+squeeze2build0.12.04.1)
quantal_viewvc: ignored (reached end-of-life)
raring_viewvc: ignored (reached end-of-life)
saucy_viewvc: ignored (reached end-of-life)
trusty_viewvc: not-affected
trusty/esm_viewvc: DNE (trusty was not-affected)
utopic_viewvc: ignored (reached end-of-life)
vivid_viewvc: ignored (reached end-of-life)
vivid/stable-phone-overlay_viewvc: DNE
vivid/ubuntu-core_viewvc: DNE
wily_viewvc: ignored (reached end-of-life)
xenial_viewvc: not-affected
yakkety_viewvc: not-affected
devel_viewvc: not-affected