Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-44885

DOS attacks to Subcersion System when credentials have changed

    Details

    • Similar Issues:

      Description

      We are using Jenkins with the subversion plugin. After having entered the right svn access credentials, the SVN checkout takes place and the projects are build. If the credentials are changed on Subversion side after at least one successfull checkout from Jenkins, then the subversion-plugin fires about 40 times per second against the SVN server without stopping.

      Currently we have about 500 Jenkins Installations and are planing several Jenkins enterprise versions. This behaviour is worriing us alot. I have reported this behaviour already back in 2012 but nothing happened up to now.

      Please have a look at it since user credentials are often changed and we already had some serious issues with this problem.

        Attachments

          Activity

          Hide
          jglick Jesse Glick added a comment -

          Unclear what this is about or how to reproduce it.

          If you even suspect a security vulnerability please do not use this tracker. https://jenkins.io/security/ instead.

          Show
          jglick Jesse Glick added a comment - Unclear what this is about or how to reproduce it. If you even suspect a security vulnerability please do not use this tracker. https://jenkins.io/security/  instead.

            People

            • Assignee:
              Unassigned
              Reporter:
              cdovas Christos Dovas
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated: