Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
gentooGentoo FoundationGLSA-201401-06
HistoryJan 10, 2014 - 12:00 a.m.

Git: Privilege escalation

2014-01-1000:00:00
Gentoo Foundation
security.gentoo.org
7

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.003 Low

EPSS

Percentile

71.4%

JSON

Background

Git is a free and open source distributed version control system designed to handle everything from small to very large projects with speed and efficiency.

Description

Git contains a stack-based buffer overflow in the is_git_directory function in setup.c.

Impact

A local attacker could gain escalated privileges via a specially crafted git repository.

Workaround

There is no known workaround at this time.

Resolution

All Git users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=dev-vcs/git-1.7.2.2"

NOTE: This is a legacy GLSA. Updates for all affected architectures are available since September 11, 2010. It is likely that your system is already no longer affected by this issue.

OSVersionArchitecturePackageVersionFilename
Gentooanyalldev-vcs/git< 1.7.2.2UNKNOWN

Related

debian 4
openvas 14
osv 1
fedora 4
nessus 9
nvd 1
ubuntucve 1
cbl_mariner 1
cvelist 1
prion 1
freebsd 1
cve 1
debian
debian
[Backports-security-announce] Security Update for git
2010-07-30 21:19:20
[SECURITY] [DSA-2114-1] New git-core packages fix regression
2010-09-26 18:57:06
[Backports-security-announce] Security Update for git
2010-07-30 21:29:46
openvas
openvas
Fedora Update for cgit FEDORA-2010-15534
2010-10-19 00:00:00
FreeBSD Ports: git
2010-08-21 00:00:00
Fedora Update for cgit FEDORA-2010-15501
2010-10-19 00:00:00
osv
osv
git-core
2010-09-26 00:00:00
fedora
fedora
[SECURITY] Fedora 13 Update: cgit-0.8.2.1-4.fc13
2010-10-08 20:45:48
[SECURITY] Fedora 12 Update: cgit-0.8.2.1-4.fc12
2010-10-08 20:31:44
[SECURITY] Fedora 14 Update: cgit-0.8.2.1-4.fc14
2010-10-06 01:30:06
nessus
nessus
Debian DSA-2114-1 : git-core - buffer overflow
2010-09-27 00:00:00
FreeBSD : git -- buffer overflow vulnerability (827bc2b7-95ed-11df-9160-00e0815b8da8)
2010-07-23 00:00:00
Fedora 14 : cgit-0.8.2.1-4.fc14 (2010-15387)
2010-10-06 00:00:00
nvd
nvd
CVE-2010-2542
2010-08-11 18:47:50
ubuntucve
ubuntucve
CVE-2010-2542
2010-08-11 00:00:00
cbl_mariner
cbl_mariner
CVE-2010-2542 affecting package git 2.23.3-1
2021-05-06 23:56:46
cvelist
cvelist
CVE-2010-2542
2010-08-11 18:00:00
prion
prion
Stack overflow
2010-08-11 18:47:00
freebsd
freebsd
git -- buffer overflow vulnerability
2010-07-20 00:00:00
cve
cve
CVE-2010-2542
2010-08-11 18:47:50

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.003 Low

EPSS

Percentile

71.4%

JSON
Related for GLSA-201401-06
debian4openvas14osv1fedora4nessus9nvd1ubuntucve1cbl_mariner1cvelist1prion1freebsd1cve1