57 matches found
Exploit for Path Traversal in Debian Debian_Linux
CVE-2018-11235 1. ssh to your vps. 2. Clone this repo: ba...
BELL-CVE-2018-11235 CVE-2018-11235 does not affect BellSoft software
Bulletin has no description...
Mageia: Security Advisory (MGASA-2018-0267)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2018:2469-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2018:1872-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
centarnekretnine.me Cross Site Scripting vulnerability OBB-2008512
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| centarnekretnine.me ---|--- Open Bug...
SUSE: Security Advisory (SUSE-SU-2018:1566-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Git Submodules Directory Traversal (CVE-2018-11235)
A directory traversal vulnerability exists in the Git client. The vulnerability is due to insufficient validation of submodule names in the .gitmodules file during checkout. Successful exploitation of this vulnerability could enable the attacker to execute arbitrary scripts on the target system...
Huawei EulerOS: Security Advisory for git (EulerOS-SA-2019-1420)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for git (EulerOS-SA-2018-1216)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for git (EulerOS-SA-2018-1215)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization for ARM 64 3.0.1.0 : git (EulerOS-SA-2019-1385)
According to the versions of the git packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - In Git before 2.13.7, 2.14.x before 2.14.4, 2.15.x before 2.15.2, 2.16.x before 2.16.4, and 2.17.x before 2.17.1, remote...
Remote Code Execution (RCE)
github.com/src-d/go-git is vulnerable to remote code execution RCE attacks. A malicious user can pass a .gitmodules file to the application to cause arbitrary code to be executed on a target machine that runs the git clone --recurse-submodules command. This is related to CVE-2018-11235...
Fedora 28 : git (2018-75f7624a9f)
Upstream security fixes related to .gitmodules handling. From the upstream announcement : - Submodule 'names' come from the untrusted .gitmodules file, but we blindly append them to $GITDIR/modules to create our on-disk repo paths. This means you can do bad things by putting '../' into the name. ...
Fedora 28 : libgit2 (2018-b10e54263a)
Update to 0.26.4 CVE-2018-11235 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 7030...
SUSE SLED15 / SLES15 Security Update : git (SUSE-SU-2018:1872-1)
This update for git to version 2.16.4 fixes several issues. These security issues were fixed : - CVE-2018-11233: Path sanity-checks on NTFS allowed attackers to read arbitrary memory bsc1095218 - CVE-2018-11235: Arbitrary code execution when recursively cloning a malicious repository bsc1095219...
openSUSE Security Update : libgit2 (openSUSE-2018-1314)
This update for libgit2 fixes the following issues : - CVE-2018-8099: Fixed possible denial of service attack via different vectors by not being able to differentiate between these status codes bsc1085256. - CVE-2018-11235: With a crafted .gitmodules file, a malicious project can execute an...
openSUSE: Security Advisory for libgit2 (openSUSE-SU-2018:3519-1)
The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
SUSE SLES12 Security Update : git (SUSE-SU-2018:1566-2)
This update for git fixes several issues. These security issues were fixed : CVE-2018-11233: Path sanity-checks on NTFS allowed attackers to read arbitrary memory bsc1095218 CVE-2018-11235: Arbitrary code execution when recursively cloning a malicious repository bsc1095219 Note that Tenable Netwo...
Fedora Update for libgit2 FEDORA-2018-42eab0f5b9
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...