Debian DLA-1495-1 : git-annex security update

The git-annex package was found to have multiple vulnerabilities when operating on untrusted data that could lead to arbitrary command execution and encrypted data exfiltration. CVE-2017-12976 git-annex before 6.20170818 allows remote attackers to execute arbitrary commands via an ssh URL with an...

Design/Logic Flaw

httptransport.c in Fossil before 2.4, when the SSH sync protocol is used, allows user-assisted remote attackers to execute arbitrary commands via an ssh URL with an initial dash character in the hostname, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-12976, CVE-2017-14176,...

Design/Logic Flaw

Bazaar through 2.7.0, when Subprocess SSH is used, allows remote attackers to execute arbitrary commands via a bzr+ssh URL with an initial dash character in the hostname, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-12976, CVE-2017-16228, CVE-2017-1000116, and CVE-2017-1000117...

[SECURITY] [DSA 4010-1] git-annex security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4010-1 [email protected] https://www.debian.org/security/ Sebastien Delafond October 30, 2017 https://www.debian.org/security/faq -...

[SECURITY] [DSA 4010-1] git-annex security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4010-1 [email protected] https://www.debian.org/security/ Sebastien Delafond October 30, 2017 https://www.debian.org/security/faq -...

Arbitrary Command Execution

Dulwich is vulnerable to arbitrary command execution. When using the SSH subprocess, an attacker can use an ssh URL with the - dash character in the hostname.This is related to CVE-2017-9800, CVE-2017-12836, CVE-2017-12976, CVE-2017-1000116, and CVE-2017-1000117...

openSUSE Security Update : git-annex (openSUSE-2017-986)

This update for git-annex fixes the following issues : - CVE-2017-12976: Disallow hostname starting with a dash, which would get passed to ssh and be treated an option. This could be used by an attacker who provides a crafted repository url to cause the victim to execute arbitrary code via...

CVE-2017-12976

git-annex before 6.20170818 allows remote attackers to execute arbitrary commands via an ssh URL with an initial dash character in the hostname, as demonstrated by an ssh://-eProxyCommand= URL, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-1000116, and CVE-2017-1000117...

CVE-2017-12976

git-annex before 6.20170818 allows remote attackers to execute arbitrary commands via an ssh URL with an initial dash character in the hostname, as demonstrated by an ssh://-eProxyCommand= URL, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-1000116, and CVE-2017-1000117...

CVE-2017-12976

The CVE-2017-12976 issue affects git-annex prior to version 6.20170818, where an ssh URL with a hostname starting with a dash (for example ssh://-eProxyCommand=) can lead to remote command execution. Root cause: simplistic parsing of ssh URLs allows injection through the hostname. Impact is remot...