Lucene search
K

87 matches found

OpenVAS
OpenVAS
added 2018/02/06 12:0 a.m.74 views

Debian: Security Advisory (DLA-1144-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.2AI score
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2018/01/15 12:0 a.m.20 views

Fedora 27 : git-annex (2017-fb1ae91f46)

Update to 6.20170925 - https://hackage.haskell.org/package/git-annex-6.20170925/changelog Security fix for CVE-2017-12976. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean...

8.8CVSS7AI score0.0267EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2017/11/23 12:0 a.m.23 views

Fedora Update for git-annex FEDORA-2017-fb1ae91f46

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8.2AI score0.0267EPSS
Exploits0References2
Fedora
Fedora
added 2017/11/14 3:34 p.m.37 views

[SECURITY] Fedora 27 Update: git-annex-6.20170925-3.fc27

Git-annex allows managing files with git, without checking the file contents into git. While that may seem paradoxical, it is useful when dealing with f iles larger than git can currently easily handle, whether due to limitations in memory, time, or disk space. It can store large files in many...

8.8CVSS0.6AI score0.0267EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2017/10/31 12:0 a.m.31 views

Debian DSA-4010-1 : git-annex - security update

It was discovered that git-annex, a tool to manage files with git without checking their contents in, did not correctly handle maliciously constructed ssh:// URLs. This allowed an attacker to run an arbitrary shell command. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text...

8.8CVSS7.2AI score0.0267EPSS
Exploits0References5
Debian
Debian
added 2017/10/30 7:42 a.m.61 views

[SECURITY] [DSA 4010-1] git-annex security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4010-1 [email protected] https://www.debian.org/security/ Sebastien Delafond October 30, 2017 https://www.debian.org/security/faq -...

6.8CVSS2.5AI score0.0267EPSS
Exploits0
Debian
Debian
added 2017/10/30 7:42 a.m.52 views

[SECURITY] [DSA 4010-1] git-annex security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4010-1 [email protected] https://www.debian.org/security/ Sebastien Delafond October 30, 2017 https://www.debian.org/security/faq -...

8.8CVSS9.2AI score0.0267EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2017/10/30 12:0 a.m.51 views

Debian DLA-1144-1 : git-annex security update

git-annex before 6.20170818 allows remote attackers to execute arbitrary commands via an ssh URL with an initial dash character in the hostname, as demonstrated by an ssh://-eProxyCommand= URL, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-1000116, and CVE-2017-1000117. For Debian 7...

10CVSS7.3AI score0.77823EPSS
Exploits12References3
OSV
OSV
added 2017/10/30 12:0 a.m.31 views

DSA-4010-1 git-annex - security update

Bulletin has no description...

8.8CVSS9.1AI score0.0267EPSS
Exploits0
OpenVAS
OpenVAS
added 2017/10/29 12:0 a.m.35 views

Debian: Security Advisory (DSA-4010-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8.2AI score0.0267EPSS
Exploits0References3
Debian
Debian
added 2017/10/27 3:29 p.m.39 views

[SECURITY] [DLA 1144-1] git-annex security update

Package : git-annex Version : 3.20120629+deb7u1 CVE ID : CVE-2017-12976 Debian Bug : 873088 git-annex before 6.20170818 allows remote attackers to execute arbitrary commands via an ssh URL with an initial dash character in the hostname, as demonstrated by an ssh://-eProxyCommand= URL, a related...

10CVSS6.9AI score0.77823EPSS
Exploits12
OSV
OSV
added 2017/10/26 12:0 a.m.27 views

DLA-1144-1 git-annex - security update

Bulletin has no description...

8.8CVSS9.1AI score0.0267EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2017/08/31 12:0 a.m.32 views

openSUSE Security Update : git-annex (openSUSE-2017-986)

This update for git-annex fixes the following issues : - CVE-2017-12976: Disallow hostname starting with a dash, which would get passed to ssh and be treated an option. This could be used by an attacker who provides a crafted repository url to cause the victim to execute arbitrary code via...

8.8CVSS7.2AI score0.0267EPSS
Exploits0References2
CNVD
CNVD
added 2017/08/21 12:0 a.m.3 views

git-annex Arbitrary Command Execution Vulnerability

git-annex is a distributed file synchronization system. A security vulnerability exists in git-annex versions prior to 6.20170818. A remote attacker can use an ssh URL with an initial dash in the hostname to execute arbitrary commands...

8.8CVSS9.4AI score0.0267EPSS
Exploits0References1
OSV
OSV
added 2017/08/20 8:29 p.m.11 views

CVE-2017-12976

git-annex before 6.20170818 allows remote attackers to execute arbitrary commands via an ssh URL with an initial dash character in the hostname, as demonstrated by an ssh://-eProxyCommand= URL, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-1000116, and CVE-2017-1000117...

8.8CVSS9.1AI score
Exploits0References5
OSV
OSV
added 2017/08/20 8:29 p.m.2 views

UBUNTU-CVE-2017-12976

git-annex before 6.20170818 allows remote attackers to execute arbitrary commands via an ssh URL with an initial dash character in the hostname, as demonstrated by an ssh://-eProxyCommand= URL, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-1000116, and CVE-2017-1000117...

8.8CVSS7.6AI score0.0267EPSS
Exploits0References5
Prion
Prion
added 2017/08/20 8:29 p.m.40 views

Sql injection

git-annex before 6.20170818 allows remote attackers to execute arbitrary commands via an ssh URL with an initial dash character in the hostname, as demonstrated by an ssh://-eProxyCommand= URL, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-1000116, and CVE-2017-1000117...

6.8CVSS8.6AI score0.77823EPSS
Exploits12References5Affected Software1
NVD
NVD
added 2017/08/20 8:29 p.m.27 views

CVE-2017-12976

git-annex before 6.20170818 allows remote attackers to execute arbitrary commands via an ssh URL with an initial dash character in the hostname, as demonstrated by an ssh://-eProxyCommand= URL, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-1000116, and CVE-2017-1000117...

8.8CVSS8.7AI score0.0267EPSS
Exploits0References5
OSV
OSV
added 2017/08/20 8:29 p.m.4 views

DEBIAN-CVE-2017-12976

git-annex before 6.20170818 allows remote attackers to execute arbitrary commands via an ssh URL with an initial dash character in the hostname, as demonstrated by an ssh://-eProxyCommand= URL, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-1000116, and CVE-2017-1000117...

8.8CVSS9AI score0.0267EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2017/08/20 8:0 p.m.55 views

CVE-2017-12976

git-annex before 6.20170818 allows remote attackers to execute arbitrary commands via an ssh URL with an initial dash character in the hostname, as demonstrated by an ssh://-eProxyCommand= URL, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-1000116, and CVE-2017-1000117...

8.8CVSS9AI score0.0267EPSS
Exploits0
Rows per page
Query Builder