Code Injection in mateodelnorte/meta-git

Description The meta-git module is vulnerable against command injection since the user-supplied inputs are concatenated with a command which is executed without validation. POC 1. Create a new directory and insert some test files: bash mkdir tests cd tests touch test touch secret touch files 2...

Ispy - Eternalblue (MS17-010) / Bluekeep (CVE-2019-0708) Scanner And Exploit

ispy : Eternalbluems17-010/BluekeepCVE-2019-0708 Scanner and exploiter Metasploit automation How to install : git clone https://github.com/Cyb0r9/ispy.git cd ispy chmod +x setup.sh ./setup.sh Screenshots : Tested On : Parrot OS Kali linux Tutorial How to use ispy...

SUSE SLES12 Security Update : git (SUSE-SU-2018:4088-3)

This update for git fixes the following issue : CVE-2018-17456: Git allowed remote code execution during processing of a recursive 'git clone' of a superproject if a .gitmodules file has a URL field beginning with a '-' character. boo1110949. Note that Tenable Network Security has extracted the...

DEBIAN-CVE-2019-13139

In Docker before 18.09.4, an attacker who is capable of supplying or manipulating the build path for the "docker build" command would be able to gain command execution. An issue exists in the way "docker build" processes remote git URLs, and results in command injection into the underlying "git...

Command injection

In Docker before 18.09.4, an attacker who is capable of supplying or manipulating the build path for the "docker build" command would be able to gain command execution. An issue exists in the way "docker build" processes remote git URLs, and results in command injection into the underlying "git...

CVE-2019-13139

In Docker before 18.09.4, an attacker who is capable of supplying or manipulating the build path for the "docker build" command would be able to gain command execution. An issue exists in the way "docker build" processes remote git URLs, and results in command injection into the underlying "git...

CVE-2019-13139

In Docker before 18.09.4, an attacker who is capable of supplying or manipulating the build path for the "docker build" command would be able to gain command execution. An issue exists in the way "docker build" processes remote git URLs, and results in command injection into the underlying "git...

NewStart CGSL CORE 5.04 / MAIN 5.04 : git Vulnerability (NS-SA-2019-0027)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has git packages installed that are affected by a vulnerability: - In Git before 2.13.7, 2.14.x before 2.14.4, 2.15.x before 2.15.2, 2.16.x before 2.16.4, and 2.17.x before 2.17.1, remote code execution can occur. With a crafte...

SET v8.0.1 - The Social-Engineer Toolkit

Copyright 2019 The Social-Engineer Toolkit SET Written by: David Kennedy ReL1K Company: TrustedSec DISCLAIMER: This is only for testing purposes and can only be used where strict consent has been given. Do not use this for illegal purposes, period. Please read the LICENSE under readme/LICENSE for...

Facebash - Facebook Brute Forcer In Shellscript Using TOR

Facebook Brute Forcer in shellscript using TOR IG: @thelinuxchoice Legal disclaimer: Usage of Facebash for attacking targets without prior mutual consent is illegal. It's the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not...

Hashboy-Tool - A Hash Query Tool

Hashboy was redeveloped onhash-buster Author:Leiothrix How to install $git clone https://github.com/sf197/hashboy-tool $cd hashboy-tool $python3 hashboy.py How to use $ python3 hashboy.py / / / / / / / / / / / / / / / / / / / / // / / / // / // / // / // //,/// //.//, / // Author:Leiothrix...

Atlassian SourceTree 0.5a < 3.0.17 Multiple remote code execution vulnerabilities

The version of Atlassian SourceTree installed on the remote Windows host is version 0.5a prior to 3.0.17. It is, therefore, affected by multiple remote code execution vulnerabilities. - An option injection vulnerability exists in the git submodule component. An unauthenticated, remote attacker ca...

Remote Code Execution (RCE)

github.com/src-d/go-git is vulnerable to remote code execution RCE attacks. A malicious user can pass a .gitmodules file to the application to cause arbitrary code to be executed on a target machine that runs the git clone --recurse-submodules command. This is related to CVE-2018-11235...

Remote Code Execution (RCE)

rh-git29-git is vulnerable to remote code execution RCE attacks. The vulnerability exists as a malicious third-party can give a crafted "ssh://..." URL to an unsuspecting victim, and an attempt to visit the URL can result in any program that exists on the victim's machine being executed. Such a U...

SUSE SLES12 Security Update : git (SUSE-SU-2018:4088-1)

This update for git fixes the following issue : CVE-2018-17456: Git allowed remote code execution during processing of a recursive 'git clone' of a superproject if a .gitmodules file has a URL field beginning with a '-' character. boo1110949. Note that Tenable Network Security has extracted the...

Important: git

Issue Overview: Git before 2.14.5, allows remote code execution during processing of a recursive "git clone" of a superproject if a .gitmodules file has a URL field beginning with a '-' character.CVE-2018-17456 Affected Packages: git Note: This advisory is applicable to Amazon Linux 2 AL2 Core...

Amazon Linux AMI : git (ALAS-2018-1093)

Git before 2.14.5, allows remote code execution during processing of a recursive 'git clone' of a superproject if a .gitmodules file has a URL field beginning with a '-' character.CVE-2018-17456 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted...

Important: git

Issue Overview: Git before 2.14.5, allows remote code execution during processing of a recursive "git clone" of a superproject if a .gitmodules file has a URL field beginning with a '-' character.CVE-2018-17456 Affected Packages: git Issue Correction: Run yum update git or yum update --advisory...

openSUSE Security Update : git (openSUSE-2018-1147)

This update for git fixes the following issues : - CVE-2018-17456: Git allowed remote code execution during processing of a recursive 'git clone' of a superproject if a .gitmodules file has a URL field beginning with a '-' character. boo1110949. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

Git Submodule Arbitrary Code Execution

These releases fix a security flaw CVE-2018-17456, which allowed an attacker to execute arbitrary code by crafting a malicious .gitmodules file in a project cloned with --recurse-submodules. When running "git clone --recurse-submodules", Git parses the supplied .gitmodules file for a URL field an...