Kallithea 0.2.9 - 'came_from' HTTP Response Splitting

Kallithea 0.2.9 camefrom HTTP Response Splitting Vulnerability Vendor: Kallithea Product web page: https://www.kallithea-scm.org Version affected: 0.2.9 and 0.2.2 Summary: Kallithea, a member project of Software Freedom Conservancy, is a GPLv3'd, Free Software source code management system that...

Kallithea 0.2.9 (came_from) HTTP Response Splitting Vulnerability

Summary Kallithea, a member project of Software Freedom Conservancy, is a GPLv3'd, Free Software source code management system that supports two leading version control systems, Mercurial and Git, and has a web interface that is easy to use for users and admins. Description Kallithea suffers from...

Oracle: Security Advisory (ELSA-2010-1003)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Gentoo Security Advisory GLSA 201401-06

Gentoo Linux Local Security Checks GLSA 201401-06 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...

Gentoo Security Advisory GLSA 201509-06

Gentoo Linux Local Security Checks GLSA 201509-06 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...

Git 1.9.5 - ssh-agent.exe Buffer Overflow (PoC)

Git 1.9.5 - ssh-agent.exe Buffer Overflow PoC ''' + Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AS-GIT-SSH-AGENT-BUFF-OVERFLOW.txt Vendor: ================================ git-scm.com Product: ================================...

Git-1.9.5 ssh-agent.exe Buffer Overflow Exploit

Exploit for windows platform in category dos / poc Vendor: ================================ git-scm.com Product: ================================ Git-1.9.5-preview20150319.exe github.com/msysgit/msysgit/releases/tag/Git-1.9.5-preview20150319 Vulnerability Type: =================== Buffer Overflow...

Git 1.9.5 - 'ssh-agent.exe' Buffer Overflow (PoC)

''' + Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AS-GIT-SSH-AGENT-BUFF-OVERFLOW.txt Vendor: ================================ git-scm.com Product: ================================ Git-1.9.5-preview20150319.exe...

Git 1.9.5 Buffer Overflow

Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AS-GIT-SSH-AGENT-BUFF-OVERFLOW.txt Vendor: ================================ git-scm.com Product: ================================ Git-1.9.5-preview20150319.exe...

GLSA-201509-06 : Git: Arbitrary command execution

The remote host is affected by the vulnerability described in GLSA-201509-06 Git: Arbitrary command execution A vulnerability in Git causing Git-compatible clients that access case-insensitive or case-normalizing filesystems to overwrite the .git/config when cloning or checking out a repository,...

Git: Arbitrary command execution

Background Git is a free and open source distributed version control system designed to handle everything from small to very large projects with speed and efficiency. Description A vulnerability in Git causing Git-compatible clients that access case-insensitive or case-normalizing filesystems to...

Git -- Execute arbitrary code

Git release notes: Some protocols like git-remote-ext can execute arbitrary code found in the URL. The URLs that submodules use may come from arbitrary sources e.g., .gitmodules files in a remote repository, and can hurt those who blindly enable recursive fetch. Restrict the allowed protocols to...

Updated cgit package fixes security vulnerability

cgit in Mageia 4/5 bundles an old git that is being subject to a minor security issue CVE-2014-9390. The cgit package was updated to its latest upstream release, and updates the bundled git to the non-vulnerable version 2.5.0, which contains various bug fixes...

XSS Payload Management Framework: Sleepy Puppy

Sleepy Puppy is a cross-site scripting XSS payload management framework which simplifies the ability to capture, manage, and track XSS propagation over long periods of time. Why Should I use Sleepy Puppy? Often when testing for client side injections HTML/JS/etc. security engineers are looking fo...

Windows shell: Babun

Would you like to use a linux-like console on a Windows host without a lot of fuzz? Try out babun! Installation Just download the dist file from http://babun.github.io , unzip it and run the install.bat script. After a few minutes babun starts automatically. The application will be installed to t...

openSUSE Security Update : cgit (openSUSE-2015-436)

The git web frontend cgit was updated to 0.11.2 to fix security issues and bugs. The following vulnerabilities were fixed : - CVE-2014-9390: arbitrary command execution vulnerability on case-insensitive file systems in git. Malicious commits could affect client users on all platforms using...

MITMf - Framework for Man-In-The-Middle attacks

Framework for Man-In-The-Middle attacks Available plugins SMBtrap - Exploits the 'SMB Trap' vulnerability on connected clients Screenshotter - Uses HTML5 Canvas to render an accurate screenshot of a clients browser Responder - LLMNR, NBT-NS, WPAD and MDNS poisoner SSLstrip+ - Partially bypass...

Debian Security Advisory DSA 3275-1 (fusionforge - security update)

Ansgar Burchardt discovered that the Git plugin for FusionForge, a web-based project-management and collaboration software, does not sufficiently validate user provided input as parameter to the method to create secondary Git repositories. A remote attacker can use this flaw to execute arbitrary...

DLA-231-1 dulwich - security update

Bulletin has no description...

GitHub .git/hooks 命令执行漏洞

No description provided by source...