openSUSE Security Update : git (openSUSE-SU-2011:0115-1)

This update fixes two vulnerabilities : XSS vulnerability in gitweb; a remote attacker could craft an URL such that arbitrary content would be inserted to the generated web page. Stack overflow vulnerability that can lead to arbitrary code execution if user runs any git command on a specially...

openSUSE Security Update : git (openSUSE-SU-2013:0380-1)

git imap-send was fixed to do SSL host verification. This can be disabled if necessary in the config file. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2013-170. The text descripti...

Hide passwords in ps aux for https git tasks

When git checkout tasks configured to use HTTPS run, the user and password are exposed in ps aux: noformat bamboo 15138 0.0 0.0 86752 2224 ? S May20 0:00 git-remote-https https://gituser:[email protected]/scm/consumer/XXXX.git...

WPScan - WordPress Security Scanner

WPScan is a black box WordPress vulnerability scanner. Features Username enumeration from author querystring and location header Weak password cracking multithreaded Version enumeration from generator meta tag and from client side files Vulnerability enumeration based on version Plugin enumeratio...

FreeType 'src/cff/cf2ft.c'远程拒绝服务漏洞

BUGTRAQ ID: 66292 CVE ID:CVE-2014-2241 FreeType是一个流行的字体函数库。 FreeType 'src/cff/cf2ft.c'中的cf2initLocalRegionBuffer, cf2initGlobalRegionBuffer函数存在一个断言失败错误，允许攻击者利用漏洞构建恶意字体，诱使应用解析，可使应用程序崩溃。 0 FreeType 2.5.3 厂商补丁： FreeType ----- 用户可参考厂商的GIT库以获得补丁修复此漏洞：...

[SECURITY] Fedora 19 Update: ikiwiki-3.20140125-1.fc19

Ikiwiki is a wiki compiler. It converts wiki pages into HTML pages suitable for publishing on a website. Ikiwiki stores pages and history in a revision control system such as Subversion or Git. There are many other features, including support for blogging, as well as a large array of plugins...

GLSA-201401-06 : Git: Privilege escalation

The remote host is affected by the vulnerability described in GLSA-201401-06 Git: Privilege escalation Git contains a stack-based buffer overflow in the isgitdirectory function in setup.c. Impact : A local attacker could gain escalated privileges via a specially crafted git repository. Workaround...

Git: Privilege escalation

Background Git is a free and open source distributed version control system designed to handle everything from small to very large projects with speed and efficiency. Description Git contains a stack-based buffer overflow in the isgitdirectory function in setup.c. Impact A local attacker could ga...

Archlinux Ultimate Install Script

Install and configure archlinux has never been easier! You can try it first with a virtualbox Prerequisites A working internet connection Logged in as ‘root’ How to get it With git Increase cowspace partition: mount -o remount,size=2G /run/archiso/cowspace Get list of packages and install git:...

Bamboo exposes username and password if Git checkout fails.

If the repository checkout fails, the username and password are exposed in plain text on the web interface and in the logs. To reproduce: Environment: on-demand instance version 5.2-OD-4, Build 4004 Create a plan that checks out a git repository using https with authentication. Run plan Do...

Bamboo exposes username and password if Git checkout fails.

If the repository checkout fails, the username and password are exposed in plain text on the web interface and in the logs. To reproduce: Environment: on-demand instance version 5.2-OD-4, Build 4004 Create a plan that checks out a git repository using https with authentication. Run plan Do...

git / Apple Xcode certificate spoofing

Git certificate spoofing...

[Capture the flag] Remaster Linux Live CD images for wargames

Remaster Linux Live CD images for the purpose of creating ready to use security wargames with pre-installed vulnerabilities to exploit. Requirements You will need the following in order to build the Live CD using the scripts in this project: Linux, with root access using sudo git make, gcc -- for...

Oracle Linux 6 : git (ELSA-2013-0589)

The remote Oracle Linux 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2013-0589 advisory. - fix CVE-2013-0308 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not tested for...

Oracle Linux 6 : git (ELSA-2010-1003)

The remote Oracle Linux 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2010-1003 advisory. 1.7.1-2.1 - fix CVE-2010-3906 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not...

[SECURITY] Fedora 17 Update: cgit-0.9.2-1.fc17

Cgit is a fast web interface for git. It uses caching to increase performa nce...

[SECURITY] Fedora 18 Update: cgit-0.9.2-1.fc18

Cgit is a fast web interface for git. It uses caching to increase performa nce...

[SECURITY] Fedora 19 Update: cgit-0.9.2-1.fc19

Cgit is a fast web interface for git. It uses caching to increase performa nce...

Fedora 18 : libXres-1.0.6-5.20130524gitf46818496.fc18 (2013-9141)

Update to latest git for CVE-2013-1988 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL...

Fedora 19 : libXcursor-1.1.13-5.20130524git8f677eaea.fc19 (2013-9096)

Update to latest git to fix the following CVEs: CVE-2013-2003 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...