DSA-1708-1 git-core - remote code execution

Bulletin has no description...

CVE-2008-5517

The web interface in git gitweb 1.5.x before 1.5.6 allows remote attackers to execute arbitrary commands via shell metacharacters related to 1 gitsnapshot and 2 gitobject...

CVE-2008-5517

CVE-2008-5517 affects the Git web interface (gitweb) 1.5.x up to 1.5.5, where gitweb.cgi fails to sanitize input and can pass shell metacharacters to a shell via git_snapshot/git_object, enabling remote command execution. Connected advisories (Ubuntu USN-723-1, Slackware SSA-2009-051-02, OpenVAS ...

CVE-2008-5517

The web interface in git gitweb 1.5.x before 1.5.6 allows remote attackers to execute arbitrary commands via shell metacharacters related to 1 gitsnapshot and 2 gitobject...

openSUSE 10 Security Update : git (git-5892)

Insufficient quoting of shell characters allowed remote attackers to execute arbitrary commands via the git web interface CVE-2008-5517 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update git-5892...

Git gitweb 'diff.external'本地特权提升漏洞

BUGTRAQ ID: 32967 Git是一款是用于Linux内核开发的版本控制工具。 Git gitweb存在一个本地特权提升缺陷，允许恶意知识库属主通过在他的知识库中指定diff.external配置变量并运行特殊构建的gitweb查询，可导致执行任意命令。 GIT GIT 1.6 5 GIT GIT 1.5.6 5 GIT GIT 1.5.6 .4 GIT GIT 1.5.6 .3 GIT GIT 1.5.5 5 GIT GIT 1.5.4 6 GIT GIT 1.1.5 GIT GIT 1.1.4 升级程序： GIT GIT 1.5.4 6 GIT...

Fedora 9 : git-1.5.6.6-1.fc9 (2008-11650)

This update fixes a local privilege escalation bug in gitweb. For details: http://article.gmane.org/gmane.comp.version-control.git/103624 Additionally, gitk has been added as a requirement of git-gui bug 476308 and perlNet::SMTP::SSL has been added as a requirement of git-send-email bug 443615...

Fedora 8 : git-1.5.4.3-3.fc8 (2008-11653)

This update fixes a local privilege escalation bug in gitweb. For details: http://article.gmane.org/gmane.comp.version-control.git/103624 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to...

[SECURITY] Fedora 10 Update: git-1.6.0.6-1.fc10

Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. The git rpm installs the core tools with minimal dependencies. To install all git packages, including tools for integrating with...

[SECURITY] Fedora 8 Update: git-1.5.4.3-3.fc8

Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. This is a dummy package which brings in all subpackages...

[SECURITY] Fedora 9 Update: git-1.5.6.6-1.fc9

Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. The git rpm installs the core tools with minimal dependencies. To install all git packages, including tools for integrating with...

git -- gitweb privilege escalation

Git maintainers report: gitweb has a possible local privilege escalation bug that allows a malicious repository owner to run a command of his choice by specifying diff.external configuration variable in his repository and running a crafted gitweb query...

Fedora 9 : git-1.5.6.5-1.fc9 (2008-9080)

---------------------------------------------------------------------- ---------- ChangeLog : - Wed Oct 22 2008 Josh Boyer 1.5.6.5-1 - git-1.5.6.5 bug 458156 - Mon May 26 2008 James Bowes 1.5.5.2-1 - git-1.5.5.2 - Fri May 23 2008 Dennis Gilmore 1.5.5.1-1.1 - minor rebuild for sparc Note that...

[SECURITY] Fedora 9 Update: git-1.5.6.5-1.fc9

Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. The git rpm installs the core tools with minimal dependencies. To install all git packages, including tools for integrating with...

Gentoo Security Advisory GLSA 200809-16 (git)

The remote host is missing updates announced in advisory GLSA 200809-16. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Gentoo Security Advisory GLSA 200809-16 (git)

The remote host is missing updates announced in advisory GLSA 200809-16. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

GLSA-200809-16 : Git: User-assisted execution of arbitrary code

The remote host is affected by the vulnerability described in GLSA-200809-16 Git: User-assisted execution of arbitrary code Multiple boundary errors in the functions diffaddremove and diffchange when processing overly long repository path names were reported. Impact : A remote attacker could enti...

Git: User-assisted execution of arbitrary code

Background Git is a distributed version control system. Description Multiple boundary errors in the functions diffaddremove and diffchange when processing overly long repository path names were reported. Impact A remote attacker could entice a user to run commands like "git-diff" or "git-grep" on...

Debian Security Advisory DSA 1637-1 (git-core)

The remote host is missing an update to git-core announced via advisory DSA 1637-1. OpenVAS Vulnerability Test $Id: deb16371.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1637-1 git-core Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

Debian: Security Advisory (DSA-1637-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...