gitWeb v1.5.2 Remote Command Execution

Exploit for unknown platform in category remote exploits ====================================== gitWeb v1.5.2 Remote Command Execution ====================================== Exploit Title: gitWeb remote command execution Date: 2009.06.19 Author: S2 Crew Hungary Software Link: - Version: GIT 1.5.2...

Debian Security Advisory DSA 1777-1 (git-core)

The remote host is missing an update to git-core announced via advisory DSA 1777-1. OpenVAS Vulnerability Test $Id: deb17771.nasl 6615 2017-07-07 12:09:52Z cfischer $ Description: Auto-generated from advisory DSA 1777-1 git-core Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...

Fedora 10 : git-1.6.0.6-1.fc10 (2008-11678)

This update fixes a local privilege escalation bug in gitweb. For details: http://article.gmane.org/gmane.comp.version-control.git/103624 There are also a number of bugs fixed upstream. For details, see the upstream release notes: http://www.kernel.org/pub/software/scm/git/docs/RelNotes-1.6.0.6.t...

GLSA-200903-15 : git: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200903-15 git: Multiple vulnerabilities Multiple vulnerabilities have been reported in gitweb that is part of the git package: Shell metacharacters related to gitsearch are not properly sanitized CVE-2008-5516. Shell metacharacter...

git: Multiple vulnerabilties

Background GIT - the stupid content tracker, the revision control system used by the Linux kernel team. Description Multiple vulnerabilities have been reported in gitweb that is part of the git package: Shell metacharacters related to gitsearch are not properly sanitized CVE-2008-5516. Shell...

USN-723-1: Git vulnerabilities

It was discovered that Git did not properly handle long file paths. If a user were tricked into performing commands on a specially crafted Git repository, an attacker could possibly execute arbitrary code with the privileges of the user invoking the program. CVE-2008-3546 It was discovered that t...

CVE-2008-5916

gitweb/gitweb.perl in gitweb in Git 1.6.x before 1.6.0.6, 1.5.6.x before 1.5.6.6, 1.5.5.x before 1.5.5.6, 1.5.4.x before 1.5.4.7, and other versions after 1.4.3 allows local repository owners to execute arbitrary commands by modifying the diff.external configuration variable and executing a craft...

CVE-2008-5916

gitweb/gitweb.perl in gitweb in Git 1.6.x before 1.6.0.6, 1.5.6.x before 1.5.6.6, 1.5.5.x before 1.5.5.6, 1.5.4.x before 1.5.4.7, and other versions after 1.4.3 allows local repository owners to execute arbitrary commands by modifying the diff.external configuration variable and executing a craft...

CVE-2008-5916

CVE-2008-5916 affects gitweb/gitweb.perl in Git 1.6.x (before 1.6.0.6), 1.5.x, 1.4.x and newer, allowing a local repository owner to execute arbitrary commands by modifying the diff.external configuration and issuing a crafted gitweb query. The vulnerability stems from how gitweb processes the di...

CVE-2008-5516

The web interface in git gitweb 1.5.x before 1.5.5 allows remote attackers to execute arbitrary commands via shell metacharacters related to gitsearch...

CVE-2008-5516

CVE-2008-5516 affects Git-related web interface gitweb (1.5.x up to 1.5.5). The issue arises in the gitweb.cgi script’s handling of git_search input, where shell metacharacters are not properly sanitized, enabling an unauthenticated remote attacker to execute arbitrary commands on the server with...

CVE-2008-5516

The web interface in git gitweb 1.5.x before 1.5.5 allows remote attackers to execute arbitrary commands via shell metacharacters related to gitsearch...

DSA-1708-1 git-core - remote code execution

Bulletin has no description...

CVE-2008-5517

The web interface in git gitweb 1.5.x before 1.5.6 allows remote attackers to execute arbitrary commands via shell metacharacters related to 1 gitsnapshot and 2 gitobject...

Git gitweb 'diff.external'本地特权提升漏洞

BUGTRAQ ID: 32967 Git是一款是用于Linux内核开发的版本控制工具。 Git gitweb存在一个本地特权提升缺陷，允许恶意知识库属主通过在他的知识库中指定diff.external配置变量并运行特殊构建的gitweb查询，可导致执行任意命令。 GIT GIT 1.6 5 GIT GIT 1.5.6 5 GIT GIT 1.5.6 .4 GIT GIT 1.5.6 .3 GIT GIT 1.5.5 5 GIT GIT 1.5.4 6 GIT GIT 1.1.5 GIT GIT 1.1.4 升级程序： GIT GIT 1.5.4 6 GIT...

Fedora 9 : git-1.5.6.6-1.fc9 (2008-11650)

This update fixes a local privilege escalation bug in gitweb. For details: http://article.gmane.org/gmane.comp.version-control.git/103624 Additionally, gitk has been added as a requirement of git-gui bug 476308 and perlNet::SMTP::SSL has been added as a requirement of git-send-email bug 443615...

git -- gitweb privilege escalation

Git maintainers report: gitweb has a possible local privilege escalation bug that allows a malicious repository owner to run a command of his choice by specifying diff.external configuration variable in his repository and running a crafted gitweb query...

rPSA-2008-0253-1 git gitweb

rPath Security Advisory: 2008-0253-1 Published: 2008-08-12 Products: rPath Linux 2 Rating: Minor Exposure Level Classification: Indirect Non-deterministic Denial of Service Updated Versions: git=conary.rpath.com@rpl:2/1.5.6.4-1-0.1 gitweb=conary.rpath.com@rpl:2/1.5.6.4-1-0.1 rPath Issue Tracking...