Lucene search
K

35 matches found

Cvelist
Cvelist
added 2024/05/14 7:15 p.m.61 views

CVE-2024-32021 Local Git clone may hardlink arbitrary user-readable files into the new repository's "objects/" directory

Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, when cloning a local source repository that contains symlinks via the filesystem, Git may create hardlinks to arbitrary user-readable files on the same filesystem as the target reposito...

3.9CVSS7.3AI score0.00956EPSS
Exploits1References4
OSV
OSV
added 2024/05/14 7:15 p.m.3 views

ALPINE-CVE-2024-32020

Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, local clones may end up hardlinking files into the target repository's object database when source and target repository reside on the same disk. If the source repository is owned by a...

3.3CVSS6.5AI score0.00519EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2024/05/14 7:15 p.m.30 views

CVE-2024-32020

Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, local clones may end up hardlinking files into the target repository's object database when source and target repository reside on the same disk. If the source repository is owned by a...

3.9CVSS6.7AI score0.00519EPSS
Exploits1References6
Cvelist
Cvelist
added 2024/05/14 6:54 p.m.47 views

CVE-2024-32020 Cloning local Git repository by untrusted user allows the untrusted user to modify objects in the cloned repository at will

Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, local clones may end up hardlinking files into the target repository's object database when source and target repository reside on the same disk. If the source repository is owned by a...

3.9CVSS6.5AI score0.00519EPSS
Exploits1References5
CVE
CVE
added 2024/05/14 6:54 p.m.343 views

CVE-2024-32020

CVE-2024-32020 concerns Git’s local clone optimization on the same disk, where source and target repositories owned by different users may result in hardlinked files in the target’s object database that can be rewritten by an untrusted user. Affected Git versions prior to 2.45.1, 2.44.1, 2.43.4, ...

3.9CVSS5.9AI score0.00519EPSS
Exploits1References5Affected Software1
Debian CVE
Debian CVE
added 2024/05/14 6:54 p.m.28 views

CVE-2024-32020

Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, local clones may end up hardlinking files into the target repository's object database when source and target repository reside on the same disk. If the source repository is owned by a...

3.9CVSS6.9AI score0.00519EPSS
Exploits1
AlpineLinux
AlpineLinux
added 2024/05/14 6:54 p.m.29 views

CVE-2024-32020

Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, local clones may end up hardlinking files into the target repository's object database when source and target repository reside on the same disk. If the source repository is owned by a...

3.9CVSS6.4AI score0.00519EPSS
Exploits1
Packet Storm
Packet Storm
added 2017/01/27 12:0 a.m.94 views

Man-db 2.6.7.1 Privilege Escalation

/ EDB Note: man:man - man:root http://www.halfdog.net/Security/2015/SetgidDirectoryPrivilegeEscalation/ man:root - root:root http://www.halfdog.net/Security/2015/MandbSymlinkLocalRootPrivilegeEscalation/ CreateSetgidBinary.c...

0.8AI score0.01047EPSS
Exploits3
0day.today
0day.today
added 2017/01/26 12:0 a.m.52 views

Man-db 2.6.7.1 - Privilege Escalation Exploit

Exploit for linux platform in category local exploits / EDB Note: man:man - man:root http://www.halfdog.net/Security/2015/SetgidDirectoryPrivilegeEscalation/ man:root - root:root http://www.halfdog.net/Security/2015/MandbSymlinkLocalRootPrivilegeEscalation/ CreateSetgidBinary.c...

7.2CVSS0.4AI score0.01047EPSS
Exploits3
Exploit DB
Exploit DB
added 2015/12/02 12:0 a.m.44 views

Man-db 2.6.7.1 - Local Privilege Escalation

/ EDB Note: man:man - man:root http://www.halfdog.net/Security/2015/SetgidDirectoryPrivilegeEscalation/ man:root - root:root http://www.halfdog.net/Security/2015/MandbSymlinkLocalRootPrivilegeEscalation/ CreateSetgidBinary.c...

7.4AI score
Exploits0
OpenVAS
OpenVAS
added 2009/03/23 12:0 a.m.21 views

Ubuntu Update for postfix vulnerability USN-636-1

Ubuntu Update for Linux kernel vulnerabilities USN-636-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN6361.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for postfix vulnerability USN-636-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...

6.2CVSS6.4AI score0.01001EPSS
Exploits6References2
OpenVAS
OpenVAS
added 2009/03/23 12:0 a.m.22 views

Ubuntu: Security Advisory (USN-636-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.2CVSS6.6AI score0.01001EPSS
Exploits6References2
Tenable Nessus
Tenable Nessus
added 2008/08/20 12:0 a.m.24 views

Ubuntu 6.06 LTS / 7.04 / 7.10 / 8.04 LTS : postfix vulnerability (USN-636-1)

Sebastian Krahmer discovered that Postfix was not correctly handling mailbox ownership when dealing with Linux's implementation of hardlinking to symlinks. In certain mail spool configurations, a local attacker could exploit this to append data to arbitrary files as the root user. The default...

6.2CVSS5.7AI score0.01001EPSS
Exploits6References2
Ubuntu
Ubuntu
added 2008/08/19 8:29 p.m.49 views

USN-636-1: Postfix vulnerability

Sebastian Krahmer discovered that Postfix was not correctly handling mailbox ownership when dealing with Linux's implementation of hardlinking to symlinks. In certain mail spool configurations, a local attacker could exploit this to append data to arbitrary files as the root user. The default...

6.2CVSS5.4AI score0.01001EPSS
Exploits6
OSV
OSV
added 2001/12/31 5:0 a.m.4 views

CVE-2001-1494

script command in the util-linux package before 2.11n allows local users to overwrite arbitrary files by setting a hardlink from the typescript log file to any file on the system, then having root execute the script command...

5.5CVSS7AI score
Exploits0References13
Rows per page
Query Builder