Internet Bug Bounty: RCE via ssh:// URIs in multiple VCS

I'd like to submit an RCE issue within Git SVN and Mercurial, the CVEs are: CVE-2017-9800 Subversion CVE-2017-1000116 Mercurial hg CVE-2017-1000117 Git Further Info can be found at: http://blog.recurity-labs.com/2017-08-10/scm-vulns And product specific:...

FreeBSD : GitLab -- two vulnerabilities (abcc5ad3-7e6a-11e7-93f7-d43d7e971a1b)

GitLab reports : Remote Command Execution in git client An external code review performed by Recurity-Labs identified a remote command execution vulnerability in git that could be exploited via the 'Repo by URL' import option in GitLab. The command line git client was not properly escaping comman...

Fedora 25 : git (2017-8ba7572cfd)

Resolve an arbitrary code execution vulnerability via crafted 'ssh://' URL CVE-2017-1000117. From the release announcement : A malicious third-party can give a crafted 'ssh://...' URL to an unsuspecting victim, and an attempt to visit the URL can result in any program that exists on the victim's...

Remote Command Execution in git client (CVE-2017-12426)

Remote Command Execution in git client CVE-2017-12426 An external code review performed by Recurity-Labs identified a remote command execution vulnerability in git that could be exploited via the "Repo by URL" import option in GitLab. The command line git client was not properly escaping command...

VMSA-2014-0003:VMware vSphere Client updates address security vulnerabilities

VMSA-2014-0003 VMware vSphere Client updates address security vulnerabilities VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2014-0003 VMware Security Advisory Synopsis: VMware vSphere Client updates address security vulnerabilities VMware Security Advisory Issue date:...

Cisco Nexus 1000V Insufficient VSM/VEM Authentication Vulnerability

A vulnerability in the Cisco Nexus 1000V could allow an unauthenticated, remote attacker to obtain control over a Virtual Ethernet Module VEM and associated port groups. The vulnerability is due to insufficient authentication between a VEM and a Virtual Supervisor Module VSM. An attacker could...

Security Advisory-HTTP Session Management Vulnerability in HTTP Module

Branch Intelligent Management System BIMS and Web management is provided by Huawei for network and device management. Both BIMS and Web management use HTTP. Therefore, to use BIMS and Web management, you must enable HTTP. Because HTTP session ID generation is weak and predictable, an attacker can...

Security Advisory-Buffer Overflow on Stack in HTTP Module

Branch Intelligent Management System BIMS and Web management is provided by Huawei for network and device management. Both BIMS and Web management use HTTP. Therefore, to use BIMS and Web management, you must enable HTTP. Attackers can make stack overflow by sending messages with the URI whose...

Security Advisory-Buffer Overflow on Heap When Parsing Http Response in HTTP Module

Branch Intelligent Management System BIMS and Web management is provided by Huawei for network and device management. Both BIMS and Web management use HTTP. Therefore, to use BIMS and Web management, you must enable HTTP. Attackers can make heap overflow by sending malformed HTTP Response message...