Lucene search
K

30 matches found

BDU FSTEC
BDU FSTEC
added 2017/11/03 12:0 a.m.19 views

The vulnerability of the distributed Git version control system, related to insufficient validation of input data, allows a hacker to execute arbitrary operating system commands.

The vulnerability of the distributed Git version control system is related to the use of insecure Perl scripts for supporting subcommands such as cvsserver. Exploiting this vulnerability allows a malicious actor to execute arbitrary operating system commands on behalf of the git user remotely...

9CVSS7.7AI score0.36003EPSS
Exploits0References9Affected Software2
OSV
OSV
added 2017/09/29 1:34 a.m.31 views

CVE-2017-14867

Git before 2.10.5, 2.11.x before 2.11.4, 2.12.x before 2.12.5, 2.13.x before 2.13.6, and 2.14.x before 2.14.2 uses unsafe Perl scripts to support subcommands such as cvsserver, which allows attackers to execute arbitrary OS commands via shell metacharacters in a module name. The vulnerable code i...

8.8CVSS8.9AI score
Exploits0References7
Prion
Prion
added 2017/09/29 1:34 a.m.24 views

Design/Logic Flaw

Git before 2.10.5, 2.11.x before 2.11.4, 2.12.x before 2.12.5, 2.13.x before 2.13.6, and 2.14.x before 2.14.2 uses unsafe Perl scripts to support subcommands such as cvsserver, which allows attackers to execute arbitrary OS commands via shell metacharacters in a module name. The vulnerable code i...

9CVSS8.8AI score0.36003EPSS
Exploits0References7Affected Software2
n0where
n0where
added 2015/09/14 3:9 a.m.72 views

DNS visualization: DNSViz

DNSViz is a tool for assessing the health of DNS deployments by issuing diagnostic queries, assessing the responses, and outputting the results in one of several formats. The assessment may be directed towards recursive or authoritative DNS servers, and the output may be textual, graphical, or...

0.9AI score
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2008/02/14 12:0 a.m.32 views

GLSA-200802-06 : scponly: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200802-06 scponly: Multiple vulnerabilities Joachim Breitner reported that Subversion and rsync support invokes subcommands in an insecure manner CVE-2007-6350. It has also been discovered that scponly does not filter the -o and -...

8.5CVSS6AI score0.04362EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2007/12/14 8:46 p.m.22 views

CVE-2007-6350

scponly 4.6 and earlier allows remote authenticated users to bypass intended restrictions and execute code by invoking dangerous subcommands including 1 unison, 2 rsync, 3 svn, and 4 svnserve, as originally demonstrated by creating a Subversion SVN repository with malicious hooks, then using svn ...

8.5CVSS6.3AI score0.04362EPSS
Exploits0References1
Prion
Prion
added 2007/12/14 8:46 p.m.19 views

Design/Logic Flaw

scponly 4.6 and earlier allows remote authenticated users to bypass intended restrictions and execute code by invoking dangerous subcommands including 1 unison, 2 rsync, 3 svn, and 4 svnserve, as originally demonstrated by creating a Subversion SVN repository with malicious hooks, then using svn ...

8.5CVSS6.9AI score0.04362EPSS
Exploits0References15Affected Software1
NVD
NVD
added 2007/12/14 8:46 p.m.12 views

CVE-2007-6350

scponly 4.6 and earlier allows remote authenticated users to bypass intended restrictions and execute code by invoking dangerous subcommands including 1 unison, 2 rsync, 3 svn, and 4 svnserve, as originally demonstrated by creating a Subversion SVN repository with malicious hooks, then using svn ...

8.5CVSS6.7AI score0.04362EPSS
Exploits0References15
Cvelist
Cvelist
added 2007/12/14 8:0 p.m.28 views

CVE-2007-6350

scponly 4.6 and earlier allows remote authenticated users to bypass intended restrictions and execute code by invoking dangerous subcommands including 1 unison, 2 rsync, 3 svn, and 4 svnserve, as originally demonstrated by creating a Subversion SVN repository with malicious hooks, then using svn ...

6.5AI score0.04362EPSS
Exploits0References15
CVE
CVE
added 2007/12/14 8:0 p.m.57 views

CVE-2007-6350

CVE-2007-6350 affects scponly 4.6 and earlier, where remote authenticated users could bypass restrictions and execute code by abusing certain subcommands (unison, rsync, svn, svnserve) via a malicious SVN repository and hooks to trigger execution. Public references show Fedora advisories (2008-17...

8.5CVSS6.5AI score0.04362EPSS
Exploits0References15Affected Software1
Rows per page
Query Builder