20 matches found
Astra Linux - уязвимость в git
Git is a distributed revision control system. git log can display commits in an arbitrary format using its --format specifiers. This functionality is also exposed to git archive via the export-subst gitattribute. When processing the padding operators, there is an integer overflow in...
EUVD-1999-0805
Malware in sbrugna...
PT-2024-40190 · Packagist · Typo3/Cms-Core
Name of the Vulnerable Software and Affected Versions: No specific software or version information is provided. Description: The issue arises from improper encoding of user input, making the login status display susceptible to cross-site scripting in the website frontend. To exploit this, a valid...
git: Heap overflow in `git archive`, `git log --format` leading to RCE
A flaw was found in Git, a distributed revision control system. This issue occurs due to an integer overflow in pretty.c::formatandpadcommit, where a sizet is stored improperly as an int, and then added as an offset to a memcpy. This overflow can be triggered directly by a user running a command...
CVE-2022-41903
A flaw was found in Git, a distributed revision control system. This issue occurs due to an integer overflow in pretty.c::formatandpadcommit, where a sizet is stored improperly as an int, and then added as an offset to a memcpy. This overflow can be triggered directly by a user running a command...
git: Heap overflow in `git archive`, `git log --format` leading to RCE
A flaw was found in Git, a distributed revision control system. This issue occurs due to an integer overflow in pretty.c::formatandpadcommit, where a sizet is stored improperly as an int, and then added as an offset to a memcpy. This overflow can be triggered directly by a user running a command...
git: Heap overflow in `git archive`, `git log --format` leading to RCE
A flaw was found in Git, a distributed revision control system. This issue occurs due to an integer overflow in pretty.c::formatandpadcommit, where a sizet is stored improperly as an int, and then added as an offset to a memcpy. This overflow can be triggered directly by a user running a command...
git: Heap overflow in `git archive`, `git log --format` leading to RCE
A flaw was found in Git, a distributed revision control system. This issue occurs due to an integer overflow in pretty.c::formatandpadcommit, where a sizet is stored improperly as an int, and then added as an offset to a memcpy. This overflow can be triggered directly by a user running a command...
Integer Overflow
git is vulnerable to integer overflows. When processing the padding operators, there is a integer overflow in pretty.c::formatandpadcommit where a sizet is stored improperly as an int, and then added as an offset to a memcpy. This overflow can be triggered directly by a user running a command whi...
ALPINE-CVE-2022-41903
Git is distributed revision control system. git log can display commits in an arbitrary format using its --format specifiers. This functionality is also exposed to git archive via the export-subst gitattribute. When processing the padding operators, there is a integer overflow in...
UBUNTU-CVE-2022-41903
Git is distributed revision control system. git log can display commits in an arbitrary format using its --format specifiers. This functionality is also exposed to git archive via the export-subst gitattribute. When processing the padding operators, there is a integer overflow in...
git -- Heap overflow in `git archive`, `git log --format` leading to RCE
The git team reports: git log has the ability to display commits using an arbitrary format with its --format specifiers. This functionality is also exposed to git archive via the export-subst gitattribute. When processing the padding operators e.g., %, %, or % , an integer overflow can occur in...
openSUSE 15 Security Update : zsh (openSUSE-SU-2022:0735-1)
The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:0735-1 advisory. - In Zsh before 5.8, attackers able to execute commands can regain privileges dropped by the --no-PRIVILEGED option. Zsh fails to overwrite...
zsh null pointer dereference vulnerability
zsh is an interactive command interpreter and command programming language used on Linux systems. A security vulnerability exists in the subst.c file in zsh 5.4.2 and earlier versions. An attacker can exploit this vulnerability to cause a denial of service null pointer backreference...
Microsoft Windows 2000/NT 4 NTFS File Hiding Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/3989/info There exists a condition in Microsoft Windows operating systems using NTFS that may allow for files to be hidden. Though the NTFS filesystem allows for a 32000 character path, Microsoft Windows operating systems...
Sword go side door---SUBST magical-vulnerability warning-the black bar safety net
Source:T00ls Sometimes we invade when there is no way to include the site directory, this time you can try using the SUBST transfer directory: Everyone take a look: ! There is no way the column directory, we execute the CMD DIR command to see: ! Or not, we execute the CMD of the SUBST command: ! ...
CVE-2003-1246
CVE-2003-1246 affects the Integrity Protection Driver (IPD) versions 1.2 and 1.3. The vulnerability is in NtCreateSymbolicLinkObject within ntdll.dll, allowing a local attacker to create and overwrite arbitrary files under boot/system path via a symlink attack on \winnt\system32\drivers using the...
CVE-2003-1246
NtCreateSymbolicLinkObject in ntdll.dll in Integrity Protection Driver IPD 1.2 and 1.3 allows local users to create and overwrite arbitrary files via a symlink attack on \winnt\system32\drivers using the subst command...
PT-2003-2178 · Microsoft +1 · Windows +1
Name of the Vulnerable Software and Affected Versions: Pedestal Software Integrity Protection Driver IPD versions 1.3 and earlier Description: The issue allows privileged attackers, such as rootkits, to bypass file access restrictions to the Windows kernel. This is achieved by using the...
Integrity Protection Driver protection bypass
Drivers protection may be bypassed via subst link to drivers directory or NtCreateSymbolicLinkObject API...