This CPE summary could be partial or incomplete. Please contact us for a detailed listing.
Summary
| Summuary | |
|---|---|
| CPE Name | cpe:/a:git:git:0.99.9n |
| Detail | |||
|---|---|---|---|
| Vendor | Git | First view | 2009-01-20 |
| Product | Git | Last view | 2017-09-28 |
| Version | 0.99.9n | Type | Application |
| Edition | |||
| Language | |||
| Update | |||
| CPE Product | cpe:/a:git:git | ||
Activity : Overall
Related : CVE
| Date | Alert | Access Vector | Access Complexity | Authentication | ||
|---|---|---|---|---|---|---|
| 9 | 2017-09-28 | CVE-2017-14867 | Network | Low | Requires ... | |
| 4.3 | 2013-03-08 | CVE-2013-0308 | Network | Medium | None Requ... | |
| 4.3 | 2010-12-17 | CVE-2010-3906 | Network | Medium | None Requ... | |
| 7.5 | 2010-08-11 | CVE-2010-2542 | Network | Low | None Requ... | |
| 7.5 | 2009-01-20 | CVE-2008-5516 | Network | Low | None Requ... |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 33% (2) | CWE-20 | Improper Input Validation |
| 16% (1) | CWE-264 | Permissions, Privileges, and Access Controls |
| 16% (1) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 16% (1) | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') |
| 16% (1) | CWE-78 | Improper Sanitization of Special Elements used in an OS Command ('O... |
Oval Markup Language : Definitions
| OvalID | Name |
|---|---|
| oval:org.mitre.oval:def:22223 | RHSA-2010:1003: git security update (Moderate) |
| oval:org.mitre.oval:def:23492 | ELSA-2010:1003: git security update (Moderate) |
| oval:org.mitre.oval:def:27949 | DEPRECATED: ELSA-2010-1003 -- git security update (moderate) |
| oval:org.mitre.oval:def:21085 | RHSA-2013:0589: git security update (Moderate) |
| oval:org.mitre.oval:def:23297 | ELSA-2013:0589: git security update (Moderate) |
| id | Name |
|---|---|
| oval:org.mitre.oval:def:27590 | DEPRECATED: ELSA-2013-0589 -- git security update (moderate) |
| oval:org.mitre.oval:def:12423 | DSA-2114-1 git-core -- buffer overflow |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 69929 | Gitweb index.php Multiple Parameter XSS |
| 67091 | Git setup.c is_git_directory Function gitdir: Field Overflow |
| 53539 | GIT gitweb git_search Shell Metacharacter Arbitrary Command Execution |
ExploitDB Exploits
| id | Description |
|---|---|
| 15744 | Gitweb <=1.7.3.3 Cross Site Scripting |
| 11497 | gitWeb v1.5.2 Remote Command Execution |
OpenVAS Exploits
| id | Description |
|---|---|
| 2011-03-24 | Name : Fedora Update for cgit FEDORA-2011-2815 File : nvt/gb_fedora_2011_2815_cgit_fc13.nasl |
| 2011-01-11 | Name : Fedora Update for git FEDORA-2010-18973 File : nvt/gb_fedora_2010_18973_git_fc13.nasl |
| 2010-12-28 | Name : Mandriva Update for git MDVSA-2010:256 (git) File : nvt/gb_mandriva_MDVSA_2010_256.nasl |
| 2010-12-28 | Name : Fedora Update for git FEDORA-2010-18981 File : nvt/gb_fedora_2010_18981_git_fc14.nasl |
| 2010-12-02 | Name : Fedora Update for cgit FEDORA-2010-15387 File : nvt/gb_fedora_2010_15387_cgit_fc14.nasl |
| id | Description |
|---|---|
| 2010-10-19 | Name : Fedora Update for cgit FEDORA-2010-15501 File : nvt/gb_fedora_2010_15501_cgit_fc12.nasl |
| 2010-10-19 | Name : Fedora Update for cgit FEDORA-2010-15534 File : nvt/gb_fedora_2010_15534_cgit_fc13.nasl |
| 2010-10-04 | Name : Mandriva Update for git MDVSA-2010:194 (git) File : nvt/gb_mandriva_MDVSA_2010_194.nasl |
| 2010-08-21 | Name : FreeBSD Ports: git File : nvt/freebsd_git1.nasl |
| 2009-06-05 | Name : Ubuntu USN-707-1 (cupsys) File : nvt/ubuntu_707_1.nasl |
| 2009-06-05 | Name : Ubuntu USN-723-1 (git-core) File : nvt/ubuntu_723_1.nasl |
| 2009-03-13 | Name : Gentoo Security Advisory GLSA 200903-15 (git) File : nvt/glsa_200903_15.nasl |
| 2009-01-20 | Name : Debian Security Advisory DSA 1708-1 (git-core) File : nvt/deb_1708_1.nasl |
| 0000-00-00 | Name : Slackware Advisory SSA:2009-051-02 git File : nvt/esoft_slk_ssa_2009_051_02.nasl |
Nessus® Vulnerability Scanner
This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
| id | Description |
|---|---|
| 2017-10-18 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2017-2747-1.nasl - Type : ACT_GATHER_INFO |
| 2017-10-06 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-3438-1.nasl - Type : ACT_GATHER_INFO |
| 2017-10-03 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2017-1115.nasl - Type : ACT_GATHER_INFO |
| 2017-10-03 | Name : The remote Debian host is missing a security update. File : debian_DLA-1120.nasl - Type : ACT_GATHER_INFO |
| 2017-09-27 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-3984.nasl - Type : ACT_GATHER_INFO |
| id | Description |
|---|---|
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_git-110117.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-170.nasl - Type : ACT_GATHER_INFO |
| 2014-01-12 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201401-06.nasl - Type : ACT_GATHER_INFO |
| 2013-09-24 | Name : The remote host has an application installed that is prone to a man-in-the-mi... File : macosx_xcode_5_0.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-0589.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-1003.nasl - Type : ACT_GATHER_INFO |
| 2013-03-10 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-0589.nasl - Type : ACT_GATHER_INFO |
| 2013-03-05 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130304_git_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
| 2013-03-05 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0589.nasl - Type : ACT_GATHER_INFO |
| 2013-03-04 | Name : The remote Fedora host is missing a security update. File : fedora_2013-2763.nasl - Type : ACT_GATHER_INFO |
| 2013-03-04 | Name : The remote Fedora host is missing a security update. File : fedora_2013-2829.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20101221_git_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
| 2011-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_git-110117.nasl - Type : ACT_GATHER_INFO |
| 2011-04-08 | Name : The remote web server contains a CGI script that can be abused to execute arb... File : gitweb_git_search_cmd_exec.nasl - Type : ACT_ATTACK |
| 2011-01-04 | Name : The remote Fedora host is missing a security update. File : fedora_2010-18973.nasl - Type : ACT_GATHER_INFO |
| 2010-12-26 | Name : The remote Fedora host is missing a security update. File : fedora_2010-18981.nasl - Type : ACT_GATHER_INFO |
| 2010-12-23 | Name : The remote web server hosts a CGI script that is prone to a cross- site scrip... File : gitweb_f_xss.nasl - Type : ACT_ATTACK |
| 2010-12-22 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-1003.nasl - Type : ACT_GATHER_INFO |
| 2010-12-17 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-256.nasl - Type : ACT_GATHER_INFO |
| 2010-10-11 | Name : The remote Fedora host is missing a security update. File : fedora_2010-15501.nasl - Type : ACT_GATHER_INFO |
