Executive Summary
Summary | |
---|---|
Title | Git vulnerabilities |
Informations | |||
---|---|---|---|
Name | USN-723-1 | First vendor Publication | 2009-02-18 |
Vendor | Ubuntu | Last vendor Modification | 2009-02-18 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 7.5 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 7.10 Ubuntu 8.04 LTS Ubuntu 8.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: Ubuntu 7.10: Ubuntu 8.04 LTS: Ubuntu 8.10: In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: It was discovered that Git did not properly handle long file paths. If a user were tricked into performing commands on a specially crafted Git repository, an attacker could possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2008-3546) It was discovered that the Git web interface (gitweb) did not correctly handle shell metacharacters when processing certain commands. A remote attacker could send specially crafted commands to the Git server and execute arbitrary code with the privileges of the Git web server. This issue only applied to Ubuntu 7.10 and 8.04 LTS. (CVE-2008-5516, CVE-2008-5517) It was discovered that the Git web interface (gitweb) did not properly restrict the diff.external configuration parameter. A local attacker could exploit this issue and execute arbitrary code with the privileges of the Git web server. This issue only applied to Ubuntu 8.04 LTS and 8.10. (CVE-2008-5916) |
Original Source
Url : http://www.ubuntu.com/usn/USN-723-1 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
40 % | CWE-264 | Permissions, Privileges, and Access Controls |
20 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
20 % | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
20 % | CWE-78 | Improper Sanitization of Special Elements used in an OS Command ('OS Command Injection') (CWE/SANS Top 25) |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:12780 | |||
Oval ID: | oval:org.mitre.oval:def:12780 | ||
Title: | DSA-1708-1 git-core -- shell command injection | ||
Description: | It was discovered that gitweb, the web interface for the Git version control system, contained several vulnerabilities: Remote attackers could use crafted requests to execute shell commands on the web server, using the snapshot generation and pickaxe search functionality. Local users with write access to the configuration of a Git repository served by gitweb could cause gitweb to execute arbitrary shell commands with the permission of the web server. For the stable distribution, these problems have been fixed in version 1:1.4.4.4-4+etch1. For the unstable distribution and testing distribution, the remote shell command injection issuei has been fixed in version 1.5.6-1. The other issue will be fixed soon. We recommend that you upgrade your Git packages. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1708-1 CVE-2008-5516 CVE-2008-5517 CVE-2008-5916 | Version: | 7 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | git-core |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20022 | |||
Oval ID: | oval:org.mitre.oval:def:20022 | ||
Title: | DSA-1637-1 git-core - buffer overflow | ||
Description: | Multiple vulnerabilities have been identified in git-core, the core of the git distributed revision control system. Improper path length limitations in git's diff and grep functions, in combination with maliciously crafted repositories or changes, could enable a stack buffer overflow and potentially the execution of arbitrary code. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1637-1 CVE-2008-3546 | Version: | 5 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | git-core |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:7389 | |||
Oval ID: | oval:org.mitre.oval:def:7389 | ||
Title: | DSA-1637 git-core -- buffer overflow | ||
Description: | Multiple vulnerabilities have been identified in git-core, the core of the git distributed revision control system. Improper path length limitations in git's diff and grep functions, in combination with maliciously crafted repositories or changes, could enable a stack buffer overflow and potentially the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies this vulnerability as CVE-2008-3546. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1637 CVE-2008-3546 | Version: | 5 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | git-core |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:7699 | |||
Oval ID: | oval:org.mitre.oval:def:7699 | ||
Title: | DSA-1708 git-core -- shell command injection | ||
Description: | It was discovered that gitweb, the web interface for the Git version control system, contained several vulnerabilities: Remote attackers could use crafted requests to execute shell commands on the web server, using the snapshot generation and pickaxe search functionality (CVE-2008-5916). Local users with write access to the configuration of a Git repository served by gitweb could cause gitweb to execute arbitrary shell commands with the permission of the web server (CVE-2008-5516, CVE-2008-5517). | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1708 CVE-2008-5516 CVE-2008-5517 CVE-2008-5916 | Version: | 5 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | git-core |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
ExploitDB Exploits
id | Description |
---|---|
2010-02-18 | gitWeb v1.5.2 Remote Command Execution |
OpenVAS Exploits
Date | Description |
---|---|
2009-06-05 | Name : Ubuntu USN-707-1 (cupsys) File : nvt/ubuntu_707_1.nasl |
2009-06-05 | Name : Ubuntu USN-723-1 (git-core) File : nvt/ubuntu_723_1.nasl |
2009-03-13 | Name : Gentoo Security Advisory GLSA 200903-15 (git) File : nvt/glsa_200903_15.nasl |
2009-02-17 | Name : Fedora Update for git FEDORA-2008-9080 File : nvt/gb_fedora_2008_9080_git_fc9.nasl |
2009-02-13 | Name : Fedora Update for git FEDORA-2008-11650 File : nvt/gb_fedora_2008_11650_git_fc9.nasl |
2009-02-13 | Name : Fedora Update for git FEDORA-2008-11653 File : nvt/gb_fedora_2008_11653_git_fc8.nasl |
2009-01-20 | Name : Debian Security Advisory DSA 1708-1 (git-core) File : nvt/deb_1708_1.nasl |
2009-01-20 | Name : FreeBSD Ports: git File : nvt/freebsd_git.nasl |
2009-01-20 | Name : SuSE Security Summary SUSE-SR:2009:001 (OpenSuSE 11.1) File : nvt/suse_sr_2009_001.nasl |
2009-01-20 | Name : SuSE Security Summary SUSE-SR:2009:001 (OpenSuSE 11.0) File : nvt/suse_sr_2009_001a.nasl |
2009-01-20 | Name : SuSE Security Summary SUSE-SR:2009:001 (OpenSuSE 10.3) File : nvt/suse_sr_2009_001b.nasl |
2008-09-28 | Name : Gentoo Security Advisory GLSA 200809-16 (git) File : nvt/glsa_200809_16.nasl |
2008-09-17 | Name : Debian Security Advisory DSA 1637-1 (git-core) File : nvt/deb_1637_1.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2009-051-02 git File : nvt/esoft_slk_ssa_2009_051_02.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
53539 | GIT gitweb git_search Shell Metacharacter Arbitrary Command Execution |
53538 | GIT gitweb git_snapshot / git_object Shell Metacharacter Arbitrary Command Ex... |
50918 | GIT gitweb/gitweb.perl diff.external Configuration Variable Crafted Query Loc... |
47330 | GIT Repository Pathname Handling Multiple Function Overflows |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2011-04-08 | Name : The remote web server contains a CGI script that can be abused to execute arb... File : gitweb_git_search_cmd_exec.nasl - Type : ACT_ATTACK |
2010-02-21 | Name : The remote web server contains a CGI script that can be abused to execute arb... File : gitweb_git_object_cmd_exec.nasl - Type : ACT_ATTACK |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_git-080907.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-723-1.nasl - Type : ACT_GATHER_INFO |
2009-03-10 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200903-15.nasl - Type : ACT_GATHER_INFO |
2009-02-23 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2009-051-02.nasl - Type : ACT_GATHER_INFO |
2009-01-20 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1708.nasl - Type : ACT_GATHER_INFO |
2009-01-11 | Name : The remote openSUSE host is missing a security update. File : suse_git-5892.nasl - Type : ACT_GATHER_INFO |
2008-12-22 | Name : The remote Fedora host is missing a security update. File : fedora_2008-11650.nasl - Type : ACT_GATHER_INFO |
2008-12-22 | Name : The remote Fedora host is missing a security update. File : fedora_2008-11653.nasl - Type : ACT_GATHER_INFO |
2008-10-24 | Name : The remote Fedora host is missing a security update. File : fedora_2008-9080.nasl - Type : ACT_GATHER_INFO |
2008-09-26 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200809-16.nasl - Type : ACT_GATHER_INFO |
2008-09-16 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1637.nasl - Type : ACT_GATHER_INFO |
2008-09-10 | Name : The remote openSUSE host is missing a security update. File : suse_git-5585.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 12:05:41 |
|