Definition Id: oval:org.mitre.oval:def:12780
Oval ID: oval:org.mitre.oval:def:12780
Title: DSA-1708-1 git-core -- shell command injection
Description: It was discovered that gitweb, the web interface for the Git version control system, contained several vulnerabilities: Remote attackers could use crafted requests to execute shell commands on the web server, using the snapshot generation and pickaxe search functionality. Local users with write access to the configuration of a Git repository served by gitweb could cause gitweb to execute arbitrary shell commands with the permission of the web server. For the stable distribution, these problems have been fixed in version 1: For the unstable distribution and testing distribution, the remote shell command injection issuei has been fixed in version 1.5.6-1. The other issue will be fixed soon. We recommend that you upgrade your Git packages.
Family: unix Class: patch
Reference(s): DSA-1708-1
Version: 7
Platform(s): Debian GNU/Linux 4.0
Product(s): git-core
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6461
Oval ID: oval:org.mitre.oval:def:6461
Title: Debian GNU/Linux 4.0 is installed.
Description: Debian GNU/Linux 4.0 (etch) is installed
Family: unix Class: inventory
Reference(s): cpe:/o:debian:debian_gnu/linux:4.0
Version: 9
Platform(s): Debian GNU/Linux 4.0
Definition Synopsis:
Referenced By: