oval:org.mitre.oval:def:12780
| Definition Id: oval:org.mitre.oval:def:12780 | |||
| Oval ID: | oval:org.mitre.oval:def:12780 | ||
| Title: | DSA-1708-1 git-core -- shell command injection | ||
| Description: | It was discovered that gitweb, the web interface for the Git version control system, contained several vulnerabilities: Remote attackers could use crafted requests to execute shell commands on the web server, using the snapshot generation and pickaxe search functionality. Local users with write access to the configuration of a Git repository served by gitweb could cause gitweb to execute arbitrary shell commands with the permission of the web server. For the stable distribution, these problems have been fixed in version 1:1.4.4.4-4+etch1. For the unstable distribution and testing distribution, the remote shell command injection issuei has been fixed in version 1.5.6-1. The other issue will be fixed soon. We recommend that you upgrade your Git packages. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-1708-1 CVE-2008-5516 CVE-2008-5517 CVE-2008-5916 | Version: | 7 |
| Platform(s): | Debian GNU/Linux 4.0 | Product(s): | git-core |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:6461 | |||
| Oval ID: | oval:org.mitre.oval:def:6461 | ||
| Title: | Debian GNU/Linux 4.0 is installed. | ||
| Description: | Debian GNU/Linux 4.0 (etch) is installed | ||
| Family: | unix | Class: | inventory |
| Reference(s): | cpe:/o:debian:debian_gnu/linux:4.0 | Version: | 9 |
| Platform(s): | Debian GNU/Linux 4.0 | Product(s): | |
| Definition Synopsis: | |||
| Referenced By: | |||
| oval:org.mitre.oval:def:12780 | |||
