Download
| Alert*
oval:org.secpod.oval:def:42148
The host is missing a security update according to Apple advisory, APPLE-SA-2016-09-13-2. The update is required to fix multiple memory corruption vulnerabilities. The flaws are present in the application, which fails to handle unknown vectors. Successful exploitation allows attackers to execute arb ... oval:org.secpod.oval:def:2101172 A malicious third-party can give a crafted "ssh://..." URL to an unsuspecting victim, and an attempt to visit the URL can result in any program that exists on the victim"s machine being executed. Such a URL could be placed in the .gitmodules file of a malicious project, and an unsuspecting victim co ... oval:org.secpod.oval:def:505078 Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work ... oval:org.secpod.oval:def:89044992 This update for git fixes the following issues: - CVE-2017-1000117: A client side code execution via shell injection when receiving special submodule strings from a malicious server was fixed oval:org.secpod.oval:def:204582 Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work ... oval:org.secpod.oval:def:70583 Joern Schneeweisz discovered that git, a distributed revision control system, did not correctly handle maliciously constructed ssh:// URLs. This allowed an attacker to run an arbitrary shell command, for instance via git submodules. oval:org.secpod.oval:def:42141 The host is installed with Xcode before 9.0 on Apple Mac OS X 10.12.6 or later or Git before 2.7.6, 2.8.x before 2.8.6, 2.9.x before 2.9.5, 2.10.x before 2.10.4, 2.11.x before 2.11.3, 2.12.x before 2.12.4, 2.13.x before 2.13.5, 2.14.x before 2.14.1 and is prone to arbitrary code execution vulnerabil ... oval:org.secpod.oval:def:204548 Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work ... oval:org.secpod.oval:def:1600763 Command injection via malicious ssh URLs:A shell command injection flaw related to the handling of "ssh" URLs has been discovered in Git. An attacker could use this flaw to execute shell commands with the privileges of the user running the Git client, for example, when performing a "c ... oval:org.secpod.oval:def:703753 git: fast, scalable, distributed revision control system Git could be made run programs as your login if it opened a specially crafted git repository. oval:org.secpod.oval:def:51867 git: fast, scalable, distributed revision control system Git could be made run programs as your login if it opened a specially crafted git repository. oval:org.secpod.oval:def:603052 Joern Schneeweisz discovered that git, a distributed revision control system, did not correctly handle maliciously constructed ssh:// URLs. This allowed an attacker to run an arbitrary shell command, for instance via git submodules. oval:org.secpod.oval:def:1501950 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:502122 Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work ... oval:org.secpod.oval:def:113045 Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. The git rpm installs common set of tools which are usually using with small amount of dependencies. To install all git packages, incl ... oval:org.secpod.oval:def:502123 Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work ... oval:org.secpod.oval:def:113040 Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. The git rpm installs common set of tools which are usually using with small amount of dependencies. To install all git packages, incl ... oval:org.secpod.oval:def:50038 The host is installed with Git before 2.7.6, 2.8.6, 2.9.5, 2.10.4, 2.11.3, 2.12.4, 2.13.5 or 2.14.1 and is prone to an input validation error vulnerability. A flaw is present in the application, which fails to handle the crated ssh url. Successful exploitation allows remote attackers to execute arbi ... oval:org.secpod.oval:def:1501964 The advisory is missing the security advisory description. For more information please visit the reference link |