Test Kennung:	1.3.6.1.4.1.25623.1.0.121462
Kategorie:	Gentoo Local Security Checks
Titel:	Gentoo Security Advisory GLSA 201605-01
Zusammenfassung:	Gentoo Linux Local Security Checks GLSA 201605-01
Beschreibung:	Summary: Gentoo Linux Local Security Checks GLSA 201605-01 Vulnerability Insight: Git is vulnerable to the remote execution of arbitrary code by cloning repositories with large filenames or a large number of nested trees. Additionally, some protocols within Git, such as git-remote-ext, can execute arbitrary code found within URLs. These URLs that submodules use may come from arbitrary sources (e.g., .gitmodules files in a remote repository), and can effect those who enable recursive fetch. Restrict the allowed protocols to well known and safe ones. Solution: Update the affected packages to the latest available version. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2015-7545 BugTraq ID: 78711 http://www.securityfocus.com/bid/78711 Debian Security Information: DSA-3435 (Google Search) http://www.debian.org/security/2016/dsa-3435 https://security.gentoo.org/glsa/201605-01 https://lkml.org/lkml/2015/10/5/683 http://www.openwall.com/lists/oss-security/2015/12/08/5 http://www.openwall.com/lists/oss-security/2015/12/09/8 http://www.openwall.com/lists/oss-security/2015/12/11/7 RedHat Security Advisories: RHSA-2015:2515 http://rhn.redhat.com/errata/RHSA-2015-2515.html http://www.securitytracker.com/id/1034501 http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.533255 SuSE Security Announcement: openSUSE-SU-2015:1968 (Google Search) http://lists.opensuse.org/opensuse-updates/2015-11/msg00066.html http://www.ubuntu.com/usn/USN-2835-1 Common Vulnerability Exposure (CVE) ID: CVE-2016-2315 BugTraq ID: 84355 http://www.securityfocus.com/bid/84355 Debian Security Information: DSA-3521 (Google Search) http://www.debian.org/security/2016/dsa-3521 http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179121.html http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183147.html http://lists.fedoraproject.org/pipermail/package-announce/2016-March/180763.html http://pastebin.com/UX2P2jjg http://www.openwall.com/lists/oss-security/2016/03/15/5 RedHat Security Advisories: RHSA-2016:0496 http://rhn.redhat.com/errata/RHSA-2016-0496.html http://www.securitytracker.com/id/1035290 SuSE Security Announcement: SUSE-SU-2016:0796 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00059.html SuSE Security Announcement: SUSE-SU-2016:0798 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00060.html SuSE Security Announcement: openSUSE-SU-2016:0802 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00061.html SuSE Security Announcement: openSUSE-SU-2016:0803 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00062.html SuSE Security Announcement: openSUSE-SU-2016:0826 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00071.html SuSE Security Announcement: openSUSE-SU-2016:0829 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00074.html SuSE Security Announcement: openSUSE-SU-2016:0831 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00076.html SuSE Security Announcement: openSUSE-SU-2016:0832 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00077.html SuSE Security Announcement: openSUSE-SU-2016:0958 (Google Search) http://lists.opensuse.org/opensuse-updates/2016-04/msg00011.html http://www.ubuntu.com/usn/USN-2938-1 Common Vulnerability Exposure (CVE) ID: CVE-2016-2324
Copyright	Copyright (C) 2016 Eero Volotinen

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.