Gentoo Local Security Checks : Gentoo Security Advisory GLSA 200903-15 (git)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.63546

Categoría: Gentoo Local Security Checks

Título: Gentoo Security Advisory GLSA 200903-15 (git)

Resumen: The remote host is missing updates announced in;advisory GLSA 200903-15.

Descripción: Summary:
The remote host is missing updates announced in
advisory GLSA 200903-15.

Vulnerability Insight:
Multiple vulnerabilities in gitweb allow for remote execution of arbitrary
commands.

Solution:
All git users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose '>=dev-util/git-1.6.0.6'

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2008-5516
20090113 rPSA-2009-0005-1 git gitweb
http://www.securityfocus.com/archive/1/500008/100/0/threaded
33964
http://secunia.com/advisories/33964
34194
http://secunia.com/advisories/34194
4919
http://securityreason.com/securityalert/4919
ADV-2009-0175
http://www.vupen.com/english/advisories/2009/0175
DSA-1708
http://www.debian.org/security/2009/dsa-1708
GLSA-200903-15
http://www.gentoo.org/security/en/glsa/glsa-200903-15.xml
SUSE-SR:2009:001
http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00002.html
USN-723-1
http://www.ubuntu.com/usn/USN-723-1
[oss-security] 20090120 Re: CVE request -- git
http://www.openwall.com/lists/oss-security/2009/01/20/1
[oss-security] 20090121 Re: CVE request -- git
http://www.openwall.com/lists/oss-security/2009/01/21/7
[oss-security] 20090123 Re: CVE request -- git
http://www.openwall.com/lists/oss-security/2009/01/23/2
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=512330
http://repo.or.cz/w/git.git?a=commitdiff%3Bh=c582abae
http://wiki.rpath.com/Advisories:rPSA-2009-0005
https://bugzilla.redhat.com/show_bug.cgi?id=479715
https://issues.rpath.com/browse/RPL-2936
Common Vulnerability Exposure (CVE) ID: CVE-2008-5517
33215
http://www.securityfocus.com/bid/33215
http://repo.or.cz/w/git.git?a=commitdiff%3Bh=516381d5
Common Vulnerability Exposure (CVE) ID: CVE-2008-5916
https://www.redhat.com/archives/fedora-package-announce/2008-December/msg01169.html
https://www.redhat.com/archives/fedora-package-announce/2008-December/msg01170.html
http://marc.info/?l=git&m=122975564100860&w=2
http://marc.info/?l=linux-kernel&m=122975564100863&w=2:
http://www.openwall.com/lists/oss-security/2009/01/15/2
http://www.openwall.com/lists/oss-security/2009/01/20/2
http://osvdb.org/50918
http://secunia.com/advisories/33282
http://securityreason.com/securityalert/4922
XForce ISS Database: git-gitweb-privilege-escalation(47528)
https://exchange.xforce.ibmcloud.com/vulnerabilities/47528

Copyright Copyright (C) 2009 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.63546
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 200903-15 (git)
Resumen:	The remote host is missing updates announced in;advisory GLSA 200903-15.
Descripción:	Summary: The remote host is missing updates announced in advisory GLSA 200903-15. Vulnerability Insight: Multiple vulnerabilities in gitweb allow for remote execution of arbitrary commands. Solution: All git users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=dev-util/git-1.6.0.6' CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2008-5516 20090113 rPSA-2009-0005-1 git gitweb http://www.securityfocus.com/archive/1/500008/100/0/threaded 33964 http://secunia.com/advisories/33964 34194 http://secunia.com/advisories/34194 4919 http://securityreason.com/securityalert/4919 ADV-2009-0175 http://www.vupen.com/english/advisories/2009/0175 DSA-1708 http://www.debian.org/security/2009/dsa-1708 GLSA-200903-15 http://www.gentoo.org/security/en/glsa/glsa-200903-15.xml SUSE-SR:2009:001 http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00002.html USN-723-1 http://www.ubuntu.com/usn/USN-723-1 [oss-security] 20090120 Re: CVE request -- git http://www.openwall.com/lists/oss-security/2009/01/20/1 [oss-security] 20090121 Re: CVE request -- git http://www.openwall.com/lists/oss-security/2009/01/21/7 [oss-security] 20090123 Re: CVE request -- git http://www.openwall.com/lists/oss-security/2009/01/23/2 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=512330 http://repo.or.cz/w/git.git?a=commitdiff%3Bh=c582abae http://wiki.rpath.com/Advisories:rPSA-2009-0005 https://bugzilla.redhat.com/show_bug.cgi?id=479715 https://issues.rpath.com/browse/RPL-2936 Common Vulnerability Exposure (CVE) ID: CVE-2008-5517 33215 http://www.securityfocus.com/bid/33215 http://repo.or.cz/w/git.git?a=commitdiff%3Bh=516381d5 Common Vulnerability Exposure (CVE) ID: CVE-2008-5916 https://www.redhat.com/archives/fedora-package-announce/2008-December/msg01169.html https://www.redhat.com/archives/fedora-package-announce/2008-December/msg01170.html http://marc.info/?l=git&m=122975564100860&w=2 http://marc.info/?l=linux-kernel&m=122975564100863&w=2: http://www.openwall.com/lists/oss-security/2009/01/15/2 http://www.openwall.com/lists/oss-security/2009/01/20/2 http://osvdb.org/50918 http://secunia.com/advisories/33282 http://securityreason.com/securityalert/4922 XForce ISS Database: git-gitweb-privilege-escalation(47528) https://exchange.xforce.ibmcloud.com/vulnerabilities/47528
Copyright	Copyright (C) 2009 E-Soft Inc.