CentOS Local Security Checks : CentOS Update for emacs-git CESA-2017:2485 centos6

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.882761

Categoría: CentOS Local Security Checks

Título: CentOS Update for emacs-git CESA-2017:2485 centos6

Resumen: Check the version of emacs-git

Descripción: Summary:
Check the version of emacs-git

Vulnerability Insight:
Git is a distributed revision control
system with a decentralized architecture. As opposed to centralized version
control systems with a client-server model, Git ensures that each working
copy of a Git repository is an exact copy with complete revision history.
This not only allows the user to work on and contribute to projects without
the need to have permission to push the changes to their official repositories,
but also makes it possible for the user to work with no network connection.

Security Fix(es):

* A shell command injection flaw related to the handling of 'ssh' URLs has
been discovered in Git. An attacker could use this flaw to execute shell
commands with the privileges of the user running the Git client, for
example, when performing a 'clone' action on a malicious repository or a
legitimate repository containing a malicious commit. (CVE-2017-1000117)

Affected Software/OS:
emacs-git on CentOS 6

Solution:
Please Install the Updated Packages.

CVSS Score:
6.8

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2017-1000117
BugTraq ID: 100283
http://www.securityfocus.com/bid/100283
Debian Security Information: DSA-3934 (Google Search)
http://www.debian.org/security/2017/dsa-3934
https://www.exploit-db.com/exploits/42599/
https://security.gentoo.org/glsa/201709-10
https://www.mail-archive.com/linux-kernel@vger.kernel.org/msg1466490.html
RedHat Security Advisories: RHSA-2017:2484
https://access.redhat.com/errata/RHSA-2017:2484
RedHat Security Advisories: RHSA-2017:2485
https://access.redhat.com/errata/RHSA-2017:2485
RedHat Security Advisories: RHSA-2017:2491
https://access.redhat.com/errata/RHSA-2017:2491
RedHat Security Advisories: RHSA-2017:2674
https://access.redhat.com/errata/RHSA-2017:2674
RedHat Security Advisories: RHSA-2017:2675
https://access.redhat.com/errata/RHSA-2017:2675
http://www.securitytracker.com/id/1039131

Copyright Copyright (C) 2017 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.882761
Categoría:	CentOS Local Security Checks
Título:	CentOS Update for emacs-git CESA-2017:2485 centos6
Resumen:	Check the version of emacs-git
Descripción:	Summary: Check the version of emacs-git Vulnerability Insight: Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work on and contribute to projects without the need to have permission to push the changes to their official repositories, but also makes it possible for the user to work with no network connection. Security Fix(es): * A shell command injection flaw related to the handling of 'ssh' URLs has been discovered in Git. An attacker could use this flaw to execute shell commands with the privileges of the user running the Git client, for example, when performing a 'clone' action on a malicious repository or a legitimate repository containing a malicious commit. (CVE-2017-1000117) Affected Software/OS: emacs-git on CentOS 6 Solution: Please Install the Updated Packages. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2017-1000117 BugTraq ID: 100283 http://www.securityfocus.com/bid/100283 Debian Security Information: DSA-3934 (Google Search) http://www.debian.org/security/2017/dsa-3934 https://www.exploit-db.com/exploits/42599/ https://security.gentoo.org/glsa/201709-10 https://www.mail-archive.com/linux-kernel@vger.kernel.org/msg1466490.html RedHat Security Advisories: RHSA-2017:2484 https://access.redhat.com/errata/RHSA-2017:2484 RedHat Security Advisories: RHSA-2017:2485 https://access.redhat.com/errata/RHSA-2017:2485 RedHat Security Advisories: RHSA-2017:2491 https://access.redhat.com/errata/RHSA-2017:2491 RedHat Security Advisories: RHSA-2017:2674 https://access.redhat.com/errata/RHSA-2017:2674 RedHat Security Advisories: RHSA-2017:2675 https://access.redhat.com/errata/RHSA-2017:2675 http://www.securitytracker.com/id/1039131
Copyright	Copyright (C) 2017 Greenbone AG