what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 6 of 6 RSS Feed

CVE-2016-2324

Status Candidate

Overview

Integer overflow in Git before 2.7.4 allows remote attackers to execute arbitrary code via a (1) long filename or (2) many nested trees, which triggers a heap-based buffer overflow.

Related Files

Apple Security Advisory 2016-05-03-1
Posted May 6, 2016
Authored by Apple | Site apple.com

Apple Security Advisory 2016-05-03-1 - Xcode 7.3.1 is now available and addresses a heap-based buffer overflow vulnerability.

tags | advisory, overflow
systems | apple
advisories | CVE-2016-2315, CVE-2016-2324
SHA-256 | de7ad5b8d22c9f8865c6a0c295ca9fbf8e157d1ed947788a5de45f67ca0e0e1e
Red Hat Security Advisory 2016-0497-01
Posted Mar 23, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0497-01 - Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work on and contribute to projects without the need to have permission to push the changes to their official repositories, but also makes it possible for the user to work with no network connection. An integer truncation flaw and an integer overflow flaw, both leading to a heap-based buffer overflow, were found in the way Git processed certain path information. A remote attacker could create a specially crafted Git repository that would cause a Git client or server to crash or, possibly, execute arbitrary code.

tags | advisory, remote, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2016-2315, CVE-2016-2324
SHA-256 | 212fda6729a6768d6f7ad3d832d6f9ef4276e13fe9fc71f9ae59f9653f50af59
Red Hat Security Advisory 2016-0496-01
Posted Mar 23, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0496-01 - Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work on and contribute to projects without the need to have permission to push the changes to their official repositories, but also makes it possible for the user to work with no network connection. An integer truncation flaw and an integer overflow flaw, both leading to a heap-based buffer overflow, were found in the way Git processed certain path information. A remote attacker could create a specially crafted Git repository that would cause a Git client or server to crash or, possibly, execute arbitrary code.

tags | advisory, remote, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2016-2315, CVE-2016-2324
SHA-256 | 33481f9b2e323032036bbac27addbdbb7aca8f0d60afb5adf509af12b34245cc
Ubuntu Security Notice USN-2938-1
Posted Mar 22, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2938-1 - Lael Cellier discovered that Git incorrectly handled path strings in crafted Git repositories. A remote attacker could use this issue to cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking Git.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2016-2315, CVE-2016-2324
SHA-256 | d4a0d948833adb3e11088215135e259147bc0b69370d9650067ca30edb3e8b2c
Debian Security Advisory 3521-1
Posted Mar 20, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3521-1 - Lael Cellier discovered two buffer overflow vulnerabilities in git, a fast, scalable, distributed revision control system, which could be exploited for remote execution of arbitrary code.

tags | advisory, remote, overflow, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2016-2315, CVE-2016-2324
SHA-256 | 46ec78cd04db91be6d28705ff766c6c3e38dbbceacb349ca0705d85b151da1e9
Slackware Security Advisory - git Updates
Posted Mar 16, 2016
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New git packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2016-2315, CVE-2016-2324
SHA-256 | 1c99e71a3fad9650a752f68bbbef7c024a33b46b4b822521373fefb124404fdb
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close