what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 6 of 6 RSS Feed

CVE-2016-2324

Status Candidate

Overview

Integer overflow in Git before 2.7.4 allows remote attackers to execute arbitrary code via a (1) long filename or (2) many nested trees, which triggers a heap-based buffer overflow.

Related Files

Apple Security Advisory 2016-05-03-1
Posted May 6, 2016
Authored by Apple | Site apple.com

Apple Security Advisory 2016-05-03-1 - Xcode 7.3.1 is now available and addresses a heap-based buffer overflow vulnerability.

tags | advisory, overflow
systems | apple
advisories | CVE-2016-2315, CVE-2016-2324
SHA-256 | de7ad5b8d22c9f8865c6a0c295ca9fbf8e157d1ed947788a5de45f67ca0e0e1e
Red Hat Security Advisory 2016-0497-01
Posted Mar 23, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0497-01 - Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work on and contribute to projects without the need to have permission to push the changes to their official repositories, but also makes it possible for the user to work with no network connection. An integer truncation flaw and an integer overflow flaw, both leading to a heap-based buffer overflow, were found in the way Git processed certain path information. A remote attacker could create a specially crafted Git repository that would cause a Git client or server to crash or, possibly, execute arbitrary code.

tags | advisory, remote, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2016-2315, CVE-2016-2324
SHA-256 | 212fda6729a6768d6f7ad3d832d6f9ef4276e13fe9fc71f9ae59f9653f50af59
Red Hat Security Advisory 2016-0496-01
Posted Mar 23, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0496-01 - Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work on and contribute to projects without the need to have permission to push the changes to their official repositories, but also makes it possible for the user to work with no network connection. An integer truncation flaw and an integer overflow flaw, both leading to a heap-based buffer overflow, were found in the way Git processed certain path information. A remote attacker could create a specially crafted Git repository that would cause a Git client or server to crash or, possibly, execute arbitrary code.

tags | advisory, remote, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2016-2315, CVE-2016-2324
SHA-256 | 33481f9b2e323032036bbac27addbdbb7aca8f0d60afb5adf509af12b34245cc
Ubuntu Security Notice USN-2938-1
Posted Mar 22, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2938-1 - Lael Cellier discovered that Git incorrectly handled path strings in crafted Git repositories. A remote attacker could use this issue to cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking Git.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2016-2315, CVE-2016-2324
SHA-256 | d4a0d948833adb3e11088215135e259147bc0b69370d9650067ca30edb3e8b2c
Debian Security Advisory 3521-1
Posted Mar 20, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3521-1 - Lael Cellier discovered two buffer overflow vulnerabilities in git, a fast, scalable, distributed revision control system, which could be exploited for remote execution of arbitrary code.

tags | advisory, remote, overflow, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2016-2315, CVE-2016-2324
SHA-256 | 46ec78cd04db91be6d28705ff766c6c3e38dbbceacb349ca0705d85b151da1e9
Slackware Security Advisory - git Updates
Posted Mar 16, 2016
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New git packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2016-2315, CVE-2016-2324
SHA-256 | 1c99e71a3fad9650a752f68bbbef7c024a33b46b4b822521373fefb124404fdb
Page 1 of 1
Back1Next

File Archive:

May 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    44 Files
  • 2
    May 2nd
    5 Files
  • 3
    May 3rd
    11 Files
  • 4
    May 4th
    0 Files
  • 5
    May 5th
    0 Files
  • 6
    May 6th
    28 Files
  • 7
    May 7th
    3 Files
  • 8
    May 8th
    4 Files
  • 9
    May 9th
    54 Files
  • 10
    May 10th
    12 Files
  • 11
    May 11th
    0 Files
  • 12
    May 12th
    0 Files
  • 13
    May 13th
    17 Files
  • 14
    May 14th
    11 Files
  • 15
    May 15th
    17 Files
  • 16
    May 16th
    13 Files
  • 17
    May 17th
    22 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    17 Files
  • 21
    May 21st
    18 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close