CVE-2009-2108

Related Files

Debian Linux Security Advisory 1841-2

Posted Jan 31, 2010

Authored by Debian | Site debian.org

Debian Linux Security Advisory 1841-2 - A bug in git-core caused the security update in DSA 1841 to fail to build on a number of architectures Debian supports. This update corrects the bug and releases builds for all supported architectures.

tags | advisory

systems | linux, debian

advisories | CVE-2009-2108

SHA-256 | 5dcc8ca33d09da65b2123daef88e0d64c824d7df810dac134737c258b0d72fd3

Download | Favorite | View

Mandriva Linux Security Advisory 2009-176

Posted Jul 29, 2009

Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-176 - git-daemon in git 1.4.4.5 through 1.6.3 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a request containing extra unrecognized arguments. This update provides fixes for this vulnerability.

tags | advisory, remote, denial of service

systems | linux, mandriva

advisories | CVE-2009-2108

SHA-256 | 8e6d8e09960d48b01040ac3367fd7b20b5a9b2dfe8356f578a79e6c45a70a746

Download | Favorite | View

Debian Linux Security Advisory 1841-1

Posted Jul 28, 2009

Authored by Debian | Site debian.org

Debian Security Advisory 1841-1 - It was discovered that git-daemon which is part of git-core, a popular distributed revision control system, is vulnerable to denial of service attacks caused by a programming mistake in handling requests containing extra unrecognized arguments which results in an infinite loop. While this is no problem for the daemon itself as every request will spawn a new git-daemon instance, this still results in a very high CPU consumption and might lead to denial of service conditions.

tags | advisory, denial of service

systems | linux, debian

advisories | CVE-2009-2108

SHA-256 | 1f5b8e7954072461cfe46ca03ff4605326d8249ac2a4059a4ff2b23c889b8ad7

Download | Favorite | View

Mandriva Linux Security Advisory 2009-155

Posted Jul 20, 2009

Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-155 - git-daemon in git 1.4.4.5 through 1.6.3 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a request containing extra unrecognized arguments. This update provides fixes for this vulnerability.

tags | advisory, remote, denial of service

systems | linux, mandriva

advisories | CVE-2009-2108

SHA-256 | 39d32aba881272a63e274ce28478c3f7508d1473676796bd725c858eb0336517

Download | Favorite | View

Gentoo Linux Security Advisory 200907-5

Posted Jul 13, 2009

Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200907-05 - An error in git-daemon might lead to a Denial of Service via resource consumption. Shawn O. Pearce reported that git-daemon runs into an infinite loop when handling requests that contain unrecognized arguments. Versions less than 1.6.3.3 are affected.

tags | advisory, denial of service

systems | linux, gentoo

advisories | CVE-2009-2108

SHA-256 | 4aaff3179a4042234b82d5622ee77ce7f457623fbcdf04bcb7d51055f9243923

Download | Favorite | View