CVE-2008-5517

NameCVE-2008-5517
DescriptionThe web interface in git (gitweb) 1.5.x before 1.5.6 allows remote attackers to execute arbitrary commands via shell metacharacters related to (1) git_snapshot and (2) git_object.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, GitHub code/issues, web search, more)
ReferencesDSA-1708-1
NVD severityhigh (attack range: remote)
Debian Bugs512330

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
git-coresource(unstable)1:1.5.6.5-2low512330
git-coresourceetch1:1.4.4.4-4+etch1highDSA-1708-1

Search for package or bug name: Reporting problems