cgit ‘Author’ Field Remote Denial of Service Vulnerability

Summary

cgit is prone to a remote denial-of-service vulnerability.

Credit:

The information has been provided by Jim Meyering.


Details

Vulnerable Systems:
 * cgit cgit 0.9.0.2-2 and Prior

Attackers can exploit this issue to crash the affected application, denying service to legitimate users. Heap-based buffer overflow in the substr function in parsing.c in cgit 0.9.0.3 and earlier allows remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via an empty username in the ‘Author’ field in a commit.

Some vulnerabilities has been reported in cgit, which can be exploited by malicious users to cause a DoS (Denial of Service) and compromise a vulnerable system. 1) An error when parsing the ‘Author’ field of a Git commit and can be exploited to cause a heap-based buffer overflow and crash the application. 2) An error in the syntax-highlighting.sh script when processing the ‘–plug-in’ argument can be exploited to inject shell commands.

CVE Information:
CVE-2012-4465

Disclosure Timeline:
Published: Oct 01 2012 12:00AM
Updated: Oct 12 2012 06:40PM

Categories: News