cgit ‘Author’ Field Remote Denial of Service Vulnerability
The information has been provided by Jim Meyering.
* cgit cgit 0.9.0.2-2 and Prior
Attackers can exploit this issue to crash the affected application, denying service to legitimate users. Heap-based buffer overflow in the substr function in parsing.c in cgit 0.9.0.3 and earlier allows remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via an empty username in the ‘Author’ field in a commit.
Some vulnerabilities has been reported in cgit, which can be exploited by malicious users to cause a DoS (Denial of Service) and compromise a vulnerable system. 1) An error when parsing the ‘Author’ field of a Git commit and can be exploited to cause a heap-based buffer overflow and crash the application. 2) An error in the syntax-highlighting.sh script when processing the ‘–plug-in’ argument can be exploited to inject shell commands.
Published: Oct 01 2012 12:00AM
Updated: Oct 12 2012 06:40PM