Launchpad CVE tracker

CVE 2009-2108

git-daemon in git 1.4.4.5 through 1.6.3 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a request containing extra unrecognized arguments.

Related bugs and status

CVE-2009-2108 (Candidate) is related to these bugs:

Bug #393100: Sync git-core 1:1.6.3.3-1 (main) from Debian unstable (main).

Summary				In	Importance	Status
	393100	Sync git-core 1:1.6.3.3-1 (main) from Debian unstable (main).		git-core (Ubuntu)	Wishlist	Invalid

See the

CVE page on Mitre.org for more details.

References

MLIST: [fedora-security-list]...
MLIST: [oss-security] 2009061...
MISC: http://article.gmane.o...
MISC: http://thread.gmane.or...
OSVDB: 55034
SECTRACK: 1022398
SECUNIA: 35437
VUPEN: ADV-2009-1579
FEDORA: FEDORA-2009-6809
FEDORA: FEDORA-2009-6839
FEDORA: FEDORA-2009-6936
BID: 35338
GENTOO: GLSA-200907-05
SECUNIA: 35730
MANDRIVA: MDVSA-2009:155
XF: gitdaemon-xinetd-dos(5...

Launchpad.net

CVE 2009-2108

Related bugs and status

Related bugs

References