Scientific Linux Security Update : git on SL7.x x86_64

This script is Copyright (C) 2017 Tenable Network Security, Inc.


Synopsis :

The remote Scientific Linux host is missing one or more security
updates.

Description :

Security Fix(es) :

- A shell command injection flaw related to the handling
of 'ssh' URLs has been discovered in Git. An attacker
could use this flaw to execute shell commands with the
privileges of the user running the Git client, for
example, when performing a 'clone' action on a malicious
repository or a legitimate repository containing a
malicious commit. (CVE-2017-1000117)

See also :

http://www.nessus.org/u?59432b89

Solution :

Update the affected packages.

Risk factor :

High

Family: Scientific Linux Local Security Checks

Nessus Plugin ID: 102674 ()

Bugtraq ID:

CVE ID: CVE-2017-1000117

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now