Microsoft Visual Studio .git\config Command Execution
Medium Nessus Plugin ID 80333
SynopsisThe remote host has an application installed that is affected by a command execution vulnerability.
DescriptionThe version of Visual Studio installed on the remote host is affected by a command execution vulnerability when processing specially crafted git trees in a case-insensitive or case-normalizing file system. A remote attacker, using a specially crafted git tree, can overwrite a user's '.git/config' file when the user clones or checks out a repository, allowing arbitrary command execution.
SolutionApply the appropriate patches as recommended by Microsoft.