Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
http_transport.c in Fossil before 2.4, when the SSH sync protocol is used, allows user-assisted remote attackers to execute arbitrary commands via an ssh URL with an initial dash character in the hostname, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-12976, CVE-2017-14176, CVE-2017-16228, CVE-2017-1000116, and CVE-2017-1000117.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Fossil 安全漏洞
Vulnerability Description
Fossil是一款免费、开源的分布式软件配置管理系统。该系统支持版本控制、错误跟踪等功能。 Fossil 2.4之前的版本中的http_transport.c文件存在安全漏洞。远程攻击者可借助特制的ssh:// URL利用该漏洞执行任意命令。
CVSS Information
N/A
Vulnerability Type
N/A