Vulnerability-Lookup

CVE-2018-17456 (GCVE-0-2018-17456)

Vulnerability from cvelistv5 – Published: 2018-10-06 14:00 – Updated: 2024-08-05 10:47

Summary

Git before 2.14.5, 2.15.x before 2.15.3, 2.16.x before 2.16.5, 2.17.x before 2.17.2, 2.18.x before 2.18.1, and 2.19.x before 2.19.1 allows remote code execution during processing of a recursive "git clone" of a superproject if a .gitmodules file has a URL field beginning with a '-' character.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

GHSA-G986-JP62-5XQ6

Vulnerability from github – Published: 2022-05-13 01:19 – Updated: 2022-05-13 01:19

Details

Severity ?

9.8 (Critical)


                  
                    CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2018-17456"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-88"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-10-06T14:29:00Z",
    "severity": "CRITICAL"
  },
  "details": "Git before 2.14.5, 2.15.x before 2.15.3, 2.16.x before 2.16.5, 2.17.x before 2.17.2, 2.18.x before 2.18.1, and 2.19.x before 2.19.1 allows remote code execution during processing of a recursive \"git clone\" of a superproject if a .gitmodules file has a URL field beginning with a \u0027-\u0027 character.",
  "id": "GHSA-g986-jp62-5xq6",
  "modified": "2022-05-13T01:19:25Z",
  "published": "2022-05-13T01:19:25Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-17456"
    },
    {
      "type": "WEB",
      "url": "https://github.com/git/git/commit/1a7fd1fb2998002da6e9ff2ee46e1bdd25ee8404"
    },
    {
      "type": "WEB",
      "url": "https://github.com/git/git/commit/a124133e1e6ab5c7a9fef6d0e6bcb084e3455b46"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2018:3408"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2018:3505"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2018:3541"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2020:0316"
    },
    {
      "type": "WEB",
      "url": "https://marc.info/?l=git\u0026m=153875888916397\u0026w=2"
    },
    {
      "type": "WEB",
      "url": "https://seclists.org/bugtraq/2019/Mar/30"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/3791-1"
    },
    {
      "type": "WEB",
      "url": "https://www.debian.org/security/2018/dsa-4311"
    },
    {
      "type": "WEB",
      "url": "https://www.exploit-db.com/exploits/45548"
    },
    {
      "type": "WEB",
      "url": "https://www.exploit-db.com/exploits/45631"
    },
    {
      "type": "WEB",
      "url": "https://www.openwall.com/lists/oss-security/2018/10/06/3"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00003.html"
    },
    {
      "type": "WEB",
      "url": "http://packetstormsecurity.com/files/152173/Sourcetree-Git-Arbitrary-Code-Execution-URL-Handling.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/105523"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/107511"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1041811"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

CVE-2018-17456

Vulnerability from fstec - Published: 05.10.2018

Title

Уязвимость функционала «git clone» распределенной системы контроля версий Git, позволяющая нарушителю выполнить произвольный код

Description

Уязвимость функционала «git clone» распределенной системы контроля версий Git связана с некорректной обработкой рекурсивной задачи «git clone», примененной к суперпроекту, в котором файл .gitmodules имеет поле URL, начинающееся с символа «-». Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, выполнить произвольный код

Severity ?


                    
                      AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Vendor

ООО «РусБИТех-Астра», Linus Torvalds, Junio Hamano

Software Name

Astra Linux Special Edition (запись в едином реестре российских программ №369), Git

Software Version

1.6 «Смоленск» (Astra Linux Special Edition), до 2.14.5 (Git), 2.15.0 до 2.15.3 (Git), 2.16.0 до 2.16.5 (Git), 2.17.0 до 2.17.2 (Git), 2.18.0 до 2.18.1 (Git), 2.19.0 до 2.19.1 (Git)

Possible Mitigations

Для Git: Обновление программного обеспечения до 2.19.1 или более поздней версии Для Astra Linux: Обновление программного обеспечения (пакета git) до 1:2.1.4-2.1+deb8u7 или более поздней версии

Reference

https://public-inbox.org/git/xmqqy3bcuy3l.fsf@gitster-ct.c.googlers.com https://nvd.nist.gov/vuln/detail/CVE-2018-17456 https://security-tracker.debian.org/tracker/CVE-2018-17456 https://www.exploit-db.com/exploits/45548 https://www.exploit-db.com/exploits/45631

CWE

CWE-20

JSON

To clipboard

{
  "CVSS 2.0": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
  "CVSS 3.0": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "\u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb, Linus Torvalds, Junio Hamano",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "1.6 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb (Astra Linux Special Edition), \u0434\u043e 2.14.5 (Git), 2.15.0 \u0434\u043e 2.15.3 (Git), 2.16.0 \u0434\u043e 2.16.5 (Git), 2.17.0 \u0434\u043e 2.17.2 (Git), 2.18.0 \u0434\u043e 2.18.1 (Git), 2.19.0 \u0434\u043e 2.19.1 (Git)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0414\u043b\u044f Git:\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0434\u043e 2.19.1 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438\n\n\u0414\u043b\u044f Astra Linux:\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f (\u043f\u0430\u043a\u0435\u0442\u0430 git) \u0434\u043e 1:2.1.4-2.1+deb8u7 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "05.10.2018",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "23.03.2021",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "05.02.2019",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2019-00423",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2018-17456",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Astra Linux Special Edition (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), Git",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": null,
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u043e\u043d\u0430\u043b\u0430 \u00abgit clone\u00bb \u0440\u0430\u0441\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044f \u0432\u0435\u0440\u0441\u0438\u0439 Git, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0421\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0432 \u043e\u0442\u043a\u0440\u044b\u0442\u043e\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u0435",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u0430\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0430 \u0432\u0432\u043e\u0434\u0438\u043c\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 (CWE-20)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u043e\u043d\u0430\u043b\u0430 \u00abgit clone\u00bb \u0440\u0430\u0441\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044f \u0432\u0435\u0440\u0441\u0438\u0439 Git \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u043e\u0439 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u043e\u0439 \u0440\u0435\u043a\u0443\u0440\u0441\u0438\u0432\u043d\u043e\u0439 \u0437\u0430\u0434\u0430\u0447\u0438 \u00abgit clone\u00bb, \u043f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u043d\u043e\u0439 \u043a \u0441\u0443\u043f\u0435\u0440\u043f\u0440\u043e\u0435\u043a\u0442\u0443, \u0432 \u043a\u043e\u0442\u043e\u0440\u043e\u043c \u0444\u0430\u0439\u043b .gitmodules \u0438\u043c\u0435\u0435\u0442 \u043f\u043e\u043b\u0435 URL, \u043d\u0430\u0447\u0438\u043d\u0430\u044e\u0449\u0435\u0435\u0441\u044f \u0441 \u0441\u0438\u043c\u0432\u043e\u043b\u0430 \u00ab-\u00bb. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": "-",
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c\u0438",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://public-inbox.org/git/xmqqy3bcuy3l.fsf@gitster-ct.c.googlers.com\nhttps://nvd.nist.gov/vuln/detail/CVE-2018-17456\nhttps://security-tracker.debian.org/tracker/CVE-2018-17456\nhttps://www.exploit-db.com/exploits/45548\nhttps://www.exploit-db.com/exploits/45631",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-20",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,5)\n\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 9,8)"
}

CNVD-2018-20877

Vulnerability from cnvd - Published: 2018-10-15

Title

Git Submodule任意代码执行漏洞

Description

Git是一个开源的分布式版本控制系统 Git Submodule处理'-'字符存在安全漏洞，允许远程攻击者利用漏洞提交特殊的请求，可执行任意代码。

Severity

高

Patch Name

Git Submodule任意代码执行漏洞的补丁

Patch Description

Git是一个开源的分布式版本控制系统 Git Submodule处理'-'字符存在安全漏洞，允许远程攻击者利用漏洞提交特殊的请求，可执行任意代码。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

用户可参考如下厂商提供的安全补丁以修复该漏洞： https://github.com/git/git/commit/1a7fd1fb2998002da6e9ff2ee46e1bdd25ee8404

Reference

https://marc.info/?l=git&m=153875888916397&w=2 https://www.exploit-db.com/exploits/45548/

Impacted products

Name
['GIT GIT < 2.14.5', 'GIT GIT < 2.15.3', 'GIT GIT < 2.16.5', 'GIT GIT < 2.17.2', 'GIT GIT < 2.18.1', 'GIT GIT < 2.19.1']

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "105523"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2018-17456"
    }
  },
  "description": "Git\u662f\u4e00\u4e2a\u5f00\u6e90\u7684\u5206\u5e03\u5f0f\u7248\u672c\u63a7\u5236\u7cfb\u7edf\r\n\r\nGit Submodule\u5904\u7406\u0027-\u0027\u5b57\u7b26\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u5229\u7528\u6f0f\u6d1e\u63d0\u4ea4\u7279\u6b8a\u7684\u8bf7\u6c42\uff0c\u53ef\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002",
  "discovererName": "joernchen and Jeff King",
  "formalWay": "\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u5382\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u8865\u4e01\u4ee5\u4fee\u590d\u8be5\u6f0f\u6d1e\uff1a\r\nhttps://github.com/git/git/commit/1a7fd1fb2998002da6e9ff2ee46e1bdd25ee8404",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2018-20877",
  "openTime": "2018-10-15",
  "patchDescription": "Git\u662f\u4e00\u4e2a\u5f00\u6e90\u7684\u5206\u5e03\u5f0f\u7248\u672c\u63a7\u5236\u7cfb\u7edf\r\n\r\nGit Submodule\u5904\u7406\u0027-\u0027\u5b57\u7b26\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u5229\u7528\u6f0f\u6d1e\u63d0\u4ea4\u7279\u6b8a\u7684\u8bf7\u6c42\uff0c\u53ef\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Git Submodule\u4efb\u610f\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "GIT GIT \u003c 2.14.5",
      "GIT GIT \u003c 2.15.3",
      "GIT GIT \u003c 2.16.5",
      "GIT GIT \u003c 2.17.2",
      "GIT GIT \u003c 2.18.1",
      "GIT GIT \u003c 2.19.1"
    ]
  },
  "referenceLink": "https://marc.info/?l=git\u0026m=153875888916397\u0026w=2\r\nhttps://www.exploit-db.com/exploits/45548/",
  "serverity": "\u9ad8",
  "submitTime": "2018-10-09",
  "title": "Git Submodule\u4efb\u610f\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e"
}

GSD-2018-17456

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

Aliases

CVE-2018-17456

Aliases

CVE-2018-17456

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2018-17456",
    "description": "Git before 2.14.5, 2.15.x before 2.15.3, 2.16.x before 2.16.5, 2.17.x before 2.17.2, 2.18.x before 2.18.1, and 2.19.x before 2.19.1 allows remote code execution during processing of a recursive \"git clone\" of a superproject if a .gitmodules file has a URL field beginning with a \u0027-\u0027 character.",
    "id": "GSD-2018-17456",
    "references": [
      "https://www.suse.com/security/cve/CVE-2018-17456.html",
      "https://www.debian.org/security/2018/dsa-4311",
      "https://access.redhat.com/errata/RHSA-2020:0316",
      "https://access.redhat.com/errata/RHSA-2018:3541",
      "https://access.redhat.com/errata/RHSA-2018:3408",
      "https://ubuntu.com/security/CVE-2018-17456",
      "https://advisories.mageia.org/CVE-2018-17456.html",
      "https://security.archlinux.org/CVE-2018-17456",
      "https://alas.aws.amazon.com/cve/html/CVE-2018-17456.html",
      "https://linux.oracle.com/cve/CVE-2018-17456.html",
      "https://packetstormsecurity.com/files/cve/CVE-2018-17456"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2018-17456"
      ],
      "details": "Git before 2.14.5, 2.15.x before 2.15.3, 2.16.x before 2.16.5, 2.17.x before 2.17.2, 2.18.x before 2.18.1, and 2.19.x before 2.19.1 allows remote code execution during processing of a recursive \"git clone\" of a superproject if a .gitmodules file has a URL field beginning with a \u0027-\u0027 character.",
      "id": "GSD-2018-17456",
      "modified": "2023-12-13T01:22:30.958011Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2018-17456",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Git before 2.14.5, 2.15.x before 2.15.3, 2.16.x before 2.16.5, 2.17.x before 2.17.2, 2.18.x before 2.18.1, and 2.19.x before 2.19.1 allows remote code execution during processing of a recursive \"git clone\" of a superproject if a .gitmodules file has a URL field beginning with a \u0027-\u0027 character."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "45631",
            "refsource": "EXPLOIT-DB",
            "url": "https://www.exploit-db.com/exploits/45631/"
          },
          {
            "name": "105523",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/105523"
          },
          {
            "name": "1041811",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id/1041811"
          },
          {
            "name": "DSA-4311",
            "refsource": "DEBIAN",
            "url": "https://www.debian.org/security/2018/dsa-4311"
          },
          {
            "name": "RHSA-2018:3505",
            "refsource": "REDHAT",
            "url": "https://access.redhat.com/errata/RHSA-2018:3505"
          },
          {
            "name": "https://github.com/git/git/commit/1a7fd1fb2998002da6e9ff2ee46e1bdd25ee8404",
            "refsource": "MISC",
            "url": "https://github.com/git/git/commit/1a7fd1fb2998002da6e9ff2ee46e1bdd25ee8404"
          },
          {
            "name": "45548",
            "refsource": "EXPLOIT-DB",
            "url": "https://www.exploit-db.com/exploits/45548/"
          },
          {
            "name": "RHSA-2018:3541",
            "refsource": "REDHAT",
            "url": "https://access.redhat.com/errata/RHSA-2018:3541"
          },
          {
            "name": "https://github.com/git/git/commit/a124133e1e6ab5c7a9fef6d0e6bcb084e3455b46",
            "refsource": "MISC",
            "url": "https://github.com/git/git/commit/a124133e1e6ab5c7a9fef6d0e6bcb084e3455b46"
          },
          {
            "name": "RHSA-2018:3408",
            "refsource": "REDHAT",
            "url": "https://access.redhat.com/errata/RHSA-2018:3408"
          },
          {
            "name": "https://marc.info/?l=git\u0026m=153875888916397\u0026w=2",
            "refsource": "MISC",
            "url": "https://marc.info/?l=git\u0026m=153875888916397\u0026w=2"
          },
          {
            "name": "https://www.openwall.com/lists/oss-security/2018/10/06/3",
            "refsource": "MISC",
            "url": "https://www.openwall.com/lists/oss-security/2018/10/06/3"
          },
          {
            "name": "USN-3791-1",
            "refsource": "UBUNTU",
            "url": "https://usn.ubuntu.com/3791-1/"
          },
          {
            "name": "20190320 March 2019 Sourcetree Advisory - Multiple Remote Code Execution Vulnerabilities",
            "refsource": "BUGTRAQ",
            "url": "https://seclists.org/bugtraq/2019/Mar/30"
          },
          {
            "name": "107511",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/107511"
          },
          {
            "name": "http://packetstormsecurity.com/files/152173/Sourcetree-Git-Arbitrary-Code-Execution-URL-Handling.html",
            "refsource": "MISC",
            "url": "http://packetstormsecurity.com/files/152173/Sourcetree-Git-Arbitrary-Code-Execution-URL-Handling.html"
          },
          {
            "name": "RHSA-2020:0316",
            "refsource": "REDHAT",
            "url": "https://access.redhat.com/errata/RHSA-2020:0316"
          },
          {
            "name": "openSUSE-SU-2020:0598",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00003.html"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "2.14.5",
                "versionStartIncluding": "2.14.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "2.19.1",
                "versionStartIncluding": "2.19.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "2.18.1",
                "versionStartIncluding": "2.18.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "2.17.2",
                "versionStartIncluding": "2.17.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "2.16.5",
                "versionStartIncluding": "2.16.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "2.15.3",
                "versionStartIncluding": "2.15.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:7.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:redhat:ansible_tower:3.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:7.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:6.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:7.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:7.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-17456"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Git before 2.14.5, 2.15.x before 2.15.3, 2.16.x before 2.16.5, 2.17.x before 2.17.2, 2.18.x before 2.18.1, and 2.19.x before 2.19.1 allows remote code execution during processing of a recursive \"git clone\" of a superproject if a .gitmodules file has a URL field beginning with a \u0027-\u0027 character."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-88"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.openwall.com/lists/oss-security/2018/10/06/3",
              "refsource": "MISC",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://www.openwall.com/lists/oss-security/2018/10/06/3"
            },
            {
              "name": "https://marc.info/?l=git\u0026m=153875888916397\u0026w=2",
              "refsource": "MISC",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://marc.info/?l=git\u0026m=153875888916397\u0026w=2"
            },
            {
              "name": "https://github.com/git/git/commit/a124133e1e6ab5c7a9fef6d0e6bcb084e3455b46",
              "refsource": "MISC",
              "tags": [
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://github.com/git/git/commit/a124133e1e6ab5c7a9fef6d0e6bcb084e3455b46"
            },
            {
              "name": "https://github.com/git/git/commit/1a7fd1fb2998002da6e9ff2ee46e1bdd25ee8404",
              "refsource": "MISC",
              "tags": [
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://github.com/git/git/commit/1a7fd1fb2998002da6e9ff2ee46e1bdd25ee8404"
            },
            {
              "name": "DSA-4311",
              "refsource": "DEBIAN",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://www.debian.org/security/2018/dsa-4311"
            },
            {
              "name": "45548",
              "refsource": "EXPLOIT-DB",
              "tags": [
                "Exploit",
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "https://www.exploit-db.com/exploits/45548/"
            },
            {
              "name": "1041811",
              "refsource": "SECTRACK",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securitytracker.com/id/1041811"
            },
            {
              "name": "105523",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/105523"
            },
            {
              "name": "USN-3791-1",
              "refsource": "UBUNTU",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://usn.ubuntu.com/3791-1/"
            },
            {
              "name": "45631",
              "refsource": "EXPLOIT-DB",
              "tags": [
                "Exploit",
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "https://www.exploit-db.com/exploits/45631/"
            },
            {
              "name": "RHSA-2018:3408",
              "refsource": "REDHAT",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2018:3408"
            },
            {
              "name": "RHSA-2018:3505",
              "refsource": "REDHAT",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2018:3505"
            },
            {
              "name": "RHSA-2018:3541",
              "refsource": "REDHAT",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2018:3541"
            },
            {
              "name": "20190320 March 2019 Sourcetree Advisory - Multiple Remote Code Execution Vulnerabilities",
              "refsource": "BUGTRAQ",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://seclists.org/bugtraq/2019/Mar/30"
            },
            {
              "name": "107511",
              "refsource": "BID",
              "tags": [
                "VDB Entry",
                "Third Party Advisory"
              ],
              "url": "http://www.securityfocus.com/bid/107511"
            },
            {
              "name": "http://packetstormsecurity.com/files/152173/Sourcetree-Git-Arbitrary-Code-Execution-URL-Handling.html",
              "refsource": "MISC",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://packetstormsecurity.com/files/152173/Sourcetree-Git-Arbitrary-Code-Execution-URL-Handling.html"
            },
            {
              "name": "RHSA-2020:0316",
              "refsource": "REDHAT",
              "tags": [],
              "url": "https://access.redhat.com/errata/RHSA-2020:0316"
            },
            {
              "name": "openSUSE-SU-2020:0598",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00003.html"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2020-08-24T17:37Z",
      "publishedDate": "2018-10-06T14:29Z"
    }
  }
}

FKIE_CVE-2018-17456

Vulnerability from fkie_nvd - Published: 2018-10-06 14:29 - Updated: 2024-11-21 03:54

Severity ?

9.8 (Critical) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
cve@mitre.org	http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00003.html
cve@mitre.org	http://packetstormsecurity.com/files/152173/Sourcetree-Git-Arbitrary-Code-Execution-URL-Handling.html	Third Party Advisory, VDB Entry
cve@mitre.org	http://www.securityfocus.com/bid/105523	Third Party Advisory, VDB Entry
cve@mitre.org	http://www.securityfocus.com/bid/107511	Third Party Advisory, VDB Entry
cve@mitre.org	http://www.securitytracker.com/id/1041811	Third Party Advisory, VDB Entry
cve@mitre.org	https://access.redhat.com/errata/RHSA-2018:3408	Third Party Advisory
cve@mitre.org	https://access.redhat.com/errata/RHSA-2018:3505	Third Party Advisory
cve@mitre.org	https://access.redhat.com/errata/RHSA-2018:3541	Third Party Advisory
cve@mitre.org	https://access.redhat.com/errata/RHSA-2020:0316
cve@mitre.org	https://github.com/git/git/commit/1a7fd1fb2998002da6e9ff2ee46e1bdd25ee8404	Patch, Third Party Advisory
cve@mitre.org	https://github.com/git/git/commit/a124133e1e6ab5c7a9fef6d0e6bcb084e3455b46	Patch, Third Party Advisory
cve@mitre.org	https://marc.info/?l=git&m=153875888916397&w=2	Third Party Advisory
cve@mitre.org	https://seclists.org/bugtraq/2019/Mar/30	Mailing List, Third Party Advisory
cve@mitre.org	https://usn.ubuntu.com/3791-1/	Third Party Advisory
cve@mitre.org	https://www.debian.org/security/2018/dsa-4311	Third Party Advisory
cve@mitre.org	https://www.exploit-db.com/exploits/45548/	Exploit, Third Party Advisory, VDB Entry
cve@mitre.org	https://www.exploit-db.com/exploits/45631/	Exploit, Third Party Advisory, VDB Entry
cve@mitre.org	https://www.openwall.com/lists/oss-security/2018/10/06/3	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00003.html
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/152173/Sourcetree-Git-Arbitrary-Code-Execution-URL-Handling.html	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/105523	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/107511	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1041811	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/errata/RHSA-2018:3408	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/errata/RHSA-2018:3505	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/errata/RHSA-2018:3541	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/errata/RHSA-2020:0316
af854a3a-2127-422b-91ae-364da2661108	https://github.com/git/git/commit/1a7fd1fb2998002da6e9ff2ee46e1bdd25ee8404	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/git/git/commit/a124133e1e6ab5c7a9fef6d0e6bcb084e3455b46	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://marc.info/?l=git&m=153875888916397&w=2	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://seclists.org/bugtraq/2019/Mar/30	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://usn.ubuntu.com/3791-1/	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.debian.org/security/2018/dsa-4311	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.exploit-db.com/exploits/45548/	Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://www.exploit-db.com/exploits/45631/	Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://www.openwall.com/lists/oss-security/2018/10/06/3	Mailing List, Third Party Advisory

Impacted products

Vendor	Product	Version
git-scm	git	*
git-scm	git	*
git-scm	git	*
git-scm	git	*
git-scm	git	*
git-scm	git	*
redhat	ansible_tower	3.3
redhat	enterprise_linux	6.0
redhat	enterprise_linux	6.7
redhat	enterprise_linux	7.0
redhat	enterprise_linux	7.3
redhat	enterprise_linux	7.4
redhat	enterprise_linux	7.5
redhat	enterprise_linux	7.6
redhat	enterprise_linux_desktop	7.0
redhat	enterprise_linux_server	7.0
redhat	enterprise_linux_server_aus	7.6
redhat	enterprise_linux_server_eus	7.6
redhat	enterprise_linux_server_tus	7.6
redhat	enterprise_linux_workstation	7.0
canonical	ubuntu_linux	14.04
canonical	ubuntu_linux	16.04
canonical	ubuntu_linux	18.04
debian	debian_linux	9.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED8DE6FB-46B5-4C26-BE2F-55B171323C5E",
              "versionEndExcluding": "2.14.5",
              "versionStartIncluding": "2.14.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "58AFD1CE-ADE0-4051-B106-47B441FF267E",
              "versionEndExcluding": "2.15.3",
              "versionStartIncluding": "2.15.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "40076AA1-1157-4A18-AF07-D1162A88B715",
              "versionEndExcluding": "2.16.5",
              "versionStartIncluding": "2.16.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D51CF0E9-66B6-44BC-97A0-BDEDA2D82F8A",
              "versionEndExcluding": "2.17.2",
              "versionStartIncluding": "2.17.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "606CCC22-495F-4938-BFA7-30DA28AE0D8B",
              "versionEndExcluding": "2.18.1",
              "versionStartIncluding": "2.18.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A96BE1EC-5270-4701-AEFB-7B038E204101",
              "versionEndExcluding": "2.19.1",
              "versionStartIncluding": "2.19.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:redhat:ansible_tower:3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5319543-0143-4E2E-AA77-B7F116C1336C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:6.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "84FF61DF-D634-4FB5-8DF1-01F631BE1A7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B99A2411-7F6A-457F-A7BF-EB13C630F902",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:7.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "041F9200-4C01-4187-AE34-240E8277B54D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:7.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "4EB48767-F095-444F-9E05-D9AC345AB803",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:7.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F6FA12B-504C-4DBF-A32E-0548557AA2ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF77CDCF-B9C9-427D-B2BF-36650FB2148C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
              "matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
              "matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
              "matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Git before 2.14.5, 2.15.x before 2.15.3, 2.16.x before 2.16.5, 2.17.x before 2.17.2, 2.18.x before 2.18.1, and 2.19.x before 2.19.1 allows remote code execution during processing of a recursive \"git clone\" of a superproject if a .gitmodules file has a URL field beginning with a \u0027-\u0027 character."
    },
    {
      "lang": "es",
      "value": "Git en versiones anteriores a la 2.14.5, versiones 2.15.x anteriores a la 2.15.3, versiones 2.16.x anteriores a la 2.16.5, versiones 2.17.x anteriores a la 2.17.2, versiones 2.18.x anteriores a la 2.18.1 y versiones 2.19.x anteriores a la 2.19.1 permite la ejecuci\u00f3n remota de c\u00f3digo durante el procesamiento de un \"clon de git\" recursivo de un superproyecto si un archivo .gitmodules tiene un campo URL que comienza por un car\u00e1cter \"-\"."
    }
  ],
  "id": "CVE-2018-17456",
  "lastModified": "2024-11-21T03:54:27.660",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-10-06T14:29:00.300",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00003.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/152173/Sourcetree-Git-Arbitrary-Code-Execution-URL-Handling.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/105523"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/107511"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1041811"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:3408"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:3505"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:3541"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://access.redhat.com/errata/RHSA-2020:0316"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/git/git/commit/1a7fd1fb2998002da6e9ff2ee46e1bdd25ee8404"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/git/git/commit/a124133e1e6ab5c7a9fef6d0e6bcb084e3455b46"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://marc.info/?l=git\u0026m=153875888916397\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://seclists.org/bugtraq/2019/Mar/30"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://usn.ubuntu.com/3791-1/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.debian.org/security/2018/dsa-4311"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.exploit-db.com/exploits/45548/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.exploit-db.com/exploits/45631/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://www.openwall.com/lists/oss-security/2018/10/06/3"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00003.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/152173/Sourcetree-Git-Arbitrary-Code-Execution-URL-Handling.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/105523"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/107511"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1041811"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:3408"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:3505"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:3541"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2020:0316"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/git/git/commit/1a7fd1fb2998002da6e9ff2ee46e1bdd25ee8404"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/git/git/commit/a124133e1e6ab5c7a9fef6d0e6bcb084e3455b46"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://marc.info/?l=git\u0026m=153875888916397\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://seclists.org/bugtraq/2019/Mar/30"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://usn.ubuntu.com/3791-1/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.debian.org/security/2018/dsa-4311"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.exploit-db.com/exploits/45548/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.exploit-db.com/exploits/45631/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://www.openwall.com/lists/oss-security/2018/10/06/3"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-88"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CERTFR-2018-ALE-011

Vulnerability from certfr_alerte - Published: 2018-10-08 - Updated: 2018-10-12

Le 5 octobre 2018, le projet Git a publié un correctif de sécurité concernant le client Git. Celui-ci concerne la vulnérabilité CVE-2018-17456 qui permet à un attaquant d'exécuter du code arbitraire à distance.

La cinématique d'exploitation de cette vulnérabilité est la suivante :

L'attaquant crée un fichier ".gitmodules" malveillant dans un projet
Lors de la réplication d'un projet via la commande "git clone --recurse-modules", le client Git analyse le fichier ".gitmodules"
Si le champ "URL" est une chaîne de caractère commençant par un tiret ("-"), le sous-processus "git clone" exécutera la chaîne comme une option

Cela conduit à une exécution de code arbitraire à distance sur la machine d'un utilisateur ayant lancé une simple commande "git clone". La facilité d'exploitation de cette vulnérabilité constitue un risque majeur.

Il est par ailleurs possible d'avoir un comportement non-voulu (chemin brisé) en définissant le champ "PATH" comme une chaîne de caractère commençant par un tiret ("-"). Ce champ ne semble pas être affecté par la vulnérabilité au sens de l'exécution de code mais peut provoquer des dysfonctionnements lors du clonage de projets.

Solution

Le CERT-FR recommande de mettre à jour son client Git sans attendre.

None

Impacted products

Vendor	Product	Description
N/A	N/A	Git de la branche 2.15 jusqu'à 2.15.3 (exclue)
N/A	N/A	Git de la branche 2.18 jusqu'à 2.18.1 (exclue)
N/A	N/A	Git de la branche 2.16 jusqu'à 2.16.5 (exclue)
N/A	N/A	Git de la branche 2.19 jusqu'à 2.19.1 (exclue)
N/A	N/A	Client tierces (Github, Atom...) : voir les sites des développeurs
N/A	N/A	Git branche antérieure à 2.14.5
N/A	N/A	Git de la branche 2.17 jusqu'à 2.17.2 (exclue)

References

Title

Publication Time

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2018-17456 (GCVE-0-2018-17456)

GHSA-G986-JP62-5XQ6

CVE-2018-17456

CNVD-2018-20877

GSD-2018-17456

FKIE_CVE-2018-17456

CERTFR-2018-ALE-011

Solution

Tags

Sightings

Nomenclature