Vulnerability-Lookup

CVE-2023-29011 (GCVE-0-2023-29011)

Vulnerability from cvelistv5 – Published: 2023-04-25 20:40 – Updated: 2025-02-03 18:07

Title

Git for Windows's config file of `connect.exe` is susceptible to malicious placing

Summary

Git for Windows, the Windows port of Git, ships with an executable called `connect.exe`, which implements a SOCKS5 proxy that can be used to connect e.g. to SSH servers via proxies when certain ports are blocked for outgoing connections. The location of `connect.exe`'s config file is hard-coded as `/etc/connectrc` which will typically be interpreted as `C:\etc\connectrc`. Since `C:\etc` can be created by any authenticated user, this makes `connect.exe` susceptible to malicious files being placed there by other users on the same multi-user machine. The problem has been patched in Git for Windows v2.40.1. As a workaround, create the folder `etc` on all drives where Git commands are run, and remove read/write access from those folders. Alternatively, watch out for malicious `<drive>:\etc\connectrc` files on multi-user machines.

Severity ?

7.6 (High)


                        
                          CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H

CWE

CWE-427 - Uncontrolled Search Path Element

Assigner

GitHub_M

References

URL

	Vendor	Product	Version
	git-for-windows	git	Affected: < 2.40.1

CERTFR-2023-AVI-0465

Vulnerability from certfr_avis - Published: 2023-06-14 - Updated: 2023-06-14

De multiples vulnérabilités ont été corrigées dans les produits Microsoft. Elles permettent à un attaquant de provoquer une usurpation d'identité, une atteinte à la confidentialité des données, un déni de service, une exécution de code à distance et une élévation de privilèges.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Microsoft	N/A	Microsoft Exchange Server 2019 Cumulative Update 13
Microsoft	N/A	NuGet 6.4.1
Microsoft	N/A	Microsoft Power Apps
Microsoft	N/A	Microsoft Visual Studio 2022 version 17.0
Microsoft	N/A	Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)
Microsoft	N/A	Microsoft Visual Studio 2022 version 17.2
Microsoft	N/A	Microsoft Visual Studio 2022 version 17.5
Microsoft	N/A	Dynamics 365 pour Finance and Operations
Microsoft	N/A	Microsoft Visual Studio 2022 version 17.6
Microsoft	N/A	NuGet 6.2.3
Microsoft	N/A	YARP 2.0
Microsoft	N/A	Microsoft Exchange Server 2016 Cumulative Update 23
Microsoft	N/A	Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)
Microsoft	N/A	NuGet 6.5.0
Microsoft	N/A	Visual Studio Code
Microsoft	N/A	Microsoft Visual Studio 2013 Update 5
Microsoft	N/A	Microsoft 365 Apps pour Enterprise pour systèmes 32 bits
Microsoft	N/A	Microsoft 365 Apps pour Enterprise pour 64 bits Systems
Microsoft	N/A	NuGet 6.6.0
Microsoft	N/A	NuGet 6.3.2
Microsoft	N/A	Microsoft Visual Studio 2015 Update 3
Microsoft	N/A	Microsoft Visual Studio 2022 version 17.4
Microsoft	N/A	NuGet 6.0.4
Microsoft	N/A	Microsoft Exchange Server 2019 Cumulative Update 12
Microsoft	N/A	Sysinternals Suite

References

Title

Publication Time

Tags

Bulletin de sécurité Microsoft du 13 juin 2023	None	vendor-advisory
Bulletin de sécurité Microsoft CVE-2023-24895 du 13 juin 2023	-	other
Bulletin de sécurité Microsoft CVE-2023-28310 du 13 juin 2023	-	other
Bulletin de sécurité Microsoft CVE-2023-32029 du 13 juin 2023	-	other
Bulletin de sécurité Microsoft CVE-2023-29331 du 13 juin 2023	-	other
Bulletin de sécurité Microsoft CVE-2023-29011 du 13 juin 2023	-	other
Bulletin de sécurité Microsoft CVE-2023-27911 du 13 juin 2023	-	other
Bulletin de sécurité Microsoft CVE-2023-33131 du 13 juin 2023	-	other
Bulletin de sécurité Microsoft CVE-2023-29353 du 13 juin 2023	-	other
Bulletin de sécurité Microsoft CVE-2023-24896 du 13 juin 2023	-	other
Bulletin de sécurité Microsoft CVE-2023-32032 du 13 juin 2023	-	other
Bulletin de sécurité Microsoft CVE-2023-33135 du 13 juin 2023	-	other
Bulletin de sécurité Microsoft CVE-2023-29012 du 13 juin 2023	-	other
Bulletin de sécurité Microsoft CVE-2023-33139 du 13 juin 2023	-	other
Bulletin de sécurité Microsoft CVE-2023-27910 du 13 juin 2023	-	other
Bulletin de sécurité Microsoft CVE-2023-24897 du 13 juin 2023	-	other
Bulletin de sécurité Microsoft CVE-2023-29337 du 13 juin 2023	-	other
Bulletin de sécurité Microsoft CVE-2023-33146 du 13 juin 2023	-	other
Bulletin de sécurité Microsoft CVE-2023-25815 du 13 juin 2023	-	other
Bulletin de sécurité Microsoft CVE-2023-33128 du 13 juin 2023	-	other
Bulletin de sécurité Microsoft CVE-2023-33126 du 13 juin 2023	-	other
Bulletin de sécurité Microsoft CVE-2023-32024 du 13 juin 2023	-	other
Bulletin de sécurité Microsoft CVE-2023-33141 du 13 juin 2023	-	other
Bulletin de sécurité Microsoft CVE-2023-29007 du 13 juin 2023	-	other
Bulletin de sécurité Microsoft CVE-2023-25652 du 13 juin 2023	-	other
Bulletin de sécurité Microsoft CVE-2023-27909 du 13 juin 2023	-	other
Bulletin de sécurité Microsoft CVE-2023-33144 du 13 juin 2023	-	other
Bulletin de sécurité Microsoft CVE-2023-33133 du 13 juin 2023	-	other
Bulletin de sécurité Microsoft CVE-2023-24936 du 13 juin 2023	-	other
Bulletin de sécurité Microsoft CVE-2023-32031 du 13 juin 2023	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Microsoft Exchange Server 2019 Cumulative Update 13",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "NuGet 6.4.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Power Apps",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Visual Studio 2022 version 17.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Visual Studio 2022 version 17.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Visual Studio 2022 version 17.5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Dynamics 365 pour Finance and Operations",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Visual Studio 2022 version 17.6",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "NuGet 6.2.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "YARP 2.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Exchange Server 2016 Cumulative Update 23",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "NuGet 6.5.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Visual Studio Code",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Visual Studio 2013 Update 5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft 365 Apps pour Enterprise pour syst\u00e8mes 32 bits",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft 365 Apps pour Enterprise pour 64 bits Systems",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "NuGet 6.6.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "NuGet 6.3.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Visual Studio 2015 Update 3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Visual Studio 2022 version 17.4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "NuGet 6.0.4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Exchange Server 2019 Cumulative Update 12",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Sysinternals Suite",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2023-24895",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24895"
    },
    {
      "name": "CVE-2023-27910",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27910"
    },
    {
      "name": "CVE-2023-33144",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-33144"
    },
    {
      "name": "CVE-2023-33135",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-33135"
    },
    {
      "name": "CVE-2023-25815",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-25815"
    },
    {
      "name": "CVE-2023-33131",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-33131"
    },
    {
      "name": "CVE-2023-24897",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24897"
    },
    {
      "name": "CVE-2023-24936",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24936"
    },
    {
      "name": "CVE-2023-29011",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29011"
    },
    {
      "name": "CVE-2023-29012",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29012"
    },
    {
      "name": "CVE-2023-29007",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29007"
    },
    {
      "name": "CVE-2023-33128",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-33128"
    },
    {
      "name": "CVE-2023-33141",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-33141"
    },
    {
      "name": "CVE-2023-32031",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32031"
    },
    {
      "name": "CVE-2023-29337",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29337"
    },
    {
      "name": "CVE-2023-33133",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-33133"
    },
    {
      "name": "CVE-2023-27911",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27911"
    },
    {
      "name": "CVE-2023-33146",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-33146"
    },
    {
      "name": "CVE-2023-32032",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32032"
    },
    {
      "name": "CVE-2023-27909",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27909"
    },
    {
      "name": "CVE-2023-33139",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-33139"
    },
    {
      "name": "CVE-2023-29331",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29331"
    },
    {
      "name": "CVE-2023-25652",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-25652"
    },
    {
      "name": "CVE-2023-29353",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29353"
    },
    {
      "name": "CVE-2023-28310",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-28310"
    },
    {
      "name": "CVE-2023-32029",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32029"
    },
    {
      "name": "CVE-2023-24896",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24896"
    },
    {
      "name": "CVE-2023-32024",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32024"
    },
    {
      "name": "CVE-2023-33126",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-33126"
    }
  ],
  "initial_release_date": "2023-06-14T00:00:00",
  "last_revision_date": "2023-06-14T00:00:00",
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-24895 du 13 juin 2023",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24895"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-28310 du 13 juin 2023",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28310"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-32029 du 13 juin 2023",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32029"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-29331 du 13 juin 2023",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29331"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-29011 du 13 juin 2023",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29011"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-27911 du 13 juin 2023",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-27911"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-33131 du 13 juin 2023",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33131"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-29353 du 13 juin 2023",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29353"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-24896 du 13 juin 2023",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24896"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-32032 du 13 juin 2023",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32032"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-33135 du 13 juin 2023",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33135"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-29012 du 13 juin 2023",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29012"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-33139 du 13 juin 2023",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33139"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-27910 du 13 juin 2023",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-27910"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-24897 du 13 juin 2023",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24897"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-29337 du 13 juin 2023",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29337"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-33146 du 13 juin 2023",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33146"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-25815 du 13 juin 2023",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-25815"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-33128 du 13 juin 2023",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33128"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-33126 du 13 juin 2023",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33126"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-32024 du 13 juin 2023",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32024"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-33141 du 13 juin 2023",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33141"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-29007 du 13 juin 2023",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29007"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-25652 du 13 juin 2023",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-25652"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-27909 du 13 juin 2023",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-27909"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-33144 du 13 juin 2023",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33144"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-33133 du 13 juin 2023",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33133"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-24936 du 13 juin 2023",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24936"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-32031 du 13 juin 2023",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32031"
    }
  ],
  "reference": "CERTFR-2023-AVI-0465",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2023-06-14T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Usurpation d\u0027identit\u00e9"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eles produits Microsoft\u003c/span\u003e. Elles permettent \u00e0 un\nattaquant de provoquer une usurpation d\u0027identit\u00e9, une atteinte \u00e0 la\nconfidentialit\u00e9 des donn\u00e9es, un d\u00e9ni de service, une ex\u00e9cution de code \u00e0\ndistance et une \u00e9l\u00e9vation de privil\u00e8ges.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Microsoft",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft du 13 juin 2023",
      "url": "https://msrc.microsoft.com/update-guide/"
    }
  ]
}

GSD-2023-29011

Vulnerability from gsd - Updated: 2023-12-13 01:20

Details

Aliases

CVE-2023-29011

Aliases

CVE-2023-29011

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2023-29011",
    "id": "GSD-2023-29011"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2023-29011"
      ],
      "details": "Git for Windows, the Windows port of Git, ships with an executable called `connect.exe`, which implements a SOCKS5 proxy that can be used to connect e.g. to SSH servers via proxies when certain ports are blocked for outgoing connections. The location of `connect.exe`\u0027s config file is hard-coded as `/etc/connectrc` which will typically be interpreted as `C:\\etc\\connectrc`. Since `C:\\etc` can be created by any authenticated user, this makes `connect.exe` susceptible to malicious files being placed there by other users on the same multi-user machine. The problem has been patched in Git for Windows v2.40.1. As a workaround, create the folder `etc` on all drives where Git commands are run, and remove read/write access from those folders. Alternatively, watch out for malicious `\u003cdrive\u003e:\\etc\\connectrc` files on multi-user machines.",
      "id": "GSD-2023-29011",
      "modified": "2023-12-13T01:20:57.016023Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security-advisories@github.com",
        "ID": "CVE-2023-29011",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "git",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "\u003c 2.40.1"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "git-for-windows"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Git for Windows, the Windows port of Git, ships with an executable called `connect.exe`, which implements a SOCKS5 proxy that can be used to connect e.g. to SSH servers via proxies when certain ports are blocked for outgoing connections. The location of `connect.exe`\u0027s config file is hard-coded as `/etc/connectrc` which will typically be interpreted as `C:\\etc\\connectrc`. Since `C:\\etc` can be created by any authenticated user, this makes `connect.exe` susceptible to malicious files being placed there by other users on the same multi-user machine. The problem has been patched in Git for Windows v2.40.1. As a workaround, create the folder `etc` on all drives where Git commands are run, and remove read/write access from those folders. Alternatively, watch out for malicious `\u003cdrive\u003e:\\etc\\connectrc` files on multi-user machines."
          }
        ]
      },
      "impact": {
        "cvss": [
          {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H",
            "version": "3.1"
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "cweId": "CWE-427",
                "lang": "eng",
                "value": "CWE-427: Uncontrolled Search Path Element"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://github.com/git-for-windows/git/security/advisories/GHSA-g4fv-xjqw-q7jm",
            "refsource": "MISC",
            "url": "https://github.com/git-for-windows/git/security/advisories/GHSA-g4fv-xjqw-q7jm"
          },
          {
            "name": "https://github.com/git-for-windows/git/releases/tag/v2.40.1.windows.1",
            "refsource": "MISC",
            "url": "https://github.com/git-for-windows/git/releases/tag/v2.40.1.windows.1"
          }
        ]
      },
      "source": {
        "advisory": "GHSA-g4fv-xjqw-q7jm",
        "discovery": "UNKNOWN"
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:git_for_windows_project:git_for_windows:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "2.40.1",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "security-advisories@github.com",
          "ID": "CVE-2023-29011"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Git for Windows, the Windows port of Git, ships with an executable called `connect.exe`, which implements a SOCKS5 proxy that can be used to connect e.g. to SSH servers via proxies when certain ports are blocked for outgoing connections. The location of `connect.exe`\u0027s config file is hard-coded as `/etc/connectrc` which will typically be interpreted as `C:\\etc\\connectrc`. Since `C:\\etc` can be created by any authenticated user, this makes `connect.exe` susceptible to malicious files being placed there by other users on the same multi-user machine. The problem has been patched in Git for Windows v2.40.1. As a workaround, create the folder `etc` on all drives where Git commands are run, and remove read/write access from those folders. Alternatively, watch out for malicious `\u003cdrive\u003e:\\etc\\connectrc` files on multi-user machines."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-427"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/git-for-windows/git/releases/tag/v2.40.1.windows.1",
              "refsource": "MISC",
              "tags": [
                "Release Notes"
              ],
              "url": "https://github.com/git-for-windows/git/releases/tag/v2.40.1.windows.1"
            },
            {
              "name": "https://github.com/git-for-windows/git/security/advisories/GHSA-g4fv-xjqw-q7jm",
              "refsource": "MISC",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://github.com/git-for-windows/git/security/advisories/GHSA-g4fv-xjqw-q7jm"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 1.8,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2023-05-04T21:18Z",
      "publishedDate": "2023-04-25T21:15Z"
    }
  }
}

CVE-2023-29011

Vulnerability from fstec - Published: 25.04.2023

Title

Уязвимость исполняемого файла connect.exe распределенной системы контроля версий Git для Windows, позволяющая нарушителю выполнить произвольный код

Description

Уязвимость исполняемого файла connect.exe распределенной системы контроля версий Git для Windows связана с неконтролируемым элементом пути поиска. Эксплуатация уязвимости может позволить нарушителю выполнить произвольный код

Severity ?


                    
                      AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Vendor

Microsoft Corp, Linus Torvalds, Junio Hamano

Software Name

Microsoft Visual Studio 2022, Git, Microsoft Visual Studio 2017, Microsoft Visual Studio 2019

Software Version

17.0 (Microsoft Visual Studio 2022), 17.2 (Microsoft Visual Studio 2022), 17.4 (Microsoft Visual Studio 2022), 17.6 (Microsoft Visual Studio 2022), до 2.40.1 (Git), от 15.0 до 15.8 включительно (Microsoft Visual Studio 2017), от 16.0 до 16.10 включительно (Microsoft Visual Studio 2019)

Possible Mitigations

Обновление программного обеспечения Git до версии 2.40.1 или выше Использование рекомендаций: Для программных продуктов Microsoft Corp.: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29012

Reference

https://github.com/git-for-windows/git/releases/tag/v2.40.1.windows.1 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29012 https://safe-surf.ru/specialists/bulletins-nkcki/695305/

CWE

CWE-427

JSON

To clipboard

{
  "CVSS 2.0": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
  "CVSS 3.0": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "TO708",
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": "TO708 \u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 Visual Studio 2019 16.11.30",
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Microsoft Corp, Linus Torvalds, Junio Hamano",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "17.0 (Microsoft Visual Studio 2022), 17.2 (Microsoft Visual Studio 2022), 17.4 (Microsoft Visual Studio 2022), 17.6 (Microsoft Visual Studio 2022), \u0434\u043e 2.40.1 (Git), \u043e\u0442 15.0 \u0434\u043e 15.8 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Microsoft Visual Studio 2017), \u043e\u0442 16.0 \u0434\u043e 16.10 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Microsoft Visual Studio 2019)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Git \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 2.40.1 \u0438\u043b\u0438 \u0432\u044b\u0448\u0435 \n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439: \n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Microsoft Corp.:\nhttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29012",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "25.04.2023",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "11.10.2023",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "11.10.2023",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2023-06554",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2023-29011",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Microsoft Visual Studio 2022, Git, Microsoft Visual Studio 2017, Microsoft Visual Studio 2019",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "Microsoft Corp Windows - ",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u043d\u044f\u0435\u043c\u043e\u0433\u043e \u0444\u0430\u0439\u043b\u0430 connect.exe \u0440\u0430\u0441\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044f \u0432\u0435\u0440\u0441\u0438\u0439 Git \u0434\u043b\u044f Windows, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0421\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u043a\u043e\u043d\u0442\u0440\u043e\u043b\u0438\u0440\u0443\u0435\u043c\u044b\u0439 \u044d\u043b\u0435\u043c\u0435\u043d\u0442 \u043f\u0443\u0442\u0438 \u043f\u043e\u0438\u0441\u043a\u0430 (CWE-427)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u043d\u044f\u0435\u043c\u043e\u0433\u043e \u0444\u0430\u0439\u043b\u0430 connect.exe \u0440\u0430\u0441\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044f \u0432\u0435\u0440\u0441\u0438\u0439 Git \u0434\u043b\u044f Windows \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u043a\u043e\u043d\u0442\u0440\u043e\u043b\u0438\u0440\u0443\u0435\u043c\u044b\u043c \u044d\u043b\u0435\u043c\u0435\u043d\u0442\u043e\u043c \u043f\u0443\u0442\u0438 \u043f\u043e\u0438\u0441\u043a\u0430. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c\u0438",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://github.com/git-for-windows/git/releases/tag/v2.40.1.windows.1\nhttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29012\nhttps://safe-surf.ru/specialists/bulletins-nkcki/695305/",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-427",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,2)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,8)"
}

FKIE_CVE-2023-29011

Vulnerability from fkie_nvd - Published: 2023-04-25 21:15 - Updated: 2024-11-21 07:56

Severity ?

7.5 (High) - CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
security-advisories@github.com	https://github.com/git-for-windows/git/releases/tag/v2.40.1.windows.1	Release Notes
security-advisories@github.com	https://github.com/git-for-windows/git/security/advisories/GHSA-g4fv-xjqw-q7jm	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/git-for-windows/git/releases/tag/v2.40.1.windows.1	Release Notes
af854a3a-2127-422b-91ae-364da2661108	https://github.com/git-for-windows/git/security/advisories/GHSA-g4fv-xjqw-q7jm	Vendor Advisory

Impacted products

	Vendor	Product	Version
	git_for_windows_project	git_for_windows	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:git_for_windows_project:git_for_windows:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E740B447-D96A-40C3-AFA9-9B058379E04D",
              "versionEndExcluding": "2.40.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Git for Windows, the Windows port of Git, ships with an executable called `connect.exe`, which implements a SOCKS5 proxy that can be used to connect e.g. to SSH servers via proxies when certain ports are blocked for outgoing connections. The location of `connect.exe`\u0027s config file is hard-coded as `/etc/connectrc` which will typically be interpreted as `C:\\etc\\connectrc`. Since `C:\\etc` can be created by any authenticated user, this makes `connect.exe` susceptible to malicious files being placed there by other users on the same multi-user machine. The problem has been patched in Git for Windows v2.40.1. As a workaround, create the folder `etc` on all drives where Git commands are run, and remove read/write access from those folders. Alternatively, watch out for malicious `\u003cdrive\u003e:\\etc\\connectrc` files on multi-user machines."
    }
  ],
  "id": "CVE-2023-29011",
  "lastModified": "2024-11-21T07:56:23.420",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 6.0,
        "source": "security-advisories@github.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2023-04-25T21:15:10.480",
  "references": [
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Release Notes"
      ],
      "url": "https://github.com/git-for-windows/git/releases/tag/v2.40.1.windows.1"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://github.com/git-for-windows/git/security/advisories/GHSA-g4fv-xjqw-q7jm"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Release Notes"
      ],
      "url": "https://github.com/git-for-windows/git/releases/tag/v2.40.1.windows.1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://github.com/git-for-windows/git/security/advisories/GHSA-g4fv-xjqw-q7jm"
    }
  ],
  "sourceIdentifier": "security-advisories@github.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-427"
        }
      ],
      "source": "security-advisories@github.com",
      "type": "Secondary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2023-29011 (GCVE-0-2023-29011)

CERTFR-2023-AVI-0465

Solution

GSD-2023-29011

CVE-2023-29011

FKIE_CVE-2023-29011

Tags

Sightings

Nomenclature