SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   Git Vendors:   kernel.org
Git Lets Remote Authenticated Users Escape the 'git-shell' and Gain Elevated Privileges
SecurityTracker Alert ID:  1038479
SecurityTracker URL:  http://securitytracker.com/id/1038479
CVE Reference:   CVE-2017-8386   (Links to External Site)
Date:  May 15 2017
Impact:   User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  

Description:   A vulnerability was reported in Git. A remote authenticated user can gain elevated privileges.

A remote authenticated user can supply a specially crafted repository name to break out of the restricted git-shell and gain elevated privileges on the target system.

A repository name that starts with a dash can trigger this flaw.

Servers configured to use git-shell as a login shell are affected.

The original advisory is available at:

https://insinuator.net/2017/05/git-shell-bypass-by-abusing-less-cve-2017-8386/

Timo Schmid reported this vulnerability.

Impact:   A remote authenticated user can gain elevated privileges on the target system.
Solution:   The vendor has issued a fix (2.4.12, 2.5.6, 2.6.7, 2.7.5, 2.8.5, 2.9.4, 2.10.3, 2.11.2, 2.12.3).

The source code fix is available at:

https://kernel.googlesource.com/pub/scm/git/git/+/3ec804490a265f4c418a321428c12f3f18b7eff5

The vendor advisory is available at:

http://public-inbox.org/git/xmqq8tm5ziat.fsf@gitster.mtv.corp.google.com/

Vendor URL:  public-inbox.org/git/xmqq8tm5ziat.fsf@gitster.mtv.corp.google.com/ (Links to External Site)
Cause:   Input validation error
Underlying OS:  Linux (Any)

Message History:   This archive entry has one or more follow-up message(s) listed below.
May 15 2017 (Ubuntu Issues Fix) Git Lets Remote Authenticated Users Escape the 'git-shell' and Gain Elevated Privileges
Ubuntu has issued a fix for Ubuntu Linux 14.04 LTS, 16.04 LTS, 16.10, and 17.04.
Aug 1 2017 (Red Hat Issues Fix) Git Lets Remote Authenticated Users Escape the 'git-shell' and Gain Elevated Privileges
Red Hat has issued a fix for Red Hat Enterprise Linux 7.
Aug 21 2017 (Red Hat Issues Fix) Git Lets Remote Authenticated Users Escape the 'git-shell' and Gain Elevated Privileges
Red Hat has issued a fix for rh-git29-git for Red Hat Enterprise Linux 6 and 7.



 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC