Git 'ssh://' URL Processing Flaw Lets Remote Users Execute Arbitrary Commands on the Target System
|
SecurityTracker Alert ID: 1039131 |
SecurityTracker URL: http://securitytracker.com/id/1039131
|
CVE Reference:
CVE-2017-1000117
(Links to External Site)
|
Date: Aug 11 2017
|
Impact:
Execution of arbitrary code via network, User access via network
|
Fix Available: Yes Vendor Confirmed: Yes
|
|
Description:
A vulnerability was reported in Git. A remote user can execute arbitrary code on the target system.
A remote user (e.g., repository) can return a specially crafted 'ssh://' URL to execute arbitrary shell commands on the target user' system. The code will run with the privileges of the target user.
The vulnerability can be triggered during 'clone' commands.
The original advisory is available at:
http://blog.recurity-labs.com/2017-08-10/scm-vulns
Joern Schneeweisz of Recurity Labs reported this vulnerability.
|
Impact:
A remote user can execute arbitrary shell commands on the target system.
|
Solution:
The vendor has issued a fix (2.14.1).
The vendor advisory is available at:
https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.14.1.txt
|
Vendor URL: raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.14.1.txt (Links to External Site)
|
Cause:
Input validation error
|
Underlying OS: Linux (Any)
|
|
Message History:
This archive entry has one or more follow-up message(s) listed below.
|
Source Message Contents
|
|
[Original Message Not Available for Viewing]
|
|