CVE-2018-17456

Published: Oct 6, 2018Modified: Nov 21, 2024

9.8

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

Git before 2.14.5, 2.15.x before 2.15.3, 2.16.x before 2.16.5, 2.17.x before 2.17.2, 2.18.x before 2.18.1, and 2.19.x before 2.19.1 allows remote code execution during processing of a recursive "git clone" of a superproject if a .gitmodules file has a URL field beginning with a '-' character.

Affected (24)

Products: Git Scm: Git · Redhat: Ansible Tower, Enterprise Linux, Enterprise Linux Desktop, Enterprise Linux Server, Enterprise Linux Server Aus, Enterprise Linux Server Eus, Enterprise Linux Server Tus, Enterprise Linux Workstation · Canonical: Ubuntu Linux · +1 more

Show all products

Git Scm: Git · Redhat: Ansible Tower, Enterprise Linux, Enterprise Linux Desktop, Enterprise Linux Server, Enterprise Linux Server Aus, Enterprise Linux Server Eus, Enterprise Linux Server Tus, Enterprise Linux Workstation · Canonical: Ubuntu Linux · Debian: Debian Linux

1 product

8 products

Enterprise Linux Desktop

Enterprise Linux Server

Enterprise Linux Server Aus

Enterprise Linux Server Eus

Enterprise Linux Server Tus

Enterprise Linux Workstation

1 product

1 product

Configuration A

6 vulnerable

Vulnerable Software	Affected Versions
Git Scm Git	From 2.14.0 to 2.14.5
Git Scm Git	From 2.15.0 to 2.15.3
Git Scm Git	From 2.16.0 to 2.16.5
Git Scm Git	From 2.17.0 to 2.17.2
Git Scm Git	From 2.18.0 to 2.18.1
Git Scm Git	From 2.19.0 to 2.19.1

Configuration B

14 vulnerable

Vulnerable Software	Affected Versions
Redhat Ansible Tower	Version 3.3
Redhat Enterprise Linux	Version 6.0
Redhat Enterprise Linux	Version 6.7
Redhat Enterprise Linux	Version 7.0
Redhat Enterprise Linux	Version 7.3
Redhat Enterprise Linux	Version 7.4
Redhat Enterprise Linux	Version 7.5
Redhat Enterprise Linux	Version 7.6
Redhat Enterprise Linux Desktop	Version 7.0
Redhat Enterprise Linux Server	Version 7.0
Redhat Enterprise Linux Server Aus	Version 7.6
Redhat Enterprise Linux Server Eus	Version 7.6
Redhat Enterprise Linux Server Tus	Version 7.6
Redhat Enterprise Linux Workstation	Version 7.0

Configuration C

3 vulnerable

Vulnerable Software	Affected Versions
Canonical Ubuntu Linux	Version 14.04
Canonical Ubuntu Linux	Version 16.04
Canonical Ubuntu Linux	Version 18.04

Configuration D

1 vulnerable

Vulnerable Software	Affected Versions
Debian Debian Linux	Version 9.0

Related CWEs

CWE-88

Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')

The product constructs a string for a command to be executed by a separate component in another control sphere, but it does not properly delimit the intended arguments, options, or switches within that command string.

References (36)

http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00003.html

Source: cve@mitre.org

http://packetstormsecurity.com/files/152173/Sourcetree-Git-Arbitrary-Code-Execution-URL-Handling.html

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

http://www.securityfocus.com/bid/105523

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

http://www.securityfocus.com/bid/107511

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1041811

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

https://access.redhat.com/errata/RHSA-2018:3408

Source: cve@mitre.org

Third Party Advisory

https://access.redhat.com/errata/RHSA-2018:3505

Source: cve@mitre.org

Third Party Advisory

https://access.redhat.com/errata/RHSA-2018:3541

Source: cve@mitre.org

Third Party Advisory

https://access.redhat.com/errata/RHSA-2020:0316

Source: cve@mitre.org

https://github.com/git/git/commit/1a7fd1fb2998002da6e9ff2ee46e1bdd25ee8404

Source: cve@mitre.org

PatchThird Party Advisory

https://github.com/git/git/commit/a124133e1e6ab5c7a9fef6d0e6bcb084e3455b46

Source: cve@mitre.org

PatchThird Party Advisory

https://marc.info/?l=git&m=153875888916397&w=2

Source: cve@mitre.org

Third Party Advisory

https://seclists.org/bugtraq/2019/Mar/30

Source: cve@mitre.org

Mailing ListThird Party Advisory

https://usn.ubuntu.com/3791-1/

Source: cve@mitre.org

Third Party Advisory

https://www.debian.org/security/2018/dsa-4311

Source: cve@mitre.org

Third Party Advisory

https://www.exploit-db.com/exploits/45548/

Source: cve@mitre.org

ExploitThird Party AdvisoryVDB Entry

https://www.exploit-db.com/exploits/45631/

Source: cve@mitre.org

ExploitThird Party AdvisoryVDB Entry

https://www.openwall.com/lists/oss-security/2018/10/06/3

Source: cve@mitre.org

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00003.html