vendor:
Git
by:
Unknown
8.8
CVSS
HIGH
CVE-2017-1000117
94
CWE
Product Name: Git
Affected Version From: Git version 2.7.5 and lower
Affected Version To: Unknown
Patch Exists: YES
Related CWE: CVE-2017-1000117
CPE: a:git:git:2.7.5
Metasploit:
https://www.rapid7.com/db/vulnerabilities/suse-cve-2017-17459/, https://www.rapid7.com/db/vulnerabilities/gentoo-linux-cve-2017-17459/, https://www.rapid7.com/db/vulnerabilities/huawei-euleros-2_0_sp2-cve-2017-14176/, https://www.rapid7.com/db/vulnerabilities/huawei-euleros-2_0_sp3-cve-2017-14176/, https://www.rapid7.com/db/vulnerabilities/huawei-euleros-2_0_sp5-cve-2017-14176/, https://www.rapid7.com/db/vulnerabilities/alpine-linux-cve-2017-14176/, https://www.rapid7.com/db/vulnerabilities/oracle-solaris-cve-2017-16228/, https://www.rapid7.com/db/vulnerabilities/suse-cve-2017-16228/, https://www.rapid7.com/db/vulnerabilities/suse-cve-2017-14176/, https://www.rapid7.com/db/vulnerabilities/ubuntu-cve-2017-14176/, https://www.rapid7.com/db/vulnerabilities/debian-cve-2017-14176/, https://www.rapid7.com/db/vulnerabilities/centos_linux-cve-2017-1000117/, https://www.rapid7.com/db/vulnerabilities/gentoo-linux-cve-2017-1000117/, https://www.rapid7.com/db/vulnerabilities/huawei-euleros-2_0_sp2-cve-2017-1000117/, https://www.rapid7.com/db/vulnerabilities/huawei-euleros-2_0_sp1-cve-2017-1000117/, https://www.rapid7.com/db/vulnerabilities/oracle-solaris-cve-2017-1000117/, https://www.rapid7.com/db/vulnerabilities/amazon_linux-cve-2017-1000117/, https://www.rapid7.com/db/vulnerabilities/suse-cve-2017-1000117/, https://www.rapid7.com/db/vulnerabilities/debian-cve-2017-12976/, https://www.rapid7.com/db/vulnerabilities/suse-cve-2017-12976/, https://www.rapid7.com/db/?q=CVE-2017-1000117&type=&page=2, https://www.rapid7.com/db/?q=CVE-2017-1000117&type=&page=2
Platforms Tested: Unix
2017
Malicious Git HTTP Server For CVE-2017-1000117
This module exploits CVE-2017-1000117, which affects Git version 2.7.5 and lower. A submodule of the form 'ssh://' can be passed parameters from the username incorrectly. This can be used to inject commands to the operating system when the submodule is cloned. This module creates a fake git repository which contains a submodule containing the vulnerability. The vulnerability is triggered when the submodules are initialised.
Mitigation:
Upgrade to a version of Git that is not affected by this vulnerability.