Lucene search

K
myhack58佚名MYHACK58:62201788524
HistoryAug 11, 2017 - 12:00 a.m.

More mainstream version control system was traced to the presence of the client arbitrary code execution vulnerability-vulnerability warning-the black bar safety net

2017-08-1100:00:00
佚名
www.myhack58.com
67

0.552 Medium

EPSS

Percentile

97.7%

Around the world programmers Please Note, You must now immediately updates your version control system, Git, SVN, Mercurial open-source version control system recently to fix critical security vulnerabilities, the delay in the upgrade, you will be affected by the vulnerability.
More mainstream version control system there is a client arbitrary code execution vulnerability
Three mainstream source version control systems Git, Subversion (svn), and Mercurial, today released the Update Patch fixes a client-side code execution vulnerability.
The vulnerability by GitLab Brian Neel, the Recurity Labs of Joan Schneeweiss and GitHub’s Jeff King to find and report.
Applied to the Linux kernel, GitHub, and Gitlab behind the open-source version control system Git. Today released a more updated version, Git v2. 14. 1, The 2.7.6, v2. 8. 6, v2. 9. 5, v2. 10. 4, v2. 11. 3, v2. 12. 4 and v2. 13. 5, is used to fix the vulnerability.
“This update fixes a number of CVE-2017-1000117 vulnerabilities, with Subversion and Mercurial maintainers coordination, publishing, sharing this similar problem.” Git maintainer Junio Hamano on the mailing list writes.
Exploit
The vulnerability requires a combination of some social engineering skills to better use.
Git in its Bulletin warning:“a malicious attacker can send the victim to send a carefully constructed ssh:// URL link, when the victim visits this URL it will trigger the vulnerability lead to execution of malicious code.” The
The attacker carefully constructs a"ssh://…“URL to send the link to the victim, if the victim visits this URL, it will lead to malicious instructions on the client implementation.
The malicious URL can be placed in the project”. gitmodules"file in the victim to perform the“git clone --recurse-submodules”it will trigger the vulnerability.
Apache Subversion(SVN)1.9.7 patch for CVE-2017-9800 problem, it is with Git, the patched content is similar.
“In the svn:externals and svn:sync-from-url by constructing a malicious svn+ssh URL causes the client to arbitrary code execution”in the SVN updates fix the security issues.
Open source Mercurial version control system in 4. 3 and 4. 2. 3 fixes the vulnerability, the vulnerability number CVE-2017-1000115。
Exploit demo screenshots
! [](/Article/UploadPic/2017-8/201781119250772. png? www. myhack58. com)