HTTP: GIT Submodules Remote Code Execution

This signature detects attempts to exploit a known vulnerability against GIT. A successful attack can lead to Remote Code Execution

Extended Description

Git before 2.14.5, 2.15.x before 2.15.3, 2.16.x before 2.16.5, 2.17.x before 2.17.2, 2.18.x before 2.18.1, and 2.19.x before 2.19.1 allows remote code execution during processing of a recursive "git clone" of a superproject if a .gitmodules file has a URL field beginning with a '-' character.

Affected Products

Redhat enterprise_linux

Short Name
HTTP:MISC:GIT-SUBMODULE-RCE
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2018-17456 Code Execution GIT Remote Submodules bid:105523 bid:107511
Release Date
09/26/2019
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3590
False Positive
Unknown
Vendors

Canonical

Debian

Redhat

Git-scm

CVSS Score

7.5

Found a potential security threat?