HTTP: GitHub Git Tree Handling Overwrite Arbitrary Command Execution
This signature attempts to detect a known vulnerability against GitHub. A successful exploit can lead to remote command execution.
Extended Description
Git before 1.8.5.6, 1.9.x before 1.9.5, 2.0.x before 2.0.5, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 on Windows and OS X; Mercurial before 3.2.3 on Windows and OS X; Apple Xcode before 6.2 beta 3; mine all versions before 08-12-2014; libgit2 all versions up to 0.21.2; Egit all versions before 08-12-2014; and JGit all versions before 08-12-2014 allow remote Git servers to execute arbitrary commands via a tree containing a crafted .git/config file with (1) an ignorable Unicode codepoint, (2) a git~1/config representation, or (3) mixed case that is improperly handled on a case-insensitive filesystem.
Affected Products
Libgit2 libgit2
References
CVE: CVE-2014-9390
Short Name
HTTP:STC:GIT-CLIENT-CE
Severity
Minor
Recommended
False
Recommended Action
None
Category
HTTP
Keywords
Arbitrary CVE-2014-9390 Command Execution Git GitHub Handling Overwrite Tree
Release Date
01/21/2015
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3690
False Positive
Occasionally
Vendors
Libgit2
Eclipse
Apple
CVSS Score
7.5