HTTP: Git SSH URL Processing Command Execution

A command execution vulnerability exists in the Git client. Successful exploitation will enable the attacker to execute arbitrary commands on the target system.

Extended Description

A malicious third-party can give a crafted "ssh://..." URL to an unsuspecting victim, and an attempt to visit the URL can result in any program that exists on the victim's machine being executed. Such a URL could be placed in the .gitmodules file of a malicious project, and an unsuspecting victim could be tricked into running "git clone --recurse-submodules" to trigger the vulnerability.

Affected Products

Git-scm git

Short Name
HTTP:STC:GIT-SSH-URL-RCE
Severity
Major
Recommended
True
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2017-1000117 Command Execution Git Processing SSH URL
Release Date
08/30/2017
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3415
False Positive
Unknown
Vendors

Git-scm

CVSS Score

6.8

Found a potential security threat?