1. CVE-Search
  2. CVE-2017-8386
ID CVE-2017-8386
Summary git-shell in git before 2.4.12, 2.5.x before 2.5.6, 2.6.x before 2.6.7, 2.7.x before 2.7.5, 2.8.x before 2.8.5, 2.9.x before 2.9.4, 2.10.x before 2.10.3, 2.11.x before 2.11.2, and 2.12.x before 2.12.3 might allow remote authenticated users to gain privileges via a repository name that starts with a - (dash) character.
References
Vulnerable Configurations
  • cpe:2.3:a:git:git-shell:-:*:*:*:*:*:*:*
    cpe:2.3:a:git:git-shell:-:*:*:*:*:*:*:*
  • cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
    cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
  • cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
    cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:16.10:*:*:*:*:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:16.10:*:*:*:*:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*
  • cpe:2.3:o:fedoraproject:fedora:24:*:*:*:*:*:*:*
    cpe:2.3:o:fedoraproject:fedora:24:*:*:*:*:*:*:*
  • cpe:2.3:o:fedoraproject:fedora:25:*:*:*:*:*:*:*
    cpe:2.3:o:fedoraproject:fedora:25:*:*:*:*:*:*:*
  • cpe:2.3:o:fedoraproject:fedora:26:*:*:*:*:*:*:*
    cpe:2.3:o:fedoraproject:fedora:26:*:*:*:*:*:*:*
CVSS
Base: 6.5 (as of 03-10-2019 - 00:03)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW SINGLE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:S/C:P/I:P/A:P
redhat via4
advisories
  • bugzilla
    id 1450407
    title CVE-2017-8386 git: Escape out of git-shell
    oval
    OR
    • comment Red Hat Enterprise Linux must be installed
      oval oval:com.redhat.rhba:tst:20070304026
    • AND
      • comment Red Hat Enterprise Linux 7 is installed
        oval oval:com.redhat.rhba:tst:20150364027
      • OR
        • AND
          • comment emacs-git is earlier than 0:1.8.3.1-11.el7
            oval oval:com.redhat.rhsa:tst:20172004001
          • comment emacs-git is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20101003002
        • AND
          • comment emacs-git-el is earlier than 0:1.8.3.1-11.el7
            oval oval:com.redhat.rhsa:tst:20172004003
          • comment emacs-git-el is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20101003004
        • AND
          • comment git is earlier than 0:1.8.3.1-11.el7
            oval oval:com.redhat.rhsa:tst:20172004005
          • comment git is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20101003006
        • AND
          • comment git-all is earlier than 0:1.8.3.1-11.el7
            oval oval:com.redhat.rhsa:tst:20172004007
          • comment git-all is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20101003008
        • AND
          • comment git-bzr is earlier than 0:1.8.3.1-11.el7
            oval oval:com.redhat.rhsa:tst:20172004009
          • comment git-bzr is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20152561010
        • AND
          • comment git-cvs is earlier than 0:1.8.3.1-11.el7
            oval oval:com.redhat.rhsa:tst:20172004011
          • comment git-cvs is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20101003010
        • AND
          • comment git-daemon is earlier than 0:1.8.3.1-11.el7
            oval oval:com.redhat.rhsa:tst:20172004013
          • comment git-daemon is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20101003012
        • AND
          • comment git-email is earlier than 0:1.8.3.1-11.el7
            oval oval:com.redhat.rhsa:tst:20172004015
          • comment git-email is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20101003014
        • AND
          • comment git-gui is earlier than 0:1.8.3.1-11.el7
            oval oval:com.redhat.rhsa:tst:20172004017
          • comment git-gui is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20101003016
        • AND
          • comment git-hg is earlier than 0:1.8.3.1-11.el7
            oval oval:com.redhat.rhsa:tst:20172004019
          • comment git-hg is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20152561020
        • AND
          • comment git-p4 is earlier than 0:1.8.3.1-11.el7
            oval oval:com.redhat.rhsa:tst:20172004021
          • comment git-p4 is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20152561022
        • AND
          • comment git-svn is earlier than 0:1.8.3.1-11.el7
            oval oval:com.redhat.rhsa:tst:20172004023
          • comment git-svn is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20101003018
        • AND
          • comment gitk is earlier than 0:1.8.3.1-11.el7
            oval oval:com.redhat.rhsa:tst:20172004025
          • comment gitk is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20101003020
        • AND
          • comment gitweb is earlier than 0:1.8.3.1-11.el7
            oval oval:com.redhat.rhsa:tst:20172004027
          • comment gitweb is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20101003022
        • AND
          • comment perl-Git is earlier than 0:1.8.3.1-11.el7
            oval oval:com.redhat.rhsa:tst:20172004029
          • comment perl-Git is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20101003024
        • AND
          • comment perl-Git-SVN is earlier than 0:1.8.3.1-11.el7
            oval oval:com.redhat.rhsa:tst:20172004031
          • comment perl-Git-SVN is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20152561032
    rhsa
    id RHSA-2017:2004
    released 2017-08-01
    severity Moderate
    title RHSA-2017:2004: git security and bug fix update (Moderate)
  • rhsa
    id RHSA-2017:2491
rpms
  • emacs-git-0:1.8.3.1-11.el7
  • emacs-git-el-0:1.8.3.1-11.el7
  • git-0:1.8.3.1-11.el7
  • git-all-0:1.8.3.1-11.el7
  • git-bzr-0:1.8.3.1-11.el7
  • git-cvs-0:1.8.3.1-11.el7
  • git-daemon-0:1.8.3.1-11.el7
  • git-debuginfo-0:1.8.3.1-11.el7
  • git-email-0:1.8.3.1-11.el7
  • git-gui-0:1.8.3.1-11.el7
  • git-hg-0:1.8.3.1-11.el7
  • git-p4-0:1.8.3.1-11.el7
  • git-svn-0:1.8.3.1-11.el7
  • gitk-0:1.8.3.1-11.el7
  • gitweb-0:1.8.3.1-11.el7
  • perl-Git-0:1.8.3.1-11.el7
  • perl-Git-SVN-0:1.8.3.1-11.el7
  • rh-git29-emacs-git-0:2.9.3-3.el6
  • rh-git29-emacs-git-el-0:2.9.3-3.el6
  • rh-git29-git-0:2.9.3-3.el6
  • rh-git29-git-0:2.9.3-3.el7
  • rh-git29-git-all-0:2.9.3-3.el6
  • rh-git29-git-all-0:2.9.3-3.el7
  • rh-git29-git-core-0:2.9.3-3.el6
  • rh-git29-git-core-0:2.9.3-3.el7
  • rh-git29-git-core-doc-0:2.9.3-3.el6
  • rh-git29-git-core-doc-0:2.9.3-3.el7
  • rh-git29-git-cvs-0:2.9.3-3.el6
  • rh-git29-git-cvs-0:2.9.3-3.el7
  • rh-git29-git-daemon-0:2.9.3-3.el6
  • rh-git29-git-daemon-0:2.9.3-3.el7
  • rh-git29-git-debuginfo-0:2.9.3-3.el6
  • rh-git29-git-debuginfo-0:2.9.3-3.el7
  • rh-git29-git-email-0:2.9.3-3.el6
  • rh-git29-git-email-0:2.9.3-3.el7
  • rh-git29-git-gui-0:2.9.3-3.el6
  • rh-git29-git-gui-0:2.9.3-3.el7
  • rh-git29-git-p4-0:2.9.3-3.el6
  • rh-git29-git-p4-0:2.9.3-3.el7
  • rh-git29-git-svn-0:2.9.3-3.el6
  • rh-git29-git-svn-0:2.9.3-3.el7
  • rh-git29-gitk-0:2.9.3-3.el6
  • rh-git29-gitk-0:2.9.3-3.el7
  • rh-git29-gitweb-0:2.9.3-3.el6
  • rh-git29-gitweb-0:2.9.3-3.el7
  • rh-git29-perl-Git-0:2.9.3-3.el6
  • rh-git29-perl-Git-0:2.9.3-3.el7
  • rh-git29-perl-Git-SVN-0:2.9.3-3.el6
  • rh-git29-perl-Git-SVN-0:2.9.3-3.el7
refmap via4
bid 98409
confirm https://kernel.googlesource.com/pub/scm/git/git/+/3ec804490a265f4c418a321428c12f3f18b7eff5
debian DSA-3848
fedora
  • FEDORA-2017-01a7989fc0
  • FEDORA-2017-7ea0e02914
  • FEDORA-2017-f4319b6dfc
gentoo GLSA-201706-04
misc https://insinuator.net/2017/05/git-shell-bypass-by-abusing-less-cve-2017-8386/
mlist [git] 20170510 [ANNOUNCE] Git v2.12.3 and others
sectrack 1038479
suse openSUSE-SU-2017:1422
ubuntu USN-3287-1
Last major update 03-10-2019 - 00:03
Published 01-06-2017 - 16:29
Last modified 03-10-2019 - 00:03
Back to Top