CVE-2018-17456

CRITICAL

Malicious Git HTTP Server For CVE-2018-17456

Title source: metasploit

Description

Git before 2.14.5, 2.15.x before 2.15.3, 2.16.x before 2.16.5, 2.17.x before 2.17.2, 2.18.x before 2.18.1, and 2.19.x before 2.19.1 allows remote code execution during processing of a recursive "git clone" of a superproject if a .gitmodules file has a URL field beginning with a '-' character.

Exploits (9)

exploitdb WRITEUP

by joernchen · locallinux

https://www.exploit-db.com/exploits/45631

View Code ZIP pw:eip

exploitdb WRITEUP

by Junio C Hamano · textlocallinux

https://www.exploit-db.com/exploits/45548

View Code ZIP pw:eip

nomisec WORKING POC 5 stars

by AnonymKing · poc

https://github.com/AnonymKing/CVE-2018-17456

View Code ZIP pw:eip

nomisec WORKING POC

by KKkai0315 · poc

https://github.com/KKkai0315/CVE-2018-17456

View Code ZIP pw:eip

nomisec STUB

by jiahuiLeee · poc

https://github.com/jiahuiLeee/test

View Code ZIP pw:eip

nomisec STUB

by 799600966 · poc

https://github.com/799600966/CVE-2018-17456

View Code ZIP pw:eip

nomisec WORKING POC

by matlink · poc

https://github.com/matlink/CVE-2018-17456

View Code ZIP pw:eip

nomisec STUB

by shpik-kr · poc

https://github.com/shpik-kr/CVE-2018-17456

View Code ZIP pw:eip

metasploit WORKING POC EXCELLENT

rubypoc

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/git_submodule_url_exec.rb

View Code ZIP pw:eip

References (18)

Core 18

Core References

Exploit, Third Party Advisory, VDB Entry exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/45631/

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/105523

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://www.securitytracker.com/id/1041811

Third Party Advisory vendor-advisory x_refsource_debian

https://www.debian.org/security/2018/dsa-4311

Third Party Advisory vendor-advisory x_refsource_redhat

https://access.redhat.com/errata/RHSA-2018:3505

Patch, Third Party Advisory x_refsource_misc

https://github.com/git/git/commit/1a7fd1fb2998002da6e9ff2ee46e1bdd25ee8404

Exploit, Third Party Advisory, VDB Entry exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/45548/

Third Party Advisory vendor-advisory x_refsource_redhat

https://access.redhat.com/errata/RHSA-2018:3541

Patch, Third Party Advisory x_refsource_misc

https://github.com/git/git/commit/a124133e1e6ab5c7a9fef6d0e6bcb084e3455b46

Third Party Advisory vendor-advisory x_refsource_redhat

https://access.redhat.com/errata/RHSA-2018:3408

Third Party Advisory x_refsource_misc

https://marc.info/?l=git&m=153875888916397&w=2

Mailing List, Third Party Advisory x_refsource_misc

https://www.openwall.com/lists/oss-security/2018/10/06/3

Third Party Advisory vendor-advisory x_refsource_ubuntu

https://usn.ubuntu.com/3791-1/

Mailing List, Third Party Advisory mailing-list x_refsource_bugtraq

https://seclists.org/bugtraq/2019/Mar/30

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/107511

Third Party Advisory, VDB Entry x_refsource_misc

http://packetstormsecurity.com/files/152173/Sourcetree-Git-Arbitrary-Code-Execution-URL-Handling.html

Vendor Advisory vendor-advisory x_refsource_redhat

https://access.redhat.com/errata/RHSA-2020:0316

Mailing List vendor-advisory x_refsource_suse

http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00003.html

Scores

CVSS v3 9.8

EPSS 0.6532

EPSS Percentile 98.5%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-88

Status published

Products (19)

canonical/ubuntu_linux 14.04

canonical/ubuntu_linux 16.04

canonical/ubuntu_linux 18.04

debian/debian_linux 9.0

git-scm/git 2.14.0 - 2.14.5

redhat/ansible_tower 3.3

redhat/enterprise_linux 6.0

redhat/enterprise_linux 6.7

redhat/enterprise_linux 7.0

redhat/enterprise_linux 7.3

... and 9 more

Published Oct 06, 2018

Tracked Since Feb 18, 2026