Multiple vulnerabilities in Git



Published: 2019-12-12
Risk High
Patch available YES
Number of vulnerabilities 9
CVE-ID CVE-2019-1354
CVE-2019-1387
CVE-2019-19604
CVE-2019-1353
CVE-2019-1352
CVE-2019-1349
CVE-2019-1350
CVE-2019-1351
CVE-2019-1348
CWE-ID CWE-20
CWE-78
CWE-276
CWE-36
CWE-22
Exploitation vector Network
Public exploit Public exploit code for vulnerability #3 is available.
Vulnerable software
Subscribe
Git
Client/Desktop applications / Software for system administration

Vendor Git

Security Bulletin

This security bulletin contains information about 9 vulnerabilities.

1) Input validation error

EUVDB-ID: #VU23491

Risk: High

CVSSv3.1:

CVE-ID: CVE-2019-1354

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to insufficient validation of user-supplied input within the Git for Visual Studio. A remote attacker can convince the user to clone a malicious repo and execute arbitrary code on the target system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Git: 2.24.0, 2.23.0, 2.22.0 - 2.22.1, 2.21.0, 2.20.0 - 2.20.1, 2.19.0 - 2.19.2, 2.17.0 - 2.17.2, 2.16.0 - 2.16.5, 2.15.0 - 2.15.3, 2.14.0 - 2.14.5, 2.18.0 - 2.18.1


CPE2.3 External links

http://groups.google.com/forum/?fromgroups#!topic/git-packagers/AWRBO_5gqa4

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

2) Input validation error

EUVDB-ID: #VU23488

Risk: High

CVSSv3.1:

CVE-ID: CVE-2019-1387

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to insufficient validation of user-supplied input within the Git for Visual Studio. A remote attacker can convince the user to clone a malicious repo and execute arbitrary code on the target system. 

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Git: 2.24.0, 2.23.0, 2.22.0 - 2.22.1, 2.21.0, 2.20.0 - 2.20.1, 2.19.0 - 2.19.2, 2.17.0 - 2.17.2, 2.16.0 - 2.16.5, 2.15.0 - 2.15.3, 2.14.0 - 2.14.5, 2.18.0 - 2.18.1


CPE2.3 External links

http://groups.google.com/forum/?fromgroups#!topic/git-packagers/AWRBO_5gqa4

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

3) OS Command Injection

EUVDB-ID: #VU23556

Risk: High

CVSSv3.1:

CVE-ID: CVE-2019-19604

CWE-ID: CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary shell commands on the target system.

The vulnerability exists due to a "git submodule update" operation can run commands found in the ".gitmodules" file of a malicious repository. A remote unauthenticated attacker can execute arbitrary OS commands on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Git: 2.20.0 - 2.20.1, 2.21.0, 2.22.0 - 2.22.1, 2.23.0, 2.24.0


CPE2.3 External links

http://groups.google.com/forum/?fromgroups#!topic/git-packagers/AWRBO_5gqa4

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

4) Incorrect default permissions

EUVDB-ID: #VU23555

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2019-1353

CWE-ID: CWE-276 - Incorrect Default Permissions

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists to due none of the NTFS protections are active when accessing a working directory on a regular Windows drive. A local user with access to the system can view contents of files and directories or modify them.

Note: This vulnerability occurs when running Git in the Windows Subsystem for Linux (also known as "WSL").

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Git: 2.24.0, 2.23.0, 2.22.0 - 2.22.1, 2.21.0, 2.20.0 - 2.20.1, 2.19.0 - 2.19.2, 2.17.0 - 2.17.2, 2.16.0 - 2.16.5, 2.15.0 - 2.15.3, 2.14.0 - 2.14.5, 2.18.0 - 2.18.1


CPE2.3 External links

http://groups.google.com/forum/?fromgroups#!topic/git-packagers/AWRBO_5gqa4

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

5) Input validation error

EUVDB-ID: #VU23492

Risk: High

CVSSv3.1:

CVE-ID: CVE-2019-1352

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to insufficient validation of user-supplied input within the Git for Visual Studio. A remote attacker can convince the user to clone a malicious repo and execute arbitrary code on the target system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Git: 2.24.0, 2.23.0, 2.22.0 - 2.22.1, 2.21.0, 2.20.0 - 2.20.1, 2.18.0 - 2.18.2, 2.19.0 - 2.19.2, 2.17.0 - 2.17.2, 2.16.0 - 2.16.5, 2.15.0 - 2.15.3, 2.14 - 2.14.5


CPE2.3 External links

http://groups.google.com/forum/?fromgroups#!topic/git-packagers/AWRBO_5gqa4

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

6) Input validation error

EUVDB-ID: #VU23494

Risk: High

CVSSv3.1:

CVE-ID: CVE-2019-1349

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to insufficient validation of user-supplied input within the Git for Visual Studio. A remote attacker can convince the user to clone a malicious repo and execute arbitrary code on the target system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Git: 2.24.0, 2.23.0, 2.22.0 - 2.22.1, 2.21.0, 2.20.0 - 2.20.1, 2.19.0 - 2.19.2, 2.17 - 2.17.2, 2.16.0 - 2.16.5, 2.15.0 - 2.15.3, 2.14 - 2.14.5, 2.18.0 - 2.18.1


CPE2.3 External links

http://groups.google.com/forum/?fromgroups#!topic/git-packagers/AWRBO_5gqa4

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

7) Input validation error

EUVDB-ID: #VU23493

Risk: High

CVSSv3.1:

CVE-ID: CVE-2019-1350

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to insufficient validation of user-supplied input within the Git for Visual Studio. A remote attacker can convince the user to clone a malicious repo and execute arbitrary code on the target system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Git: 2.24.0, 2.23.0, 2.22.0 - 2.22.1, 2.21.0, 2.20.0 - 2.20.1, 2.19.0 - 2.19.2, 2.17 - 2.17.2, 2.16.0 - 2.16.5, 2.15.0 - 2.15.3, 2.14 - 2.14.5, 2.18.0 - 2.18.1


CPE2.3 External links

http://groups.google.com/forum/?fromgroups#!topic/git-packagers/AWRBO_5gqa4

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

8) Absolute Path Traversal

EUVDB-ID: #VU23500

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2019-1351

CWE-ID: CWE-36 - Absolute Path Traversal

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform directory traversal attacks.

The vulnerability exists due to the Git for Visual Studio improperly handles virtual drive paths. A remote attacker can clone a file using a specially crafted path and write arbitrary files and directories to certain locations on a vulnerable system.


Mitigation

Install updates from vendor's website.

Vulnerable software versions

Git: 2.24.0, 2.23.0, 2.22.0 - 2.22.1, 2.21.0, 2.20.0 - 2.20.1, 2.19.0 - 2.19.2, 2.17.0 - 2.17.2, 2.16.0 - 2.16.5, 2.15.0 - 2.15.3, 2.14 - 2.14.5, 2.18.0 - 2.18.1


CPE2.3 External links

http://groups.google.com/forum/?fromgroups#!topic/git-packagers/AWRBO_5gqa4

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

9) Path traversal

EUVDB-ID: #VU23554

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2019-1348

CWE-ID: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform directory traversal attacks.

The vulnerability exists due to input validation error when the export-marks option of git fast-import is exposed also via the in-stream command feature. A remote attacker can send a specially crafted HTTP request and overwrite arbitrary paths on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Git: 2.24.0, 2.23.0, 2.22.0 - 2.22.1, 2.21.0, 2.20.0 - 2.20.1, 2.19.0 - 2.19.2, 2.17.0 - 2.17.2, 2.16.0 - 2.16.5, 2.15.0 - 2.15.3, 2.14.0 - 2.14.5, 2.18.0 - 2.18.1


CPE2.3 External links

http://groups.google.com/forum/?fromgroups#!topic/git-packagers/AWRBO_5gqa4

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?



###SIDEBAR###