SB2017080120 - Red Hat Enterprise Linux 7 update for git 

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2017080120

SB2017080120 - Red Hat Enterprise Linux 7 update for git

Published: August 1, 2017 Updated: April 24, 2025

Security Bulletin ID SB2017080120
Severity
High
Patch available
YES
Number of vulnerabilities 3
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 33% Medium 33% Low 33%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 3 secuirty vulnerabilities.


1) Input validation error (CVE-ID: CVE-2014-9938)

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

contrib/completion/git-prompt.sh in Git before 1.9.3 does not sanitize branch names in the PS1 variable, allowing a malicious repository to cause code execution.


2) Privilege escalation (CVE-ID: CVE-2017-8386)

The vulnerability allows a remote authenticated attacker to gain elevated privileges on the target system.

The weakness exists due to an error when handling command-line options for the restricted set of git-shell commands. A remote attacker can use a repository name that starts with a - (dash) character to bypass git-shell restrictions and gain elevated privileges.

Successful exploitation of the vulnerability results in access to the system and information disclosure.

3) Credentials management (CVE-ID: CVE-2011-2192)

The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.

The Curl_input_negotiate function in http_negotiate.c in libcurl 7.10.6 through 7.21.6, as used in curl and other products, always performs credential delegation during GSSAPI authentication, which allows remote servers to impersonate clients via GSSAPI requests.


Remediation

Install update from vendor's website.

References