CVE-2015-7545

The (1) git-remote-ext and (2) unspecified other remote helper programs in Git before 2.3.10, 2.4.x before 2.4.10, 2.5.x before 2.5.4, and 2.6.x before 2.6.1 do not properly restrict the allowed protocols, which might allow remote attackers to execute arbitrary code via a URL in a (a) .gitmodules file or (b) unknown other sources in a submodule.

CVSS v3.0 9.8 CRITICAL
CVSS v2.0 7.5 HIGH

9.8^/10

CVSS v3.0 : CRITICAL

V3 Legend

Vector : AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

7.5^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://www.ubuntu.com/usn/USN-2835-1
http://rhn.redhat.com/errata/RHSA-2015-2515.html
https://github.com/git/git/blob/master/Documentation/RelNotes/2.6.1.txt
http://lists.opensuse.org/opensuse-updates/2015-11/msg00066.html
https://github.com/git/git/blob/master/Documentation/RelNotes/2.5.4.txt	Patch Vendor Advisory
https://kernel.googlesource.com/pub/scm/git/git/+/33cfccbbf35a56e190b79bdec5c85457c952a021
https://bugzilla.redhat.com/show_bug.cgi?id=1269794
https://lkml.org/lkml/2015/10/5/683
https://github.com/git/git/blob/master/Documentation/RelNotes/2.3.10.txt	Patch Vendor Advisory
http://www.openwall.com/lists/oss-security/2015/12/08/5
http://www.openwall.com/lists/oss-security/2015/12/11/7
http://www.openwall.com/lists/oss-security/2015/12/09/8
https://github.com/git/git/blob/master/Documentation/RelNotes/2.4.10.txt	Patch Vendor Advisory
https://security.gentoo.org/glsa/201605-01
http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
http://www.securityfocus.com/bid/78711
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.533255
http://www.securitytracker.com/id/1034501
http://www.debian.org/security/2016/dsa-3435

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:git_project:git:2.5.1:::::::*
	cpe:2.3:a:git_project:git:2.5.0:::::::*
	cpe:2.3:a:git_project:git:2.4.2:::::::*
	cpe:2.3:a:git_project:git:2.4.1:::::::*
	cpe:2.3:a:git_project:git:2.4.9:::::::*
	cpe:2.3:a:git_project:git:2.4.8:::::::*
	cpe:2.3:a:git_project:git:2.4.0:::::::*
	cpe:2.3:a:git_project:git::::::::
	cpe:2.3:a:git_project:git:2.5.3:::::::*
	cpe:2.3:a:git_project:git:2.5.2:::::::*
	cpe:2.3:a:git_project:git:2.4.4:::::::*
	cpe:2.3:a:git_project:git:2.6.0:::::::*
	cpe:2.3:a:git_project:git:2.4.7:::::::*
	cpe:2.3:a:git_project:git:2.4.5:::::::*
	cpe:2.3:a:git_project:git:2.4.3:::::::*
	cpe:2.3:a:git_project:git:2.4.6:::::::*

Configuration 2 (hide)

OR	cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*
	cpe:2.3:o:canonical:ubuntu_linux:15.04:::::::*
	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
	cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts:::
	cpe:2.3:o:opensuse:opensuse:13.1:::::::*
	cpe:2.3:a:redhat:software_collections:1.0:::::::*
	cpe:2.3:o:opensuse:opensuse:13.2:::::::*

Information

Published : 2016-04-13 08:59

Updated : 2018-10-30 09:27

NVD link : CVE-2015-7545

Mitre link : CVE-2015-7545

JSON object : View

CWE

CWE-284

Improper Access Control

CWE-20

Improper Input Validation

Products Affected

canonical

ubuntu_linux

git_project

opensuse

opensuse

redhat

software_collections

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.ubuntu.com/usn/USN-2835-1", "name": "USN-2835-1", "tags": [], "refsource": "UBUNTU"}, {"url": "http://rhn.redhat.com/errata/RHSA-2015-2515.html", "name": "RHSA-2015:2515", "tags": [], "refsource": "REDHAT"}, {"url": "https://github.com/git/git/blob/master/Documentation/RelNotes/2.6.1.txt", "name": "https://github.com/git/git/blob/master/Documentation/RelNotes/2.6.1.txt", "tags": [], "refsource": "CONFIRM"}, {"url": "http://lists.opensuse.org/opensuse-updates/2015-11/msg00066.html", "name": "openSUSE-SU-2015:1968", "tags": [], "refsource": "SUSE"}, {"url": "https://github.com/git/git/blob/master/Documentation/RelNotes/2.5.4.txt", "name": "https://github.com/git/git/blob/master/Documentation/RelNotes/2.5.4.txt", "tags": ["Patch", "Vendor Advisory"], "refsource": "CONFIRM"}, {"url": "https://kernel.googlesource.com/pub/scm/git/git/+/33cfccbbf35a56e190b79bdec5c85457c952a021", "name": "https://kernel.googlesource.com/pub/scm/git/git/+/33cfccbbf35a56e190b79bdec5c85457c952a021", "tags": [], "refsource": "CONFIRM"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1269794", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1269794", "tags": [], "refsource": "CONFIRM"}, {"url": "https://lkml.org/lkml/2015/10/5/683", "name": "[linux-kernel] 20151005 [ANNOUNCE] Git v2.6.1, v2.5.4, v2.4.10 and v2.3.10", "tags": [], "refsource": "MLIST"}, {"url": "https://github.com/git/git/blob/master/Documentation/RelNotes/2.3.10.txt", "name": "https://github.com/git/git/blob/master/Documentation/RelNotes/2.3.10.txt", "tags": ["Patch", "Vendor Advisory"], "refsource": "CONFIRM"}, {"url": "http://www.openwall.com/lists/oss-security/2015/12/08/5", "name": "[oss-security] 20151208 CVE for git issue - please use CVE-2015-7545", "tags": [], "refsource": "MLIST"}, {"url": "http://www.openwall.com/lists/oss-security/2015/12/11/7", "name": "[oss-security] 20151211 Re: CVE for git issue - please use CVE-2015-7545", "tags": [], "refsource": "MLIST"}, {"url": "http://www.openwall.com/lists/oss-security/2015/12/09/8", "name": "[oss-security] 20151209 Re: CVE for git issue - please use CVE-2015-7545", "tags": [], "refsource": "MLIST"}, {"url": "https://github.com/git/git/blob/master/Documentation/RelNotes/2.4.10.txt", "name": "https://github.com/git/git/blob/master/Documentation/RelNotes/2.4.10.txt", "tags": ["Patch", "Vendor Advisory"], "refsource": "CONFIRM"}, {"url": "https://security.gentoo.org/glsa/201605-01", "name": "GLSA-201605-01", "tags": [], "refsource": "GENTOO"}, {"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", "name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", "tags": [], "refsource": "CONFIRM"}, {"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", "tags": [], "refsource": "CONFIRM"}, {"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", "tags": [], "refsource": "CONFIRM"}, {"url": "http://www.securityfocus.com/bid/78711", "name": "78711", "tags": [], "refsource": "BID"}, {"url": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.533255", "name": "SSA:2016-123-01", "tags": [], "refsource": "SLACKWARE"}, {"url": "http://www.securitytracker.com/id/1034501", "name": "1034501", "tags": [], "refsource": "SECTRACK"}, {"url": "http://www.debian.org/security/2016/dsa-3435", "name": "DSA-3435", "tags": [], "refsource": "DEBIAN"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "The (1) git-remote-ext and (2) unspecified other remote helper programs in Git before 2.3.10, 2.4.x before 2.4.10, 2.5.x before 2.5.4, and 2.6.x before 2.6.1 do not properly restrict the allowed protocols, which might allow remote attackers to execute arbitrary code via a URL in a (a) .gitmodules file or (b) unknown other sources in a submodule."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-20"}, {"lang": "en", "value": "CWE-284"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2015-7545", "ASSIGNER": "secalert@redhat.com"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "severity": "HIGH", "impactScore": 6.4, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "baseMetricV3": {"cvssV3": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}}, "publishedDate": "2016-04-13T15:59Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:git_project:git:2.5.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:git_project:git:2.5.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:git_project:git:2.4.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:git_project:git:2.4.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:git_project:git:2.4.9:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:git_project:git:2.4.8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:git_project:git:2.4.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:git_project:git:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "2.3.9"}, {"cpe23Uri": "cpe:2.3:a:git_project:git:2.5.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:git_project:git:2.5.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:git_project:git:2.4.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:git_project:git:2.6.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:git_project:git:2.4.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:git_project:git:2.4.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:git_project:git:2.4.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:git_project:git:2.4.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:redhat:software_collections:1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2018-10-30T16:27Z"}

9.8 /10