CVE-2017-12976
Severity CVSS v4.0:
Pending analysis
Type:
CWE-20
Input Validation
Publication date:
20/08/2017
Last modified:
20/04/2025
Description
git-annex before 6.20170818 allows remote attackers to execute arbitrary commands via an ssh URL with an initial dash character in the hostname, as demonstrated by an ssh://-eProxyCommand= URL, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-1000116, and CVE-2017-1000117.
Impact
Base Score 3.x
8.80
Severity 3.x
HIGH
Base Score 2.0
6.80
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:git-annex_project:git-annex:*:*:*:*:*:*:*:* | 6.20170520 (including) |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://source.git-annex.branchable.com/?p=source.git%3Ba%3Dblob%3Bf%3Ddoc/bugs/dashed_ssh_hostname_security_hole.mdwn
- http://source.git-annex.branchable.com/?p=source.git%3Ba%3Dcommit%3Bh%3Dc24d0f0e8984576654e2be149005bc884fe0403a
- http://source.git-annex.branchable.com/?p=source.git%3Ba%3Dcommit%3Bh%3Ddf11e54788b254efebb4898b474de11ae8d3b471
- http://www.debian.org/security/2017/dsa-4010
- https://lists.debian.org/debian-lts-announce/2018/09/msg00004.html
- http://source.git-annex.branchable.com/?p=source.git%3Ba%3Dblob%3Bf%3Ddoc/bugs/dashed_ssh_hostname_security_hole.mdwn
- http://source.git-annex.branchable.com/?p=source.git%3Ba%3Dcommit%3Bh%3Dc24d0f0e8984576654e2be149005bc884fe0403a
- http://source.git-annex.branchable.com/?p=source.git%3Ba%3Dcommit%3Bh%3Ddf11e54788b254efebb4898b474de11ae8d3b471
- http://www.debian.org/security/2017/dsa-4010
- https://lists.debian.org/debian-lts-announce/2018/09/msg00004.html