exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 10 of 10 RSS Feed

CVE-2020-11008

Status Candidate

Overview

Affected versions of Git have a vulnerability whereby Git can be tricked into sending private credentials to a host controlled by an attacker. This bug is similar to CVE-2020-5260(GHSA-qm7j-c969-7j4q). The fix for that bug still left the door open for an exploit where _some_ credential is leaked (but the attacker cannot control which one). Git uses external "credential helper" programs to store and retrieve passwords or other credentials from secure storage provided by the operating system. Specially-crafted URLs that are considered illegal as of the recently published Git versions can cause Git to send a "blank" pattern to helpers, missing hostname and protocol fields. Many helpers will interpret this as matching _any_ URL, and will return some unspecified stored password, leaking the password to an attacker's server. The vulnerability can be triggered by feeding a malicious URL to `git clone`. However, the affected URLs look rather suspicious; the likely vector would be through systems which automatically clone URLs not visible to the user, such as Git submodules, or package systems built around Git. The root of the problem is in Git itself, which should not be feeding blank input to helpers. However, the ability to exploit the vulnerability in practice depends on which helpers are in use. Credential helpers which are known to trigger the vulnerability: - Git's "store" helper - Git's "cache" helper - the "osxkeychain" helper that ships in Git's "contrib" directory Credential helpers which are known to be safe even with vulnerable versions of Git: - Git Credential Manager for Windows Any helper not in this list should be assumed to trigger the vulnerability.

Related Files

Red Hat Security Advisory 2020-3581-01
Posted Aug 31, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3581-01 - Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work on and contribute to projects without the need to have permission to push the changes to their official repositories, but also makes it possible for the user to work with no network connection. Issues addressed include a password leak vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-11008, CVE-2020-5260
SHA-256 | ad853c6d567b09664b902360df96adf9938e41523967c5d88fb4937412a5c0ba
Red Hat Security Advisory 2020-2337-01
Posted May 28, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2337-01 - Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work on and contribute to projects without the need to have permission to push the changes to their official repositories, but also makes it possible for the user to work with no network connection. Issues addressed include a password leak vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-11008
SHA-256 | d97960039ea897209f7073d1df3f547cead0b07aa28946f6737a56f52c083fce
Apple Security Advisory 2020-05-20-1
Posted May 21, 2020
Authored by Apple | Site apple.com

Apple Security Advisory 2020-05-20-1 - Xcode 11.5 is now available and addresses an issue where a crafted git URL that contains a newline in it may cause credential information to be provided for the wrong host.

tags | advisory
systems | apple
advisories | CVE-2020-11008
SHA-256 | e35976b46ec8572069af8ecfa516e7c0af3685276f36b89073c48c53fa832ce2
Red Hat Security Advisory 2020-1980-01
Posted Apr 30, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1980-01 - Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work on and contribute to projects without the need to have permission to push the changes to their official repositories, but also makes it possible for the user to work with no network connection. Issues addressed include a password leak vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-11008
SHA-256 | f997f3db805b41647e8300d77c779f09a1ed4a5682bc22d0d927bc0d663e04be
Red Hat Security Advisory 2020-1978-01
Posted Apr 30, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1978-01 - Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work on and contribute to projects without the need to have permission to push the changes to their official repositories, but also makes it possible for the user to work with no network connection. Issues addressed include a password leak vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-11008
SHA-256 | 4d12e556ab625b02bca8175e46f89edab728e8484f1f134f73ea7d7442156f8b
Red Hat Security Advisory 2020-1979-01
Posted Apr 30, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1979-01 - Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work on and contribute to projects without the need to have permission to push the changes to their official repositories, but also makes it possible for the user to work with no network connection. Issues addressed include a password leak vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-11008
SHA-256 | e297bc137bfd027f2e054ef8248f934edaec21aed26e93e552847c0f41ff828b
Red Hat Security Advisory 2020-1975-01
Posted Apr 30, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1975-01 - Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work on and contribute to projects without the need to have permission to push the changes to their official repositories, but also makes it possible for the user to work with no network connection. Issues addressed include a password leak vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-11008
SHA-256 | 0f20422983708ce44eee35ef01859ba678f72ca2959518580183516a5968a6aa
Debian Security Advisory 4659-1
Posted Apr 28, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4659-1 - Carlo Arenas discovered a flaw in git, a fast, scalable, distributed revision control system. With a crafted URL that contains a newline or empty host, or lacks a scheme, the credential helper machinery can be fooled into providing credential information that is not appropriate for the protocol in use and host being contacted.

tags | advisory, protocol
systems | linux, debian
advisories | CVE-2020-11008
SHA-256 | 7e41c7d75ba37564259d8c8c2e4ce63562940212e515560618f5a128975ae46e
Gentoo Linux Security Advisory 202004-13
Posted Apr 23, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202004-13 - Multiple vulnerabilities have been found in Git which might all allow attackers to access sensitive information. Versions less than 2.26.2 are affected.

tags | advisory, vulnerability
systems | linux, gentoo
advisories | CVE-2020-11008, CVE-2020-5260
SHA-256 | 862a28af41503547a97dcc01c1875ab49c70676db9948955cb81cca3132e5fb9
Ubuntu Security Notice USN-4334-1
Posted Apr 21, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4334-1 - Carlo Arenas discovered that Git incorrectly handled certain URLs containing newlines, empty hosts, or lacking a scheme. A remote attacker could possibly use this issue to trick Git into returning credential information for a wrong host.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2020-11008
SHA-256 | 820190f1fd2e16e5268a49e7f0499598d94db513cb8eb95a3b7797b7f8419fb0
Page 1 of 1
Back1Next

File Archive:

October 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    39 Files
  • 2
    Oct 2nd
    23 Files
  • 3
    Oct 3rd
    18 Files
  • 4
    Oct 4th
    0 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    0 Files
  • 8
    Oct 8th
    0 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close