Vulnerability CVE-2017-1000116

Vulnerability Name:

CVE-2017-1000116 (CCN-133105)

Assigned:

2017-08-10

Published:

2017-08-10

Updated:

2019-10-03

Summary:

Mercurial prior to 4.3 did not adequately sanitize hostnames passed to ssh, leading to possible shell-injection attacks.

CVSS v3 Severity:

9.8 Critical (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
8.5 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

9.8 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
8.5 High (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

6.3 Medium (REDHAT CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L)
5.5 Medium (REDHAT Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): Required
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): Low

CVSS v2 Severity:

10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

10.0 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

Vulnerability Type:

CWE-78
CWE-20

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2017-1000116

Source: DEBIAN
Type: Third Party Advisory
DSA-3963

Source: CCN
Type: IBM Security Bulletin 716653 (Cloud Private)
Multiple Security Vulnerabilities affect IBM Cloud Private

Source: BID
Type: Third Party Advisory, VDB Entry
100290

Source: CCN
Type: BID-100290
Mercurial Remote Command Injection and Symlink Directory Traversal Vulnerabilities

Source: REDHAT
Type: Third Party Advisory
RHSA-2017:2489

Source: XF
Type: UNKNOWN
mercurial-cve20171000116-cmd-exec(133105)

Source: GENTOO
Type: Patch, Third Party Advisory, VDB Entry
GLSA-201709-18

Source: CCN
Type: Mercurial Web site
Mercurial 4.3 / 4.3.1

Source: CONFIRM
Type: Release Notes, Vendor Advisory
https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_4.3_.2F_4.3.1_.282017-08-10.29

Vulnerable Configuration:

Configuration 1:

cpe:/a:mercurial:mercurial:*:*:*:*:*:*:*:* (Version < 4.3)

Configuration 2:

cpe:/o:debian:debian_linux:8.0:*:*:*:*:*:*:*

OR cpe:/o:debian:debian_linux:9.0:*:*:*:*:*:*:*

Configuration 3:

cpe:/o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*

Configuration RedHat 1:

cpe:/o:redhat:enterprise_linux:7:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/o:redhat:enterprise_linux:7::client:*:*:*:*:*

Configuration RedHat 3:

cpe:/o:redhat:enterprise_linux:7::computenode:*:*:*:*:*

Configuration RedHat 4:

cpe:/o:redhat:enterprise_linux:7::server:*:*:*:*:*

Configuration RedHat 5:

cpe:/o:redhat:enterprise_linux:7::workstation:*:*:*:*:*

Configuration CCN 1:

cpe:/a:mercurial:mercurial:4.2.3:*:*:*:*:*:*:*

AND

cpe:/a:ibm:cloud_private:2.1.0:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20171000116	V	CVE-2017-1000116	2023-06-22
oval:org.opensuse.security:def:7718	P	mercurial-5.9.1-150400.1.8 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:3124	P	libFLAC++6-1.3.0-11.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:94754	P	mercurial-5.9.1-150400.1.8 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:1305	P	Security update for the Linux Kernel (Live Patch 5 for SLE 15 SP3) (Important)	2022-04-14
oval:org.opensuse.security:def:853	P	Security update for xz (Important)	2022-04-12
oval:org.opensuse.security:def:112980	P	mercurial-5.9.1-2.1 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:10441	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:10428	P	Security update for MozillaFirefox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:10440	P	Security update for MozillaFirefox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:952	P	Security update for python39-pip (Moderate)	2022-01-12
oval:org.opensuse.security:def:10196	P	Security update for net-snmp (Important)	2021-12-27
oval:org.opensuse.security:def:10432	P	Security update for p11-kit (Important)	2021-12-22
oval:org.opensuse.security:def:10377	P	Security update for xen (Moderate)	2021-12-09
oval:org.opensuse.security:def:10352	P	Security update for containerd, docker, runc (Important)	2021-10-25
oval:org.opensuse.security:def:64594	P	Security update for python-Pygments (Important)	2021-10-20
oval:org.opensuse.security:def:106427	P	mercurial-5.9.1-2.1 on GA media (Moderate)	2021-10-01
oval:org.opensuse.security:def:71381	P	python3-pycrypto-2.6.1-1.28 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:71268	P	libjbig-devel-2.1-1.31 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:10150	P	Security update for xen (Important)	2021-09-03
oval:org.opensuse.security:def:10128	P	Security update for MozillaFirefox (Important)	2021-08-17
oval:org.opensuse.security:def:47474	P	ppc64-diag-2.7.3-1.17 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47473	P	powerpc-utils-1.3.3-5.3 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48289	P	python-urllib3-1.22-3.17.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48075	P	libXext6-1.3.2-4.3.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47927	P	xorg-x11-libs-7.6-45.14 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47835	P	openssh-7.2p2-74.25.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47703	P	libevent-2_0-5-2.0.21-6.3.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47510	P	syslog-service-2.0-778.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47389	P	libpango-1_0-0-1.40.1-9.5 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47375	P	libmms0-0.6.2-15.8 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48174	P	libpng16-16-1.6.8-14.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48026	P	gnutls-3.3.27-3.3.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47374	P	libmicrohttpd10-0.9.30-5.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47934	P	zoo-2.10-1020.56 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47802	P	libvdpau1-1.1.1-6.73 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47609	P	fontconfig-2.11.1-7.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47488	P	quagga-0.99.22.1-15.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:68028	P	Security update for the Linux Kernel (Live Patch 16 for SLE 15 SP1) (Important)	2021-07-27
oval:org.opensuse.security:def:1773	P	Security update for MozillaThunderbird (Important)	2021-07-22
oval:org.opensuse.security:def:10689	P	Security update for bluez (Moderate)	2021-07-22
oval:org.opensuse.security:def:10120	P	Security update for curl (Moderate)	2021-07-21
oval:org.opensuse.security:def:11101	P	Security update for fossil (Moderate)	2021-07-17
oval:org.opensuse.security:def:1473	P	Security update for gupnp (Important)	2021-06-24
oval:org.opensuse.security:def:10277	P	Security update for spice-gtk (Moderate)	2021-06-10
oval:org.opensuse.security:def:17197	P	libpolkit0-32bit-0.113-5.6.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:11413	P	libvte9-0.28.2-17.83 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:17271	P	libplist++3-1.12-20.3.2 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:17166	P	gegl-0_2-0.2.0-14.3 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:17109	P	icu-52.1-7.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:17024	P	libreoffice-4.3.1.2-3.7 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48602	P	ppp-2.4.7-1.4 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48531	P	libotr5-4.0.0-9.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48500	P	libgypsy0-0.9-6.22 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48435	P	gpgme-1.5.1-1.11 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:72581	P	mercurial-4.5.2-1.19 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:17279	P	libstaroffice-0_0-0-0.0.5-7.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48373	P	augeas-1.2.0-10.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48701	P	pidgin-otr-4.0.0-6.18 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48630	P	sysconfig-0.84.0-13.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:16615	P	mercurial-2.8.2-15.13.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48599	P	perl-XML-LibXML-2.0019-5.3 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48534	P	libpng12-0-1.2.50-13.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:11391	P	libproxy1-0.4.11-11.2 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:62862	P	mercurial-4.5.2-1.19 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48472	P	libXrender1-0.9.8-3.55 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48388	P	cpio-2.11-29.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:124621	P	mercurial-2.8.2-15.13.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:17233	P	gcc48-gij-32bit-4.8.5-31.17.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:10258	P	Security update for the Linux Kernel (Important)	2021-05-18
oval:org.opensuse.security:def:64681	P	Security update for p7zip (Moderate)	2021-05-04
oval:org.opensuse.security:def:10243	P	Security update for libnettle (Important)	2021-04-28
oval:org.opensuse.security:def:10419	P	Security update for ruby2.5 (Important)	2021-03-24
oval:org.opensuse.security:def:10664	P	Security update for the Linux Kernel (Important)	2021-02-09
oval:org.opensuse.security:def:10589	P	Security update for gimp (Important)	2020-12-28
oval:org.opensuse.security:def:16990	P	yodl-3.03.0-3.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:17313	P	empathy-3.12.14-8.6.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:4091	P	mercurial-2.8.2-15.13.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:16982	P	wireshark-devel-2.4.16-48.51.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:16927	P	mercurial-2.8.2-15.13.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:17375	P	libyaml-cpp0_5-0.5.3-3.3.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:17343	P	libgstfft-1_0-0-32bit-1.8.3-13.3.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:17721	P	Security update for lhasa (Moderate)	2020-12-01
oval:org.opensuse.security:def:27496	P	libupsclient1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49692	P	librsvg-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27447	P	libgcrypt-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28231	P	Security update for libtirpc (Moderate)	2020-12-01
oval:org.opensuse.security:def:27394	P	evince-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27243	P	mozilla-xulrunner192 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49914	P	mercurial on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27159	P	kdelibs4 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27102	P	cups on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:17664	P	Security update for php5 (Important)	2020-12-01
oval:org.opensuse.security:def:18393	P	Security update for ncurses (Moderate)	2020-12-01
oval:org.opensuse.security:def:27021	P	pyxml on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:17632	P	Security update for php5 (Important)	2020-12-01
oval:org.opensuse.security:def:26893	P	fetchmail on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:17522	P	Security update for file (Moderate)	2020-12-01
oval:org.opensuse.security:def:26829	P	systemtap on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:17486	P	Security update for ucode-intel (Moderate)	2020-12-01
oval:org.opensuse.security:def:18130	P	Security update for mercurial (Moderate)	2020-12-01
oval:org.opensuse.security:def:17455	P	Security update for java-1_8_0-ibm (Moderate)	2020-12-01
oval:org.opensuse.security:def:49860	P	perl-YAML-LibYAML on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:17398	P	Security update for postgresql96 (Low)	2020-12-01
oval:org.opensuse.security:def:11079	P	libtool on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10753	P	libksba-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10740	P	libgssglue-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26818	P	rsyslog on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10731	P	libexpat-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28266	P	Security update for mercurial (Moderate)	2020-12-01
oval:org.opensuse.security:def:18419	P	Security update for mercurial (Moderate)	2020-12-01
oval:org.opensuse.security:def:17466	P	Security update for ovmf (Moderate)	2020-12-01
oval:org.opensuse.security:def:17444	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:10570	P	mercurial on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:17432	P	Security update for tomcat (Important)	2020-12-01
oval:org.opensuse.security:def:10555	P	libtool on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10508	P	libipa_hbac-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10462	P	libHX-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27593	P	Security update for python-azure-agent (Moderate)	2020-12-01
oval:org.opensuse.security:def:27549	P	qemu on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49746	P	mercurial on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27535	P	perl-base-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:67928	P	libplist++-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26817	P	rsync on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:18104	P	Security update for evince (Important)	2020-12-01
oval:org.opensuse.security:def:17755	P	Security update for bind (Important)	2020-12-01
oval:org.opensuse.security:def:17733	P	Security update for java-1_7_1-ibm (Important)	2020-12-01
oval:com.ubuntu.xenial:def:201710001160000000	V	CVE-2017-1000116 on Ubuntu 16.04 LTS (xenial) - medium.	2017-10-05
oval:com.ubuntu.cosmic:def:201710001160000000	V	CVE-2017-1000116 on Ubuntu 18.10 (cosmic) - medium.	2017-10-04
oval:com.ubuntu.trusty:def:20171000116000	V	CVE-2017-1000116 on Ubuntu 14.04 LTS (trusty) - medium.	2017-10-04
oval:com.ubuntu.bionic:def:201710001160000000	V	CVE-2017-1000116 on Ubuntu 18.04 LTS (bionic) - medium.	2017-10-04
oval:com.ubuntu.artful:def:20171000116000	V	CVE-2017-1000116 on Ubuntu 17.10 (artful) - medium.	2017-10-04
oval:com.ubuntu.xenial:def:20171000116000	V	CVE-2017-1000116 on Ubuntu 16.04 LTS (xenial) - medium.	2017-10-04
oval:com.ubuntu.bionic:def:20171000116000	V	CVE-2017-1000116 on Ubuntu 18.04 LTS (bionic) - medium.	2017-10-04
oval:com.ubuntu.cosmic:def:20171000116000	V	CVE-2017-1000116 on Ubuntu 18.10 (cosmic) - medium.	2017-10-04
oval:com.redhat.rhsa:def:20172489	P	RHSA-2017:2489: mercurial security update (Important)	2017-08-17

BACK