Vulnerability CVE-2017-17458

Vulnerability Name:

CVE-2017-17458 (CCN-136108)

Assigned:

2017-11-03

Published:

2017-11-03

Updated:

2020-07-31

Summary:

In Mercurial before 4.4.1, it is possible that a specially malformed repository can cause Git subrepositories to run arbitrary code in the form of a .git/hooks/post-update script checked into the repository. Typical use of Mercurial prevents construction of such repositories, but they can be created programmatically.

CVSS v3 Severity:

9.8 Critical (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
8.5 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
6.4 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): Low

CVSS v2 Severity:

10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

Vulnerability Type:

CWE-78

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2017-17458

Source: BID
Type: Third Party Advisory, VDB Entry
102926

Source: CCN
Type: BID-102926
Atlassian SourceTree Multiple Command Injection and Command Execution Vulnerabilities

Source: CCN
Type: Bugzilla Bug 5730
[CRITICAL]Arbitrary command execution in mercurial repo with a git submodule

Source: MISC
Type: Issue Tracking, Third Party Advisory
https://bz.mercurial-scm.org/show_bug.cgi?id=5730

Source: CONFIRM
Type: Third Party Advisory
https://confluence.atlassian.com/sourcetreekb/sourcetree-security-advisory-2018-01-24-942834324.html

Source: XF
Type: UNKNOWN
mercurial-cve201717458-code-exec(136108)

Source: MLIST
Type: Mailing List, Third Party Advisory
[debian-lts-announce] 20171228 [SECURITY] [DLA 1224-1] mercurial security update

Source: MLIST
Type: Mailing List, Third Party Advisory
[debian-lts-announce] 20180705 [SECURITY] [DLA 1414-1] mercurial security update

Source: MLIST
Type: Mailing List, Third Party Advisory
[debian-lts-announce] 20180727 [SECURITY] [DLA 1414-2] mercurial regression update

Source: MLIST
Type: UNKNOWN
[debian-lts-announce] 20200731 [SECURITY] [DLA 2293-1] mercurial security update

Source: MISC
Type: Vendor Advisory
https://www.mercurial-scm.org/pipermail/mercurial-devel/2017-November/107333.html

Source: CCN
Type: Mercurial Web site
Mercurial 4.4.1 (2017-11-07)

Source: MISC
Type: Vendor Advisory
https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_4.4.1_.282017-11-07.29

Vulnerable Configuration:

Configuration 1:

cpe:/a:mercurial:mercurial:*:*:*:*:*:*:*:* (Version < 4.4.1)

Configuration 2:

cpe:/o:debian:debian_linux:7.0:*:*:*:*:*:*:*

OR cpe:/o:debian:debian_linux:8.0:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:mercurial:mercurial:4.4:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:201717458	V	CVE-2017-17458	2023-06-22
oval:org.opensuse.security:def:7718	P	mercurial-5.9.1-150400.1.8 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:3124	P	libFLAC++6-1.3.0-11.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:94754	P	mercurial-5.9.1-150400.1.8 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:1305	P	Security update for the Linux Kernel (Live Patch 5 for SLE 15 SP3) (Important)	2022-04-14
oval:org.opensuse.security:def:853	P	Security update for xz (Important)	2022-04-12
oval:org.opensuse.security:def:112980	P	mercurial-5.9.1-2.1 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:10441	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:10440	P	Security update for MozillaFirefox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:10428	P	Security update for MozillaFirefox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:952	P	Security update for python39-pip (Moderate)	2022-01-12
oval:org.opensuse.security:def:10196	P	Security update for net-snmp (Important)	2021-12-27
oval:org.opensuse.security:def:10432	P	Security update for p11-kit (Important)	2021-12-22
oval:org.opensuse.security:def:10377	P	Security update for xen (Moderate)	2021-12-09
oval:org.opensuse.security:def:10352	P	Security update for containerd, docker, runc (Important)	2021-10-25
oval:org.opensuse.security:def:64594	P	Security update for python-Pygments (Important)	2021-10-20
oval:org.opensuse.security:def:106427	P	mercurial-5.9.1-2.1 on GA media (Moderate)	2021-10-01
oval:org.opensuse.security:def:71268	P	libjbig-devel-2.1-1.31 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:71381	P	python3-pycrypto-2.6.1-1.28 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:10150	P	Security update for xen (Important)	2021-09-03
oval:org.opensuse.security:def:10128	P	Security update for MozillaFirefox (Important)	2021-08-17
oval:org.opensuse.security:def:48289	P	python-urllib3-1.22-3.17.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48075	P	libXext6-1.3.2-4.3.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47927	P	xorg-x11-libs-7.6-45.14 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47835	P	openssh-7.2p2-74.25.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47703	P	libevent-2_0-5-2.0.21-6.3.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47510	P	syslog-service-2.0-778.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47389	P	libpango-1_0-0-1.40.1-9.5 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47375	P	libmms0-0.6.2-15.8 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48174	P	libpng16-16-1.6.8-14.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48026	P	gnutls-3.3.27-3.3.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47374	P	libmicrohttpd10-0.9.30-5.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47934	P	zoo-2.10-1020.56 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47802	P	libvdpau1-1.1.1-6.73 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47609	P	fontconfig-2.11.1-7.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47488	P	quagga-0.99.22.1-15.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47474	P	ppc64-diag-2.7.3-1.17 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47473	P	powerpc-utils-1.3.3-5.3 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:68028	P	Security update for the Linux Kernel (Live Patch 16 for SLE 15 SP1) (Important)	2021-07-27
oval:org.opensuse.security:def:10689	P	Security update for bluez (Moderate)	2021-07-22
oval:org.opensuse.security:def:1773	P	Security update for MozillaThunderbird (Important)	2021-07-22
oval:org.opensuse.security:def:10120	P	Security update for curl (Moderate)	2021-07-21
oval:org.opensuse.security:def:11101	P	Security update for fossil (Moderate)	2021-07-17
oval:org.opensuse.security:def:1473	P	Security update for gupnp (Important)	2021-06-24
oval:org.opensuse.security:def:10277	P	Security update for spice-gtk (Moderate)	2021-06-10
oval:org.opensuse.security:def:48599	P	perl-XML-LibXML-2.0019-5.3 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48534	P	libpng12-0-1.2.50-13.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:11391	P	libproxy1-0.4.11-11.2 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:62862	P	mercurial-4.5.2-1.19 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48472	P	libXrender1-0.9.8-3.55 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:124621	P	mercurial-2.8.2-15.13.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:11413	P	libvte9-0.28.2-17.83 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:17247	P	lcms-1.19-17.31 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48388	P	cpio-2.11-29.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48602	P	ppp-2.4.7-1.4 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48531	P	libotr5-4.0.0-9.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48500	P	libgypsy0-0.9-6.22 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48435	P	gpgme-1.5.1-1.11 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:17289	P	libzzip-0-13-0.13.67-10.14.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:72581	P	mercurial-4.5.2-1.19 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:17255	P	libgadu3-1.11.4-1.12 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48373	P	augeas-1.2.0-10.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48701	P	pidgin-otr-4.0.0-6.18 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48630	P	sysconfig-0.84.0-13.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:16615	P	mercurial-2.8.2-15.13.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:10258	P	Security update for the Linux Kernel (Important)	2021-05-18
oval:org.opensuse.security:def:64681	P	Security update for p7zip (Moderate)	2021-05-04
oval:org.opensuse.security:def:10243	P	Security update for libnettle (Important)	2021-04-28
oval:org.opensuse.security:def:10419	P	Security update for ruby2.5 (Important)	2021-03-24
oval:org.opensuse.security:def:10664	P	Security update for the Linux Kernel (Important)	2021-02-09
oval:org.opensuse.security:def:10589	P	Security update for gimp (Important)	2020-12-28
oval:org.opensuse.security:def:16927	P	mercurial-2.8.2-15.13.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:17374	P	libwpd-0_10-10-0.10.2-2.7.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:4091	P	mercurial-2.8.2-15.13.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:26830	P	t1lib on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:17813	P	Security update for bind (Critical)	2020-12-01
oval:org.opensuse.security:def:18746	P	Security update for mercurial (Moderate)	2020-12-01
oval:org.opensuse.security:def:17782	P	Security update for sqlite3 (Moderate)	2020-12-01
oval:org.opensuse.security:def:17725	P	Security update for libxml2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:17640	P	Security update for krb5 (Important)	2020-12-01
oval:org.opensuse.security:def:17731	P	Security update for php5 (Important)	2020-12-01
oval:org.opensuse.security:def:17606	P	security update for xen (Moderate)	2020-12-01
oval:org.opensuse.security:def:17709	P	Security update for bind (Important)	2020-12-01
oval:org.opensuse.security:def:26819	P	ruby on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:17697	P	Security update for postgresql94 (Important)	2020-12-01
oval:org.opensuse.security:def:27594	P	Security update for GraphicsMagick	2020-12-01
oval:org.opensuse.security:def:27550	P	qt3-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49746	P	mercurial on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27536	P	php53-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:67928	P	libplist++-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:18369	P	Security update for postgresql96 (Moderate)	2020-12-01
oval:org.opensuse.security:def:18082	P	Security update for postgresql94 (Moderate)	2020-12-01
oval:org.opensuse.security:def:18060	P	Security update for java-1_8_0-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:10570	P	mercurial on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:18048	P	Security update for util-linux (Moderate)	2020-12-01
oval:org.opensuse.security:def:10555	P	libtool on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27497	P	libvirt-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49692	P	librsvg-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10508	P	libipa_hbac-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28232	P	Security update for libvirt (Moderate)	2020-12-01
oval:org.opensuse.security:def:10462	P	libHX-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49914	P	mercurial on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26818	P	rsyslog on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:17991	P	Security update for libpng16 (Moderate)	2020-12-01
oval:org.opensuse.security:def:18720	P	Security update for zziplib (Low)	2020-12-01
oval:org.opensuse.security:def:17608	P	Security update for libyaml (Moderate)	2020-12-01
oval:org.opensuse.security:def:17498	P	Security update for ucode-intel (Moderate)	2020-12-01
oval:org.opensuse.security:def:17462	P	Security update for compat-openssl098 (Important)	2020-12-01
oval:org.opensuse.security:def:18395	P	Security update for mercurial (Moderate)	2020-12-01
oval:org.opensuse.security:def:17598	P	Security update for java-1_7_1-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:17431	P	Security update for squid (Important)	2020-12-01
oval:org.opensuse.security:def:49860	P	perl-YAML-LibYAML on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27448	P	libgnomesu-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:11079	P	libtool on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27395	P	evolution on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10753	P	libksba-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27244	P	mutt on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10740	P	libgssglue-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27160	P	kdenetwork4-filesharing on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10731	P	libexpat-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28267	P	Security update for mercurial (Moderate)	2020-12-01
oval:org.opensuse.security:def:27103	P	curl on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27022	P	qt3 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:17959	P	Security update for mariadb (Important)	2020-12-01
oval:org.opensuse.security:def:26894	P	file-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:17849	P	Security update for bash (Moderate)	2020-12-01
oval:com.ubuntu.bionic:def:2017174580000000	V	CVE-2017-17458 on Ubuntu 18.04 LTS (bionic) - medium.	2017-12-07
oval:com.ubuntu.artful:def:201717458000	V	CVE-2017-17458 on Ubuntu 17.10 (artful) - medium.	2017-12-07
oval:com.ubuntu.xenial:def:201717458000	V	CVE-2017-17458 on Ubuntu 16.04 LTS (xenial) - medium.	2017-12-07
oval:com.ubuntu.xenial:def:2017174580000000	V	CVE-2017-17458 on Ubuntu 16.04 LTS (xenial) - medium.	2017-12-07
oval:com.ubuntu.bionic:def:201717458000	V	CVE-2017-17458 on Ubuntu 18.04 LTS (bionic) - medium.	2017-12-07
oval:com.ubuntu.cosmic:def:201717458000	V	CVE-2017-17458 on Ubuntu 18.10 (cosmic) - medium.	2017-12-07
oval:com.ubuntu.cosmic:def:2017174580000000	V	CVE-2017-17458 on Ubuntu 18.10 (cosmic) - medium.	2017-12-07
oval:com.ubuntu.trusty:def:201717458000	V	CVE-2017-17458 on Ubuntu 14.04 LTS (trusty) - medium.	2017-12-07

BACK