CVE-2017-1000116
Published: 5 October 2017
Mercurial prior to 4.3 did not adequately sanitize hostnames passed to ssh, leading to possible shell-injection attacks.
From the Ubuntu Security Team
It was discovered that Mercurial incorrectly handled hostnames passed to ssh. An attacker could possibly use this issue to execute arbitrary code.
Priority
Severity score breakdown
Parameter | Value |
---|---|
Base score | 9.8 |
Attack vector | Network |
Attack complexity | Low |
Privileges required | None |
User interaction | None |
Scope | Unchanged |
Confidentiality | High |
Integrity impact | High |
Availability impact | High |
Vector | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
References
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000116
- https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_4.3_.282017-08-10.29
- https://www.mercurial-scm.org/repo/hg/rev/53224b1ffbc2
- https://www.mercurial-scm.org/repo/hg/rev/e10745311406
- https://www.mercurial-scm.org/repo/hg/rev/f93975a5ebe8
- https://www.mercurial-scm.org/repo/hg/rev/f9134e96ed0f
- https://www.mercurial-scm.org/repo/hg/rev/92b583e3e522
- https://www.mercurial-scm.org/repo/hg/rev/08cfc4baf3ba
- https://www.mercurial-scm.org/repo/hg/rev/55681baf4cf9
- https://www.mercurial-scm.org/repo/hg/rev/173ecccb9ee7
- https://www.mercurial-scm.org/repo/hg/rev/ca398a50ca00
- https://www.mercurial-scm.org/repo/hg/rev/00a75672a9cb
- https://www.mercurial-scm.org/repo/hg/rev/943c91326b23
- NVD
- Launchpad
- Debian