CVE-2017-17459
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2017-17459
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
http_transport.c in Fossil before 2.4, when the SSH sync protocol is used, allows user-assisted remote attackers to execute arbitrary commands via an ssh URL with an initial dash character in the hostname, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-12976, CVE-2017-14176, CVE-2017-16228, CVE-2017-1000116, and CVE-2017-1000117.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Fossil 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Fossil是一款免费、开源的分布式软件配置管理系统。该系统支持版本控制、错误跟踪等功能。 Fossil 2.4之前的版本中的http_transport.c文件存在安全漏洞。远程攻击者可借助特制的ssh:// URL利用该漏洞执行任意命令。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2017-17459
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2017-17459
请登录查看更多情报信息。
- https://www.fossil-scm.org/xfer/info/1f63db591c77108cx_refsource_CONFIRM
- https://bugzilla.opensuse.org/show_bug.cgi?id=1071709x_refsource_CONFIRM
- https://www.fossil-scm.org/xfer/doc/trunk/www/changes.wiki#v2_4x_refsource_CONFIRM
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BLAFCQGE7C5UMX75LESNUMKTXTURUVQM/vendor-advisoryx_refsource_FEDORA
- https://nvd.nist.gov/vuln/detail/CVE-2017-17459
Same Patch Batch · n/a · 2017-12-07 · 12 CVEs total
| CVE-2017-17435 | Vaultek Gun Safe VT20i 安全漏洞 | |
| CVE-2017-17436 | Vaultek Gun Safe VT20i 安全漏洞 | |
| CVE-2017-17448 | Linux kernel 安全漏洞 | |
| CVE-2017-17449 | Linux kernel 安全漏洞 | |
| CVE-2017-17450 | Linux kernel 安全漏洞 | |
| CVE-2017-17451 | WordPress WP Mailster插件跨站脚本漏洞 | |
| CVE-2017-17384 | ISPConfig 安全漏洞 | |
| CVE-2017-17430 | Sangoma NetBorder/Vega Session Controller 安全漏洞 | |
| CVE-2017-17458 | Mercurial 安全漏洞 | |
| CVE-2017-1000410 | Linux kernel 安全漏洞 | |
| CVE-2017-14386 | Dell 2335dn和2355dn Multifunction Laser Printers 跨站脚本漏洞 |
IV. Related Vulnerabilities
V. Comments for CVE-2017-17459
No comments yet