CVE-2024-32002

Published: 14/05/2024 Updated: 23/05/2024

CVSS v3 Base Score: 9 | Impact Score: 6 | Exploitability Score: 2.2

VMScore: 0

Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, repositories with submodules can be crafted in a way that exploits a bug in Git whereby it can be fooled into writing files not into the submodule's worktree but into a `.git/` directory. This allows writing a hook that will be executed while the clone operation is still running, giving the user no opportunity to inspect the code that is being executed. The problem has been patched in versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4. If symbolic link support is disabled in Git (e.g. via `git config --global core.symlinks false`), the described attack won't work. As always, it is best to avoid cloning repositories from untrusted sources.

Vulnerable Product	Search on Vulmon	Subscribe to Product
git git
git git 2.45.0
git git 2.44.0
git git 2.41.0

Debian Bug report logs - #1071160 git: CVE-2024-32002 CVE-2024-32004 CVE-2024-32020 CVE-2024-32021 CVE-2024-32465 Package: src:git; Maintainer for src:git is Jonathan Nieder <jrnieder@gmailcom>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Wed, 15 May 2024 09:48:01 UTC Severity: grave Tags: security, ...

Git is a revision control system Prior to versions 2451, 2441, 2434, 2422, 2411, 2402, and 2394, repositories with submodules can be crafted in a way that exploits a bug in Git whereby it can be fooled into writing files not into the submodule's worktree but into a `git/` directory This allows writing a hook that will be executed w ...

Team, The Git project released new security bug-fix versions today, May 14th, 2024: v2451, v2441, v2434, v2422, v2411, v2402, and v2394 The addressed issues are: * CVE-2024-32002 * (githubcom/git/git/security/advisories/GHSA-8h77-4q3w-gfgv): Recursive clones on case-insensitive filesystems that support symbolic l ...

CVE-2024-32002 A simple proof-of-concept that executes Calculator (macOS example only) When using git clone --recursive command, this repo will also pull githubcom/markuta/hooky, which contains a post-checkout script Mostly based on the commit fix t7406-submodule-updatesh file Create your own repositories # Hooky repo git init hooky cd hooky mkdir -p y/hooks echo

Testing POC for CVE-2024-32002

CVE-2024-32002-git-rce

CVE-2024-32002: Exploiting Git RCE via git clone This repository contains a PoC for exploiting CVE-2024-32002, a vulnerability in Git that allows RCE during a git clone operation By crafting repositories with submodules in a specific way, an attacker can exploit symlink handling on case-insensitive filesystems to write files into the git/ directory, leading to the execution o

CVE-2024-32002 PoC git clone --recursive git@githubcom:WOOOOONG/submodgit

CVE-2024-32002 RCE POC A POC for CVE-2024-32002 demonstrating Remote Code Execution (RCE) See cve-2024-32002-poc-rce for the related submodule repository What this repo contains A symlink with an arbitraty name that links to the git directory A gitmodules file that defines the malicious submodule How to recreate this repo This repo was created in Linux (WSL2, to be spec

A POC for CVE-2024-32002 demonstrating arbitrary write into the .git directory.

CVE-2024-32002 PRC AW A POC for CVE-2024-32002 demonstrating arbitrary write into the git directory See cve-2024-32002-submodule-aw for the related submodule repository What this repo contains A symlink with an arbitraty name that links to the git directory A gitmodules file that defines the malicious submodule How to recreate this repo This repo was created in Linux

CVE-2024-32002 RCE Submodule A submodule to demonstrate CVE-2024-32002 Demonstrates Remote Code Execution (RCE) by loading a malicious commit hook into the git directory of the parent repo See cve-2024-32002-poc-rce for the working POC that utilises this repo What this repo contains A malicous git hook called post-checkout which runs immediately after the clone completes

A submodule to demonstrate CVE-2024-32002. Demonstrates arbitrary write into .git.

CVE-2024-32002 Submodule AW A submodule to demonstrate CVE-2024-32002 Demonstrates arbitrary write into git See cve-2024-32002-poc-aw for the working POC that utilises this repo What this repo contains Simply, a random file so that we can detect it when we clone the parent POC repo The file is called Problems, because if we see this file in git, we have problems

CVE-2024-32002-EXP #!/bin/bash # 设置 Git 配置选项 git config --global protocolfileallow always git config --global coresymlinks true # 避免警告消息（设置默认分叉为main） git config --global initdefaultBranch main # 定义 tell-tale 路径 tell_tale_path="$PWD/telltale" # 初始化 hook 仓库 git init hook cd hook mkdir -p y/hooks # 将

Security-Paper-Learing

Security Paper Learing 记录阅读过的一些安全的文章或者论文。 Finished Smashing the state machine:the true potential of web race conditions PHP FILTER CHAINS: FILE READ FROM ERROR-BASED ORACLE SMTP Smuggling - Spoofing E-Mails Worldwide Exploiting HTTP Parsers Inconsistencies Three New Attacks Against JSON Web Tokens HTTP Request Splitting vulnerabilities explo

CVE-2024-32002-poc

CVE-2024-32002

CVE-2024-32002 CVE-2024-32002

hook for CVE-2024-32002

hook hook for CVE-2024-32002

Poc for CVE-2024-32002, the script made from the developer's test case: githubcom/git/git/commit/97065761333fd62db1912d81b489db938d8c991d#diff-2ba261bbd9de8e881d700e696eebab0df581473ba50b671b2cbe4bbee5ca87b0 This software has been created purely for the purposes of academic research and for the development of effective defensive techniques, and is not intended to

CVE-2024-32002-POC

Hook for the PoC for exploiting CVE-2024-32002

amalmurali47/hook This repository is part of the PoC for exploiting CVE-2024-32002, a vulnerability in Git that allows RCE during a git clone operation This repository contains the malicious hook used in the exploit Overview For detailed instructions and an explanation of how the exploit works, refer to the git_rce repository or the blog post: amalmuralime/posts/git-

Repo for testing CVE-2024-32002

CVE-2024-32002 Repo for testing CVE-2024-32002

CVE-2024-32002-hook

CVE-2024-32002-hook CVE-2024-32002-hook

poc for git rce using CVE-2024-32002

poc-git-rce-cve-2024-32002 poc for git rce using CVE-2024-32002

Este script demuestra cómo explotar la vulnerabilidad CVE-2024-32002 para obtener una reverse shell, proporcionando acceso remoto al sistema afectado. Úselo con precaución en entornos controlados y solo con fines educativos o de pruebas de seguridad.

CVE-2024-32002-Reverse-Shell Este script demuestra cómo explotar la vulnerabilidad CVE-2024-32002 para obtener una reverse shell, proporcionando acceso remoto al sistema afectado Úselo con precaución en entornos controlados y solo con fines educativos o de pruebas de seguridad

CVE-2024-32002-smash

CVE-2024-32002-submod

CVE-2024-32002-hulk

Poc for CVE-2024-32002 githubcom/git/git/commit/97065761333fd62db1912d81b489db938d8c991d#diff-2ba261bbd9de8e881d700e696eebab0df581473ba50b671b2cbe4bbee5ca87b0

cve-2024-32002

CVE-2024-32002 RCE PoC

CVE-2024-32002 RCE PoC Overview This repository contains a Proof of Concept (PoC) for CVE-2024-32002, a Remote Code Execution (RCE) vulnerability in Git submodules The exploit demonstrates how a malicious payload can be triggered via a recursive clone of a Git repository Repository Setup Before running the PoC, create the following repositories on your remote Git server or fe

cve-2024-32002yahhh

AppleDog/挂钩此存储库是PoC的一部分，用于利用CVE-2024-32002，这是Git中的一个漏洞，允许在Git克隆操作期间进行RCE。此存储库包含利用该漏洞进行攻击时使用的恶意挂钩。概述有关利用漏洞的详细说明和解释，请参阅git_rce存储库或博客文章免责声明此存储库仅用于教育目的。此处提供的

遇到类似 Git 安全漏洞问题需要升级所有 Git.exe。此工具用于查找本地硬盘上所有的 Git 并获取版本信息，批量更新（复制、创建软链接）。

ReplaceAllGit 起因：Git 远程代码执行漏洞 2024年5月 CEV 安全通告：Git 远程代码执行漏洞 (CVE-2024-32002) 漏洞编号：QVD-2024-18126, CVE-2024-32002 0x01 漏洞描述 Git在支持符号链接的不区分大小写的文件系统上的递归克隆容易受到大小写混淆的影响，未经身份验证的攻击者可以利用漏洞使受害者克隆�

none

CVE-2024-32002 漏洞概述(⚠️注意！：请不要clone此仓库！！！⚠️) 描述 CVE-2024-32002 是在 Git 软件中发现的一个严重安全漏洞。该漏洞允许远程攻击者通过特制的 Git 仓库在受影响的系统上执行任意代码。此漏洞存在于 Git 处理特定仓库操作的过程中，由于缺乏对输入数据的充分验证，导致�

A Python-based stock screener for NSE, India. PKScreener is an advanced free stock screener to find potential breakout stocks from NSE and show its possible breakout values. It also helps to find the stocks which are consolidating and may breakout, or the particular chart patterns that you're looking specifically to make your decisions.

PKScreener What is PKScreener? Telegram Alerts Nifty AI Prediction Scheduling Cron Jobs On-Demand Telegram Bot Backtesting / Growth of 10k Nifty screening Volume scanners Breakout detection Consolidating stocks Reversal Signals Chart Patterns CCI scanners 2% scanners Short-term bulls NR4 / NR7 Fair Value Mutual funds, FII data TTM Squeeze Golden Crosso

CVE-2024-32002-linux-smash

Microsoft May 2024 Patch Tuesday fixes 3 zero-days, 61 flaws

BleepingComputer • Lawrence Abrams • 14 May 2024

Microsoft May 2024 Patch Tuesday fixes 3 zero-days, 61 flaws By Lawrence Abrams May 14, 2024 01:49 PM 0 .crit { font-weight:bold; color:red; } .article_section td { font-size: 14px!important; } Today is Microsoft's May 2024 Patch Tuesday, which includes security updates for 61 flaws and three actively exploited or publicly disclosed zero days. This Patch Tuesday only fixes one critical vulnerability, a Microsoft SharePoint Server Remote Code Execution Vulnerability. The number of bugs in each vu...

CVE-2024-32002

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Mailing Lists

Github Repositories

Recent Articles

References

Vulmon Search

About

Products

Connect