FreeBSD : Mercurial -- multiple vulnerabilities (1d33cdee-7f6b-11e7-a9b5-3debb10a6871)

Critical Nessus Plugin ID 102465


The remote FreeBSD host is missing a security-related update.


Mercurial Release Notes :


Mercurial's symlink auditing was incomplete prior to 4.3, and could be abused to write to files outside the repository.


Mercurial was not sanitizing hostnames passed to ssh, allowing shell injection attacks on clients by specifying a hostname starting with
-oProxyCommand. This is also present in Git (CVE-2017-1000117) and Subversion (CVE-2017-9800), so please patch those tools as well if you have them installed.


Update the affected package.

See Also

Plugin Details

Severity: Critical

ID: 102465

File Name: freebsd_pkg_1d33cdee7f6b11e7a9b53debb10a6871.nasl

Version: 3.6

Type: local

Published: 2017/08/14

Updated: 2019/05/13

Dependencies: 12634

Risk Information

Risk Factor: Critical

CVSS v2.0

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS v3.0

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:mercurial, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 2017/08/12

Vulnerability Publication Date: 2017/08/10

Reference Information

CVE: CVE-2017-1000115, CVE-2017-1000116