This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Community FAQ
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

vulnerability report on Git

Go to solution
AZHockeyNut
Champion Sweeper III

‎06-01-2018 05:49 PM

https://www.securityweek.com/remote-code-execution-vulnerability-patched-git

remote code execution bug with Git/MSTFS anyone have a report on it?
Labels:
0 Kudos
1 ACCEPTED SOLUTION
Go to solution
Esben_D
Lansweeper Employee
Lansweeper Employee

‎06-04-2018 11:29 AM

This report should work.

Based on the information linked, any Git version below 2.17.1 is vulnerable. The report below shows any assets with Git on it that does not have version 2.17.1.
This does mean that you if new updates comes out, the higher release versions will also be displayed.

Select Top 1000000 tblAssets.AssetID,
  tblAssets.AssetName,
  tblAssets.Domain,
  tblAssets.Username,
  tblAssets.Userdomain,
  Coalesce(tsysOS.Image, tsysAssetTypes.AssetTypeIcon10) As icon,
  tblAssets.IPAddress,
  tsysIPLocations.IPLocation,
  tblAssetCustom.Manufacturer,
  tblAssetCustom.Model,
  tsysOS.OSname As OS,
  tblAssets.SP,
  tblAssets.Lastseen,
  tblAssets.Lasttried,
  tblSoftwareUni.softwareName As Software,
  tblSoftware.softwareVersion As Version,
  tblSoftwareUni.SoftwarePublisher As Publisher,
  tblSoftware.Lastchanged
From tblAssets
  Inner Join tblAssetCustom On tblAssets.AssetID = tblAssetCustom.AssetID
  Inner Join tsysAssetTypes On tsysAssetTypes.AssetType = tblAssets.Assettype
  Inner Join tsysIPLocations On tsysIPLocations.LocationID =
    tblAssets.LocationID
  Inner Join tblState On tblState.State = tblAssetCustom.State
  Inner Join tblSoftware On tblAssets.AssetID = tblSoftware.AssetID
  Inner Join tblSoftwareUni On tblSoftwareUni.SoftID = tblSoftware.softID
  Left Join tsysOS On tsysOS.OScode = tblAssets.OScode
Where tblSoftwareUni.softwareName = 'Git version%' And
  tblSoftware.softwareVersion Not Like '2.17.1%' And tblState.Statename =
  'Active'
Order By tblAssets.Domain,
  tblAssets.AssetName,
  Software

View solution in original post

0 Kudos
2 REPLIES 2
Go to solution
AZHockeyNut
Champion Sweeper III

‎06-04-2018 04:16 PM

thanks!!!!
0 Kudos
Go to solution
Esben_D
Lansweeper Employee
Lansweeper Employee

‎06-04-2018 11:29 AM

This report should work.

Based on the information linked, any Git version below 2.17.1 is vulnerable. The report below shows any assets with Git on it that does not have version 2.17.1.
This does mean that you if new updates comes out, the higher release versions will also be displayed.

Select Top 1000000 tblAssets.AssetID,
  tblAssets.AssetName,
  tblAssets.Domain,
  tblAssets.Username,
  tblAssets.Userdomain,
  Coalesce(tsysOS.Image, tsysAssetTypes.AssetTypeIcon10) As icon,
  tblAssets.IPAddress,
  tsysIPLocations.IPLocation,
  tblAssetCustom.Manufacturer,
  tblAssetCustom.Model,
  tsysOS.OSname As OS,
  tblAssets.SP,
  tblAssets.Lastseen,
  tblAssets.Lasttried,
  tblSoftwareUni.softwareName As Software,
  tblSoftware.softwareVersion As Version,
  tblSoftwareUni.SoftwarePublisher As Publisher,
  tblSoftware.Lastchanged
From tblAssets
  Inner Join tblAssetCustom On tblAssets.AssetID = tblAssetCustom.AssetID
  Inner Join tsysAssetTypes On tsysAssetTypes.AssetType = tblAssets.Assettype
  Inner Join tsysIPLocations On tsysIPLocations.LocationID =
    tblAssets.LocationID
  Inner Join tblState On tblState.State = tblAssetCustom.State
  Inner Join tblSoftware On tblAssets.AssetID = tblSoftware.AssetID
  Inner Join tblSoftwareUni On tblSoftwareUni.SoftID = tblSoftware.softID
  Left Join tsysOS On tsysOS.OScode = tblAssets.OScode
Where tblSoftwareUni.softwareName = 'Git version%' And
  tblSoftware.softwareVersion Not Like '2.17.1%' And tblState.Statename =
  'Active'
Order By tblAssets.Domain,
  tblAssets.AssetName,
  Software
0 Kudos

New to Lansweeper?

Try Lansweeper For Free

Experience Lansweeper with your own data.
Sign up now for a 14-day free trial.

Try Now