|
|
Subscribe / Log in / New account

gitolite: arbitrary code execution

Package(s):gitolite CVE #(s):
Created:February 22, 2011 Updated:April 11, 2011
Description: From the Fedora advisory:

Dylan Alex Simon discovered and reported a directory traversal flaw in the way Gitolite restricted access to admin defined commands ("ADC"). An authenticated attacker could execute arbitrary code with privileges of Gitolite server user using specially crafted command name.

Alerts:
Debian DSA-2215-1 gitolite 2011-04-09
Fedora FEDORA-2011-1644 gitolite 2011-02-16
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds