Описание
Directory traversal vulnerability in the Admin Defined Commands (ADC) feature in gitolite before 1.5.9.1 allows remote attackers to execute arbitrary commands via .. (dot dot) sequences in admin-defined commands.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| gitolite | fixed | 1.5.7-2 | package | |
| gitolite | fixed | 1.5.4-2+squeeze1 | squeeze | package |
Примечания
https://github.com/sitaramc/gitolite/commit/a33f0f85047834212ff4baf5b479c6cf3d2a6075
https://github.com/sitaramc/gitolite/commit/4ce00aef84d1ff7c35f7adbbb99a6241cfda00cc
EPSS
Связанные уязвимости
Directory traversal vulnerability in the Admin Defined Commands (ADC) feature in gitolite before 1.5.9.1 allows remote attackers to execute arbitrary commands via .. (dot dot) sequences in admin-defined commands.
Directory traversal vulnerability in the Admin Defined Commands (ADC) feature in gitolite before 1.5.9.1 allows remote attackers to execute arbitrary commands via .. (dot dot) sequences in admin-defined commands.
Directory traversal vulnerability in the Admin Defined Commands (ADC) feature in gitolite before 1.5.9.1 allows remote attackers to execute arbitrary commands via .. (dot dot) sequences in admin-defined commands.
EPSS