CVE-2011-1572
Published: 4 October 2011
Directory traversal vulnerability in the Admin Defined Commands (ADC) feature in gitolite before 1.5.9.1 allows remote attackers to execute arbitrary commands via .. (dot dot) sequences in admin-defined commands.
Priority
Status
Package | Release | Status |
---|---|---|
gitolite Launchpad, Ubuntu, Debian |
hardy |
Does not exist
|
lucid |
Does not exist
|
|
maverick |
Ignored
(end of life)
|
|
natty |
Ignored
(end of life)
|
|
oneiric |
Not vulnerable
(2.0.3-2)
|
|
precise |
Not vulnerable
(2.0.3-2)
|
|
quantal |
Not vulnerable
(2.0.3-2)
|
|
upstream |
Released
(1.5.9.1)
|
|
Patches: upstream: https://github.com/sitaramc/gitolite/commit/4ce00aef84d1ff7c35f7adbbb99a6241cfda00cc |