Candidate: CVE-2011-1572
PublicDate: 2011-10-04 10:55:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1572
 http://www.debian.org/security/2011/dsa-2215
Description:
 Directory traversal vulnerability in the Admin Defined Commands (ADC)
 feature in gitolite before 1.5.9.1 allows remote attackers to execute
 arbitrary commands via .. (dot dot) sequences in admin-defined commands.
Ubuntu-Description:
Notes:
Bugs:
 https://bugzilla.redhat.com/show_bug.cgi?id=695568
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_gitolite:
 upstream: https://github.com/sitaramc/gitolite/commit/4ce00aef84d1ff7c35f7adbbb99a6241cfda00cc
upstream_gitolite: released (1.5.9.1)
hardy_gitolite: DNE
lucid_gitolite: DNE
maverick_gitolite: ignored (reached end-of-life)
natty_gitolite: ignored (reached end-of-life)
oneiric_gitolite: not-affected (2.0.3-2)
precise_gitolite: not-affected (2.0.3-2)
quantal_gitolite: not-affected (2.0.3-2)
devel_gitolite: not-affected (2.0.3-2)