CVE-2011-1572
Published Oct 4, 2011
Last updated 5 years ago
Overview
- Description
- Directory traversal vulnerability in the Admin Defined Commands (ADC) feature in gitolite before 1.5.9.1 allows remote attackers to execute arbitrary commands via .. (dot dot) sequences in admin-defined commands.
- Source
- secalert@redhat.com
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 6.8
- Impact score
- 6.4
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- CWE-22
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gitolite:gitolite:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9D4F021E-D2F9-4987-A9DA-F652F024F892",
"versionEndIncluding": "1.5.9"
},
{
"criteria": "cpe:2.3:a:gitolite:gitolite:0.50:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9B00ECB9-B900-4A7D-9E16-F7CC9234D1BA"
},
{
"criteria": "cpe:2.3:a:gitolite:gitolite:0.55:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "03D7FD64-44D8-4649-B234-25570C7002BA"
},
{
"criteria": "cpe:2.3:a:gitolite:gitolite:0.60:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C34A62EA-6141-46BC-861C-9B27B73879F3"
},
{
"criteria": "cpe:2.3:a:gitolite:gitolite:0.65:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EF3B2609-E301-4F04-A41E-56904F2198B4"
},
{
"criteria": "cpe:2.3:a:gitolite:gitolite:0.70:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F932CA6A-B5A8-4127-A05B-0B2451B058B6"
},
{
"criteria": "cpe:2.3:a:gitolite:gitolite:0.80:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A7856BE3-0ACB-4110-9588-4D54D6542670"
},
{
"criteria": "cpe:2.3:a:gitolite:gitolite:0.85:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6335BE0C-58F8-4ACE-BA81-552339A7F085"
},
{
"criteria": "cpe:2.3:a:gitolite:gitolite:0.90:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6D47DC83-99F9-4BE9-A265-3534D1014B20"
},
{
"criteria": "cpe:2.3:a:gitolite:gitolite:0.95:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4A719302-490A-4652-A834-E431C7BCCECA"
},
{
"criteria": "cpe:2.3:a:gitolite:gitolite:1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A96FBE8E-4A1E-4306-8D2D-9D0C531A8D75"
},
{
"criteria": "cpe:2.3:a:gitolite:gitolite:1.0:rc1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C3AEB2CF-276F-4C04-9729-DB9753C8D804"
},
{
"criteria": "cpe:2.3:a:gitolite:gitolite:1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "850F72D5-BF5B-438A-B9AE-E5EFDD4E1631"
},
{
"criteria": "cpe:2.3:a:gitolite:gitolite:1.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5B418106-A153-4561-83A9-3CCA7749F4EE"
},
{
"criteria": "cpe:2.3:a:gitolite:gitolite:1.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6C0E473E-0FFF-4AB7-AE83-1A1D84857127"
},
{
"criteria": "cpe:2.3:a:gitolite:gitolite:1.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "794D0551-9624-476D-9C92-241E778AF4A3"
},
{
"criteria": "cpe:2.3:a:gitolite:gitolite:1.4.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AEE889D6-5C1E-4C3A-85DA-982322D74FBB"
},
{
"criteria": "cpe:2.3:a:gitolite:gitolite:1.4.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1A6A0ADB-C8B8-4D1E-8A4C-08CBA6B5E9A8"
},
{
"criteria": "cpe:2.3:a:gitolite:gitolite:1.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "91EB741F-94D1-4361-8F4C-B1405A40E35D"
},
{
"criteria": "cpe:2.3:a:gitolite:gitolite:1.5.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1EE930FA-AA3E-461C-8FE1-82F32B65F505"
},
{
"criteria": "cpe:2.3:a:gitolite:gitolite:1.5.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "53548625-65A5-4A68-B847-0F7595661602"
},
{
"criteria": "cpe:2.3:a:gitolite:gitolite:1.5.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EA62E8B7-039E-486B-B06F-766B0B351A3D"
},
{
"criteria": "cpe:2.3:a:gitolite:gitolite:1.5.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F9C6BF86-6B75-4FDA-9B9C-547E90CD87A5"
},
{
"criteria": "cpe:2.3:a:gitolite:gitolite:1.5.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C3B7B6C9-ECCD-4023-9BEB-33AE12B02A8A"
},
{
"criteria": "cpe:2.3:a:gitolite:gitolite:1.5.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1C6E961E-701E-463D-BBF8-A67EF14229C3"
},
{
"criteria": "cpe:2.3:a:gitolite:gitolite:1.5.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A21C5AE6-D644-4F37-BC6C-FA270D29A884"
},
{
"criteria": "cpe:2.3:a:gitolite:gitolite:1.5.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "68890C03-F497-4B25-8EB0-6196CB65EA2B"
}
],
"operator": "OR"
}
]
}
]