CVE-2011-1572

N/A Unknown

Published: October 04, 2011 Modified: April 29, 2026

Description

Directory traversal vulnerability in the Admin Defined Commands (ADC) feature in gitolite before 1.5.9.1 allows remote attackers to execute arbitrary commands via .. (dot dot) sequences in admin-defined commands.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://groups.google.com/group/gitolite/browse_thread/thread/797a93ec26e1dcbc?pli=1

Source: secalert@redhat.com

http://seclists.org/oss-sec/2011/q2/197

Source: secalert@redhat.com

Patch

http://seclists.org/oss-sec/2011/q2/209

Source: secalert@redhat.com

Patch

http://www.debian.org/security/2011/dsa-2215

Source: secalert@redhat.com

http://www.securityfocus.com/bid/46473

Source: secalert@redhat.com

Patch

https://bugzilla.redhat.com/show_bug.cgi?id=695568

Source: secalert@redhat.com

Patch

https://exchange.xforce.ibmcloud.com/vulnerabilities/65542

Source: secalert@redhat.com

https://github.com/sitaramc/gitolite/commit/4ce00aef84d1ff7c35f7adbbb99a6241cfda00cc

Source: secalert@redhat.com

Patch

http://groups.google.com/group/gitolite/browse_thread/thread/797a93ec26e1dcbc?pli=1