gitolite Admin-Defined Commands Directory Traversal Security Issue


Description   A security issue has been reported in gitolite, which can be exploited by malicious users to bypass certain security restrictions.
The security issue is caused due to an error within the handling of admin-defined commands (ADC), which can be exploited to execute arbitrary commands with the privileges of the gitolite server via directory traversal attacks.
Successful exploitation requires that ADC commands are enabled ("GL_ADC_PATH" is set in the rc file).
The security issue is reported in versions prior to 1.5.9.1.
     
Vulnerable Products   Vulnerable Software:
gitolite 1.x
     
Solution   Update to version 1.5.9.1.
     
CVE   CVE-2011-1572
     
References   http://groups.google.com/group/gitolite/browse_thread/thread/797a93ec26e1dcbc
     
Vulnerability Manager Detection   No
     
IPS Protection  
ASQ Engine alarm Available Since
Misc : Directory traversal - parameter starting with ../
3.2.0
Directory traversal using ..\..
3.2.0
Directory traversal
3.2.0
Directory traversal backward root folder
3.2.0
     


 
 
 
 
 Risk level 
Moderate 

 Vulnerability First Public Report Date 
2011-02-22 

 Target Type 
Server 

 Possible exploit 
Remote