MidnightBSD

Advisories for sitaram_chamarty

CVE-2012-4506 MEDIUM

Directory traversal vulnerability in gitolite 3.x before 3.1, when wild card repositories and a pattern matching "../" are enabled, allows remote authenticated users to create arbitrary repositories and possibly perform other actions via a .. (dot dot) in a repository name.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-22,

Products Affected

Vendor Product Version
gitolite gitolite 3.0
gitolite gitolite 3.03
gitolite gitolite 3.04
sitaram_chamarty gitolite 3.01
gitolite gitolite 3.02