Back to search
CVE-2010-0394
Published: Feb 10, 2010
Modified: Aug 7, 2024
PUBLISHED
Description
PyGIT.py in the Trac Git plugin (trac-git) before 0.0.20080710-3+lenny1 and before 0.0.20090320-1 on Debian GNU/Linux, when enabled in Trac, allows remote attackers to execute arbitrary commands via shell metacharacters in a crafted HTTP query that is used to generate a certain git command.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=567039
x_refsource_CONFIRM
38325
third-party-advisory
x_refsource_SECUNIA
38076
vdb-entry
x_refsource_BID
DSA-1990
vendor-advisory
x_refsource_DEBIAN
tracgit-command-execution(56105)
vdb-entry
x_refsource_XF
62147
vdb-entry
x_refsource_OSVDB
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now