CVE-2013-4451

Published: Sep 21, 2018

Modified: Aug 6, 2024

PUBLISHED

Description

gitolite commit fa06a34 through 3.5.3 might allow attackers to have unspecified impact via vectors involving world-writable permissions when creating (1) ~/.gitolite.rc, (2) ~/.gitolite, or (3) ~/repositories/gitolite-admin.git on fresh installs.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

[oss-security] 20131021 Re: CVE Request: gitolite world writable files for fresh installs of v3.5.3

mailing-list

x_refsource_MLIST

63237

vdb-entry

x_refsource_BID

https://github.com/sitaramc/gitolite/commit/3dad4f8e3214d6ab5f71823019a624fa48b055a3

x_refsource_CONFIRM

https://groups.google.com/forum/#%21topic/gitolite/Tu1sjaf7A4A/discussion

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2013-4451

Description

Affected Products

References