Lucene search
SAINT CorporationSAINT:D9D6B71A2DD104858A4CE00ED62EE8BDHistoryJul 14, 2014 - 12:00 a.m.
GitList blame resource command injection
2014-07-1400:00:00
SAINT Corporation
www.saintcorporation.com
32
0.965 High
EPSS
Percentile
99.6%
Added: 07/14/2014
CVE: CVE-2014-4511
BID: 68253
OSVDB: 108504
Background
GitList is a web-based git repository viewer.
Problem
A vulnerability in GitList allows remote attackers to execute arbitrary commands by sending a specially crafted request for the **blame** resource.
Resolution
Upgrade to GitList 0.5.0 or higher.
References
<http://hatriot.github.io/blog/2014/06/29/gitlist-rce/>
Limitations
The URL path to a gitlist repository must be known.
Platforms
Linux
Related
saint
saint
GitList blame resource command injection
2014-07-14 00:00:00
GitList blame resource command injection
2014-07-14 00:00:00
GitList blame resource command injection
2014-07-14 00:00:00
packetstorm
packetstorm
Gitlist 0.4.0 Remote Code Execution
2014-06-30 00:00:00
Gitlist Unauthenticated Remote Command Execution
2014-07-06 00:00:00
cvelist
cvelist
CVE-2014-4511
2014-07-22 14:00:00
openvas
openvas
Gitlist RCE Vulnerability
2014-06-30 00:00:00
exploitpack
exploitpack
Gitlist 0.4.0 - Remote Code Execution
2014-06-30 00:00:00
Gitlist-0.4.0
2015-01-04 16:46:27
checkpoint_advisories
checkpoint_advisories
GitList URL Remote Code Execution (CVE-2014-4511)
2014-10-06 00:00:00
cve
cve
CVE-2014-4511
2014-07-22 14:55:09
zdt
zdt
Gitlist Unauthenticated Remote Command Execution Exploit
2014-07-06 00:00:00
Gitlist <= 0.4.0 - Remote Code Execution Exploit
2014-06-30 00:00:00
seebug
seebug
Gitlist <= 0.4.0 - Remote Code Execution
2014-07-01 00:00:00
prion
prion
Design/Logic Flaw
2014-07-22 14:55:00
nvd
nvd
CVE-2014-4511
2014-07-22 14:55:09
exploitdb
exploitdb
Gitlist 0.4.0 - Remote Code Execution
2014-06-30 00:00:00