6 matches found
EUVD-2010-0425
Malware in sbrugna...
Command injection
PyGIT.py in the Trac Git plugin trac-git before 0.0.20080710-3+lenny1 and before 0.0.20090320-1 on Debian GNU/Linux, when enabled in Trac, allows remote attackers to execute arbitrary commands via shell metacharacters in a crafted HTTP query that is used to generate a certain git command...
CVE-2010-0394
PyGIT.py in the Trac Git plugin trac-git before 0.0.20080710-3+lenny1 and before 0.0.20090320-1 on Debian GNU/Linux, when enabled in Trac, allows remote attackers to execute arbitrary commands via shell metacharacters in a crafted HTTP query that is used to generate a certain git command...
CVE-2010-0394
PyGIT.py in the Trac Git plugin trac-git before 0.0.20080710-3+lenny1 and before 0.0.20090320-1 on Debian GNU/Linux, when enabled in Trac, allows remote attackers to execute arbitrary commands via shell metacharacters in a crafted HTTP query that is used to generate a certain git command...
CVE-2010-0394
PyGIT.py in the Trac Git plugin trac-git before 0.0.20080710-3+lenny1 and before 0.0.20090320-1 on Debian GNU/Linux, when enabled in Trac, allows remote attackers to execute arbitrary commands via shell metacharacters in a crafted HTTP query that is used to generate a certain git command...
CVE-2010-0394
The CVE concerns trac-git (Trac Git plugin) where PyGIT.py allows remote code execution by passing shell metacharacters in a crafted HTTP query to generate a git command. Affected: Debian/Ubuntu packaging of trac-git prior to 0.0.20080710-3+lenny1 (and prior to 0.0.20090320-1 in newer releases); ...