PyGIT.py in the Trac Git plugin (trac-git) before 0.0.20080710-3+lenny1 and before 0.0.20090320-1 on Debian GNU/Linux, when enabled in Trac, allows remote attackers to execute arbitrary commands via shell metacharacters in a crafted HTTP query that is used to generate a certain git command.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2010-02-10T02:00:00
Updated: 2024-08-07T00:45:12.238Z
Reserved: 2010-01-27T00:00:00
Link: CVE-2010-0394
Vulnrichment
No data.
NVD
Status : Modified
Published: 2010-02-10T02:30:00.857
Modified: 2017-08-17T01:31:59.243
Link: CVE-2010-0394
Redhat
No data.