CVE-2011-1572

Name of the Vulnerable Software and Affected Versions gitolite versions prior to 1.5.9.1

Description The issue allows remote attackers to execute arbitrary commands via .. (dot dot) sequences in admin-defined commands, due to a directory traversal vulnerability in the Admin Defined Commands (ADC) feature.

Recommendations For versions prior to 1.5.9.1, update to version 1.5.9.1 or later to resolve the issue.