CVE-2013-4451

Name of the Vulnerable Software and Affected Versions gitolite versions fa06a34 through 3.5.3

Description The issue might allow attackers to have an unspecified impact via vectors involving world-writable permissions when creating files such as ~/.gitolite.rc, ~/.gitolite, or ~/repositories/gitolite-admin.git on fresh installs.

Recommendations For gitolite versions fa06a34 through 3.5.3, consider restricting world-writable permissions to minimize the risk of exploitation. As a temporary workaround, ensure that the permissions for the creation of ~/.gitolite.rc, ~/.gitolite, and ~/repositories/gitolite-admin.git are properly set to prevent unauthorized access.