CVE-2010-0394

NameCVE-2010-0394
DescriptionPyGIT.py in the Trac Git plugin (trac-git) before 0.0.20080710-3+lenny1 and before 0.0.20090320-1 on Debian GNU/Linux, when enabled in Trac, allows remote attackers to execute arbitrary commands via shell metacharacters in a crafted HTTP query that is used to generate a certain git command.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
ReferencesDSA-1990-1, DSA-1990-2
Debian Bugs567039

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
trac-gitsourcelenny0.0.20080710-3+lenny2DSA-1990-2
trac-gitsource(unstable)0.0.20090320-1high567039

Search for package or bug name: Reporting problems