Gitblit Source Code Repository Authentication Bypass Vulnerability
BID:50707
Info
Gitblit Source Code Repository Authentication Bypass Vulnerability
| Bugtraq ID: | 50707 |
| Class: | Access Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Nov 17 2011 12:00AM |
| Updated: | Nov 17 2011 12:00AM |
| Credit: | Reported by the vendor |
| Vulnerable: |
Gitblit Gitblit 0.6.9 |
| Not Vulnerable: |
Gitblit Gitblit 0.7 |
Discussion
Gitblit Source Code Repository Authentication Bypass Vulnerability
Gitblit is prone to a remote authentication-bypass vulnerability.
An attacker can exploit this issue to clone a source code repository with invalid login credentials.
Versions prior to Gitblit 0.7.0 are vulnerable.
Gitblit is prone to a remote authentication-bypass vulnerability.
An attacker can exploit this issue to clone a source code repository with invalid login credentials.
Versions prior to Gitblit 0.7.0 are vulnerable.
Exploit / POC
Gitblit Source Code Repository Authentication Bypass Vulnerability
An attacker can use readily available network utilities to exploit this issue.
An attacker can use readily available network utilities to exploit this issue.
Solution / Fix
Gitblit Source Code Repository Authentication Bypass Vulnerability
Solution:
Updates are available. Please see the references for more information.
Solution:
Updates are available. Please see the references for more information.
References
Gitblit Source Code Repository Authentication Bypass Vulnerability
References:
References: