gollum 'grit_adapter' Adapter Remote Command Execution Vulnerability

gollum is prone to a remote command-execution vulnerability.

Attackers can exploit this issue to execute arbitrary command within the context of user running the affected application. Failed exploit attempts will result in a denial-of-service condition.

The following products are vulnerable:

Versions prior to gollum 3.1.1 are vulnerable.
Versions prior to grit_adapter 0.1.1 are vulnerable.
Versions prior to gollum-lib 4.0.1 are vulnerable.


 

Privacy Statement
Copyright 2010, SecurityFocus