Test ID:	1.3.6.1.4.1.25623.1.0.103720
Category:	Web application abuses
Title:	cgit 'url' Parameter Directory Traversal Vulnerability
Summary:	cgit is prone to a directory traversal vulnerability.;; An attacker can exploit this issue using directory-traversal strings; to retrieve arbitrary files outside of the server root directory. This; may aid in further attacks.
Description:	Summary: cgit is prone to a directory traversal vulnerability. An attacker can exploit this issue using directory-traversal strings to retrieve arbitrary files outside of the server root directory. This may aid in further attacks. Solution: Updates are available. Please see the references or vendor advisory for more information. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2013-2117 http://lists.zx2c4.com/pipermail/cgit/2013-May/001394.html http://www.openwall.com/lists/oss-security/2013/05/27/3 http://secunia.com/advisories/54186 SuSE Security Announcement: openSUSE-SU-2013:1207 (Google Search) http://lists.opensuse.org/opensuse-updates/2013-07/msg00061.html SuSE Security Announcement: openSUSE-SU-2013:1303 (Google Search) http://lists.opensuse.org/opensuse-updates/2013-08/msg00012.html
Copyright	Copyright (C) 2013 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.