SB2014051201 - Multiple vulnerabilities in GitLab, Gitlab Community Edition

Description

This security bulletin contains information about 2 secuirty vulnerabilities.

1) Input validation error (CVE-ID: CVE-2013-4489)

The vulnerability allows a remote #AU# to read and manipulate data.

The Grit gem for Ruby, as used in GitLab 5.2 before 5.4.1 and 6.x before 6.2.3, allows remote authenticated users to execute arbitrary commands, as demonstrated by the search box for the GitLab code search feature. Per: http://cwe.mitre.org/data/definitions/77.html "CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection')"

2) Improper Authentication (CVE-ID: CVE-2013-4580)

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

GitLab before 5.4.2, Community Edition before 6.2.4, and Enterprise Edition before 6.2.1, when using a MySQL backend, allows remote attackers to impersonate arbitrary users and bypass authentication via unspecified API calls.

Remediation

Install update from vendor's website.

References

• https://www.gitlab.com/2013/11/04/gitlab-ce-6-2-and-5-4-security-release/
• http://www.openwall.com/lists/oss-security/2013/11/15/4
• https://www.gitlab.com/2013/11/14/multiple-critical-vulnerabilities-in-gitlab/