Vulnerabilities > CVE-2013-4490 - Unspecified vulnerability in Gitlab and Gitlab-Shell
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
The SSH key upload feature (lib/gitlab_keys.rb) in gitlab-shell before 1.7.3, as used in GitLab 5.0 before 5.4.1 and 6.x before 6.2.3, allows remote authenticated users to execute arbitrary commands via shell metacharacters in the public key.
Vulnerable Configurations
Exploit-Db
| description | Gitlab-shell Code Execution. CVE-2013-4490. Remote exploit for linux platform |
| id | EDB-ID:34362 |
| last seen | 2016-02-03 |
| modified | 2014-08-19 |
| published | 2014-08-19 |
| reporter | metasploit |
| source | https://www.exploit-db.com/download/34362/ |
| title | Gitlab-shell Code Execution |
Metasploit
| description | This module takes advantage of the addition of authorized ssh keys in the gitlab-shell functionality of Gitlab. Versions of gitlab-shell prior to 1.7.4 used the ssh key provided directly in a system call resulting in a command injection vulnerability. As this relies on adding an ssh key to an account, valid credentials are required to exploit this vulnerability. |
| id | MSF:EXPLOIT/MULTI/HTTP/GITLAB_SHELL_EXEC |
| last seen | 2020-06-08 |
| modified | 2017-07-24 |
| published | 2014-08-06 |
| references | |
| reporter | Rapid7 |
| source | https://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/multi/http/gitlab_shell_exec.rb |
| title | Gitlab-shell Code Execution |
Packetstorm
| data source | https://packetstormsecurity.com/files/download/127916/gitlab_shell_exec.rb.txt |
| id | PACKETSTORM:127916 |
| last seen | 2016-12-05 |
| published | 2014-08-18 |
| reporter | Brandon Knight |
| source | https://packetstormsecurity.com/files/127916/Gitlab-shell-Code-Execution.html |
| title | Gitlab-shell Code Execution |