BitKeeper Daemon Mode diff Shell Command Injection

high Nessus Plugin ID 11198

Synopsis

The remote revision control server has a remote command execution vulnerability.

Description

The remote host is running version 3.0.x of BitKeeper.
Some versions of this service are known to allow anyone to execute arbitrary commands with the privileges of the BitKeeper daemon.

*** Nessus did not check for this vulnerability, but solely
*** relied on the banner of the remote server to issue this warning.

BitKeeper is also reportedly vulnerable to a race condition involving temporary file creation. Nessus did not check for this issue.

Solution

Upgrade to the latest version of BitKeeper.

See Also

https://seclists.org/vulnwatch/2003/q1/19

Plugin Details

Severity: High

ID: 11198

File Name: bitkeeper_remote_shell.nasl

Version: 1.19

Type: remote

Published: 1/16/2003

Updated: 11/15/2018

Supported Sensors: Nessus

Vulnerability Information

Required KB Items: www/BitKeeper

Exploit Available: true

Exploit Ease: Exploits are available

Reference Information

BID: 6588, 6589, 6590

Secunia: 7854