Lucene search
MitreCVELIST:CVE-2004-0755HistoryAug 19, 2004 - 4:00 a.m.
CVE-2004-0755
2004-08-1904:00:00
mitre
www.cve.org
1
The FileStore capability in CGI::Session for Ruby before 1.8.1, and possibly PStore, creates files with insecure permissions, which can allow local users to steal session information and hijack sessions.
References
secunia.com/advisories/12290/
www.debian.org/security/2004/dsa-537
www.gentoo.org/security/en/glsa/glsa-200409-08.xml
www.mandriva.com/security/advisories?name=MDKSA-2004:128
exchange.xforce.ibmcloud.com/vulnerabilities/16996
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11128
Related
securityvulns
securityvulns
[ GLSA 200409-08 ] Ruby: CGI::Session creates files insecurely
2004-09-06 00:00:00
nessus
nessus
GLSA-200409-08 : Ruby: CGI::Session creates files insecurely
2004-09-04 00:00:00
Fedora Core 2 : ruby-1.8.1-6 (2004-264)
2004-10-15 00:00:00
Debian DSA-537-1 : ruby - insecure file permissions
2004-09-29 00:00:00
openvas
openvas
Debian Security Advisory DSA 537-1 (ruby)
2008-01-17 00:00:00
FreeBSD Ports: ruby
2008-09-04 00:00:00
Gentoo Security Advisory GLSA 200409-08 (dev-lang/ruby)
2008-09-24 00:00:00
gentoo
gentoo
Ruby: CGI::Session creates files insecurely
2004-09-03 00:00:00
osv
osv
ruby - insecure file permissions
2004-08-16 00:00:00
redhat
redhat
(RHSA-2004:441) ruby security update
2004-09-30 00:00:00
cve
cve
CVE-2004-0755
2004-10-20 04:00:00
ubuntucve
ubuntucve
CVE-2004-0755
2004-10-20 00:00:00
freebsd
freebsd
Ruby insecure file permissions in the CGI session management
2004-08-16 00:00:00
nvd
nvd
CVE-2004-0755
2004-10-20 04:00:00
debian
debian
[SECURITY] [DSA 537-1] New Ruby packages fix insecure CGI session management
2004-08-16 04:12:49
[SECURITY] [DSA 537-1] New Ruby packages fix insecure CGI session management
2004-08-16 04:12:49