Search...

Fedora Update for rubygem-actionpack FEDORA-2012-0643

2012-03-19T00:00:00

ID OPENVAS:1361412562310863782
Type openvas
Reporter Copyright (c) 2012 Greenbone Networks GmbH
Modified 2019-03-15T00:00:00

Description

The remote host is missing an update for the

                                        
                                            ###############################################################################
# OpenVAS Vulnerability Test
#
# Fedora Update for rubygem-actionpack FEDORA-2012-0643
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################

if(description)
{
  script_xref(name:"URL", value:"http://lists.fedoraproject.org/pipermail/package-announce/2012-January/072462.html");
  script_oid("1.3.6.1.4.1.25623.1.0.863782");
  script_version("$Revision: 14223 $");
  script_tag(name:"last_modification", value:"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $");
  script_tag(name:"creation_date", value:"2012-03-19 12:15:32 +0530 (Mon, 19 Mar 2012)");
  script_cve_id("CVE-2011-4319");
  script_tag(name:"cvss_base", value:"4.3");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:N/I:P/A:N");
  script_xref(name:"FEDORA", value:"2012-0643");
  script_name("Fedora Update for rubygem-actionpack FEDORA-2012-0643");
  script_tag(name:"summary", value:"The remote host is missing an update for the 'rubygem-actionpack'
  package(s) announced via the referenced advisory.");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (c) 2012 Greenbone Networks GmbH");
  script_family("Fedora Local Security Checks");
  script_dependencies("gather-package-list.nasl");
  script_mandatory_keys("ssh/login/fedora", "ssh/login/rpms", re:"ssh/login/release=FC16");
  script_tag(name:"affected", value:"rubygem-actionpack on Fedora 16");
  script_tag(name:"solution", value:"Please install the updated package(s).");
  script_tag(name:"qod_type", value:"package");
  script_tag(name:"solution_type", value:"VendorFix");

  exit(0);
}

include("revisions-lib.inc");
include("pkg-lib-rpm.inc");

release = rpm_get_ssh_release();
if(!release)
  exit(0);

res = "";

if(release == "FC16")
{

  if ((res = isrpmvuln(pkg:"rubygem-actionpack", rpm:"rubygem-actionpack~3.0.10~2.fc16", rls:"FC16")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if (__pkg_match) exit(99);
  exit(0);
}

JSON Vulners Source

Initial Source

{"id": "OPENVAS:1361412562310863782", "type": "openvas", "bulletinFamily": "scanner", "title": "Fedora Update for rubygem-actionpack FEDORA-2012-0643", "description": "The remote host is missing an update for the ", "published": "2012-03-19T00:00:00", "modified": "2019-03-15T00:00:00", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863782", "reporter": "Copyright (c) 2012 Greenbone Networks GmbH", "references": ["2012-0643", "http://lists.fedoraproject.org/pipermail/package-announce/2012-January/072462.html"], "cvelist": ["CVE-2011-4319"], "lastseen": "2019-05-29T18:39:05", "viewCount": 1, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2011-4319", "CVE-2012-0643"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310863810", "OPENVAS:1361412562310864039", "OPENVAS:1361412562310863709", "OPENVAS:1361412562310864444", "OPENVAS:864461", "OPENVAS:864039", "OPENVAS:863709", "OPENVAS:864444", "OPENVAS:863782", "OPENVAS:863810"]}, {"type": "github", "idList": ["GHSA-XXR8-833V-C7WC"]}, {"type": "fedora", "idList": ["FEDORA:8AEB121931", "FEDORA:B5E2821466", "FEDORA:48F8B200DF", "FEDORA:AFC4820E15", "FEDORA:0132C20F1D", "FEDORA:4559220F4C", "FEDORA:68E0120EF2", "FEDORA:1946120C02", "FEDORA:79C4F20EDE", "FEDORA:CC91B21827"]}], "modified": "2019-05-29T18:39:05", "rev": 2}, "score": {"value": 5.8, "vector": "NONE", "modified": "2019-05-29T18:39:05", "rev": 2}, "vulnersScore": 5.8}, "pluginID": "1361412562310863782", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for rubygem-actionpack FEDORA-2012-0643\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-January/072462.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863782\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-03-19 12:15:32 +0530 (Mon, 19 Mar 2012)\");\n script_cve_id(\"CVE-2011-4319\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_xref(name:\"FEDORA\", value:\"2012-0643\");\n script_name(\"Fedora Update for rubygem-actionpack FEDORA-2012-0643\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'rubygem-actionpack'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC16\");\n script_tag(name:\"affected\", value:\"rubygem-actionpack on Fedora 16\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"rubygem-actionpack\", rpm:\"rubygem-actionpack~3.0.10~2.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "naslFamily": "Fedora Local Security Checks"}

{"cve": [{"lastseen": "2021-02-02T05:51:07", "description": "Cross-site scripting (XSS) vulnerability in the i18n translations helper method in Ruby on Rails 3.0.x before 3.0.11 and 3.1.x before 3.1.2, and the rails_xss plugin in Ruby on Rails 2.3.x, allows remote attackers to inject arbitrary web script or HTML via vectors related to a translations string whose name ends with an \"html\" substring.", "edition": 5, "cvss3": {}, "published": "2011-11-28T11:55:00", "title": "CVE-2011-4319", "type": "cve", "cwe": ["CWE-79"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-4319"], "modified": "2019-08-08T15:42:00", "cpe": ["cpe:/a:rubyonrails:rails:3.1.1", "cpe:/a:rubyonrails:rails:3.0.10", "cpe:/a:rubyonrails:rails:3.0.7", "cpe:/a:rubyonrails:rails:3.0.0", "cpe:/a:rubyonrails:rails:2.3.3", "cpe:/a:rubyonrails:rails:3.0.4", "cpe:/a:rubyonrails:rails:3.1.0", "cpe:/a:rubyonrails:rails:3.0.6", "cpe:/a:rubyonrails:rails:3.0.8", "cpe:/a:rubyonrails:rails:3.0.1", "cpe:/a:rubyonrails:rails:3.0.9", "cpe:/a:rubyonrails:ruby_on_rails:3.0.4", "cpe:/a:rubyonrails:rails:2.3.9", "cpe:/a:rubyonrails:rails:2.3.4", "cpe:/a:rubyonrails:rails:3.0.3", "cpe:/a:rubyonrails:rails:3.0.5", "cpe:/a:rubyonrails:rails:2.3.10", "cpe:/a:rubyonrails:rails:2.3.12", "cpe:/a:rubyonrails:rails:3.0.2", "cpe:/a:rubyonrails:rails:2.3.11", "cpe:/a:rubyonrails:rails:2.3.2"], "id": "CVE-2011-4319", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-4319", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:rubyonrails:rails:2.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.4:rc1:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:2.3.4:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.1.0:rc5:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.8:rc4:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.1.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.0:beta2:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.8:rc3:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.1.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.2:pre:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.1.1:rc2:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.0:beta4:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.1.0:beta1:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.7:rc1:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:2.3.11:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.5:rc1:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:ruby_on_rails:3.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.1.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.1.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.8:rc2:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:2.3.9:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.0:beta:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.6:rc2:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.1.0:rc8:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:2.3.12:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.6:rc1:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:2.3.10:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.7:rc2:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.9:rc3:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.9:rc1:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.9:rc4:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:2.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.9:rc5:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.0:beta3:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.9:rc2:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.1:pre:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.1.0:rc7:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.1.1:rc3:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.1.0:rc6:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.1.0:rc4:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.8:rc1:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.10:rc1:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.0:rc:*:*:*:*:*:*"]}], "openvas": [{"lastseen": "2018-01-02T10:57:29", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4319"], "description": "Check for the Version of rubygem-actionpack", "modified": "2018-01-01T00:00:00", "published": "2012-03-19T00:00:00", "id": "OPENVAS:863782", "href": "http://plugins.openvas.org/nasl.php?oid=863782", "type": "openvas", "title": "Fedora Update for rubygem-actionpack FEDORA-2012-0643", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for rubygem-actionpack FEDORA-2012-0643\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"rubygem-actionpack on Fedora 16\";\ntag_insight = \"Eases web-request routing, handling, and response as a half-way front,\n half-way page controller. Implemented with specific emphasis on enabling easy\n unit/integration testing that doesn't require a browser.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-January/072462.html\");\n script_id(863782);\n script_version(\"$Revision: 8265 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-01 07:29:23 +0100 (Mon, 01 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-03-19 12:15:32 +0530 (Mon, 19 Mar 2012)\");\n script_cve_id(\"CVE-2011-4319\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_xref(name: \"FEDORA\", value: \"2012-0643\");\n script_name(\"Fedora Update for rubygem-actionpack FEDORA-2012-0643\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of rubygem-actionpack\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"rubygem-actionpack\", rpm:\"rubygem-actionpack~3.0.10~2.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2019-05-29T18:38:52", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4319", "CVE-2011-2197"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2012-02-01T00:00:00", "id": "OPENVAS:1361412562310863709", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863709", "type": "openvas", "title": "Fedora Update for rubygem-actionpack FEDORA-2012-0626", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for rubygem-actionpack FEDORA-2012-0626\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-January/072464.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863709\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-02-01 11:33:41 +0530 (Wed, 01 Feb 2012)\");\n script_cve_id(\"CVE-2011-4319\", \"CVE-2011-2197\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_xref(name:\"FEDORA\", value:\"2012-0626\");\n script_name(\"Fedora Update for rubygem-actionpack FEDORA-2012-0626\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'rubygem-actionpack'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC15\");\n script_tag(name:\"affected\", value:\"rubygem-actionpack on Fedora 15\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"rubygem-actionpack\", rpm:\"rubygem-actionpack~3.0.5~5.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2018-01-06T13:07:35", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4319", "CVE-2011-2197"], "description": "Check for the Version of rubygem-actionpack", "modified": "2018-01-04T00:00:00", "published": "2012-02-01T00:00:00", "id": "OPENVAS:863709", "href": "http://plugins.openvas.org/nasl.php?oid=863709", "type": "openvas", "title": "Fedora Update for rubygem-actionpack FEDORA-2012-0626", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for rubygem-actionpack FEDORA-2012-0626\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"rubygem-actionpack on Fedora 15\";\ntag_insight = \"Eases web-request routing, handling, and response as a half-way front,\n half-way page controller. Implemented with specific emphasis on enabling easy\n unit/integration testing that doesn't require a browser.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-January/072464.html\");\n script_id(863709);\n script_version(\"$Revision: 8285 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-04 07:29:16 +0100 (Thu, 04 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-02-01 11:33:41 +0530 (Wed, 01 Feb 2012)\");\n script_cve_id(\"CVE-2011-4319\", \"CVE-2011-2197\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_xref(name: \"FEDORA\", value: \"2012-0626\");\n script_name(\"Fedora Update for rubygem-actionpack FEDORA-2012-0626\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of rubygem-actionpack\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"rubygem-actionpack\", rpm:\"rubygem-actionpack~3.0.5~5.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2019-05-29T18:38:31", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-1099", "CVE-2011-4319", "CVE-2012-1098"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2012-03-19T00:00:00", "id": "OPENVAS:1361412562310863810", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863810", "type": "openvas", "title": "Fedora Update for rubygem-actionpack FEDORA-2012-3321", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for rubygem-actionpack FEDORA-2012-3321\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-March/075676.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863810\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-03-19 12:19:11 +0530 (Mon, 19 Mar 2012)\");\n script_cve_id(\"CVE-2012-1098\", \"CVE-2012-1099\", \"CVE-2011-4319\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_xref(name:\"FEDORA\", value:\"2012-3321\");\n script_name(\"Fedora Update for rubygem-actionpack FEDORA-2012-3321\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'rubygem-actionpack'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC16\");\n script_tag(name:\"affected\", value:\"rubygem-actionpack on Fedora 16\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"rubygem-actionpack\", rpm:\"rubygem-actionpack~3.0.10~3.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2018-01-02T10:56:21", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-1099", "CVE-2011-4319", "CVE-2011-2197"], "description": "Check for the Version of rubygem-actionpack", "modified": "2017-12-29T00:00:00", "published": "2012-04-02T00:00:00", "id": "OPENVAS:864039", "href": "http://plugins.openvas.org/nasl.php?oid=864039", "type": "openvas", "title": "Fedora Update for rubygem-actionpack FEDORA-2012-3355", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for rubygem-actionpack FEDORA-2012-3355\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"rubygem-actionpack on Fedora 15\";\ntag_insight = \"Eases web-request routing, handling, and response as a half-way front,\n half-way page controller. Implemented with specific emphasis on enabling easy\n unit/integration testing that doesn't require a browser.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-March/075740.html\");\n script_id(864039);\n script_version(\"$Revision: 8257 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-29 07:29:46 +0100 (Fri, 29 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-02 13:04:22 +0530 (Mon, 02 Apr 2012)\");\n script_cve_id(\"CVE-2012-1099\", \"CVE-2011-4319\", \"CVE-2011-2197\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_xref(name: \"FEDORA\", value: \"2012-3355\");\n script_name(\"Fedora Update for rubygem-actionpack FEDORA-2012-3355\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of rubygem-actionpack\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"rubygem-actionpack\", rpm:\"rubygem-actionpack~3.0.5~6.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2019-05-29T18:39:12", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-1099", "CVE-2011-4319", "CVE-2011-2197"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2012-04-02T00:00:00", "id": "OPENVAS:1361412562310864039", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310864039", "type": "openvas", "title": "Fedora Update for rubygem-actionpack FEDORA-2012-3355", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for rubygem-actionpack FEDORA-2012-3355\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-March/075740.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.864039\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-02 13:04:22 +0530 (Mon, 02 Apr 2012)\");\n script_cve_id(\"CVE-2012-1099\", \"CVE-2011-4319\", \"CVE-2011-2197\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_xref(name:\"FEDORA\", value:\"2012-3355\");\n script_name(\"Fedora Update for rubygem-actionpack FEDORA-2012-3355\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'rubygem-actionpack'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC15\");\n script_tag(name:\"affected\", value:\"rubygem-actionpack on Fedora 15\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"rubygem-actionpack\", rpm:\"rubygem-actionpack~3.0.5~6.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2018-01-18T11:06:57", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-1099", "CVE-2011-4319", "CVE-2012-1098"], "description": "Check for the Version of rubygem-actionpack", "modified": "2018-01-17T00:00:00", "published": "2012-03-19T00:00:00", "id": "OPENVAS:863810", "href": "http://plugins.openvas.org/nasl.php?oid=863810", "type": "openvas", "title": "Fedora Update for rubygem-actionpack FEDORA-2012-3321", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for rubygem-actionpack FEDORA-2012-3321\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"rubygem-actionpack on Fedora 16\";\ntag_insight = \"Eases web-request routing, handling, and response as a half-way front,\n half-way page controller. Implemented with specific emphasis on enabling easy\n unit/integration testing that doesn't require a browser.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-March/075676.html\");\n script_id(863810);\n script_version(\"$Revision: 8448 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-17 17:18:06 +0100 (Wed, 17 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-03-19 12:19:11 +0530 (Mon, 19 Mar 2012)\");\n script_cve_id(\"CVE-2012-1098\", \"CVE-2012-1099\", \"CVE-2011-4319\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_xref(name: \"FEDORA\", value: \"2012-3321\");\n script_name(\"Fedora Update for rubygem-actionpack FEDORA-2012-3321\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of rubygem-actionpack\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"rubygem-actionpack\", rpm:\"rubygem-actionpack~3.0.10~3.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-01-08T12:56:41", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-1099", "CVE-2011-4319", "CVE-2011-2197", "CVE-2012-2660"], "description": "Check for the Version of rubygem-actionpack", "modified": "2018-01-08T00:00:00", "published": "2012-06-19T00:00:00", "id": "OPENVAS:864461", "href": "http://plugins.openvas.org/nasl.php?oid=864461", "type": "openvas", "title": "Fedora Update for rubygem-actionpack FEDORA-2012-8912", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for rubygem-actionpack FEDORA-2012-8912\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"rubygem-actionpack on Fedora 15\";\ntag_insight = \"Eases web-request routing, handling, and response as a half-way front,\n half-way page controller. Implemented with specific emphasis on enabling easy\n unit/integration testing that doesn't require a browser.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082316.html\");\n script_id(864461);\n script_version(\"$Revision: 8313 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-08 08:02:11 +0100 (Mon, 08 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-06-19 09:37:33 +0530 (Tue, 19 Jun 2012)\");\n script_cve_id(\"CVE-2012-2660\", \"CVE-2012-1099\", \"CVE-2011-4319\", \"CVE-2011-2197\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_xref(name: \"FEDORA\", value: \"2012-8912\");\n script_name(\"Fedora Update for rubygem-actionpack FEDORA-2012-8912\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of rubygem-actionpack\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"rubygem-actionpack\", rpm:\"rubygem-actionpack~3.0.5~8.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}, {"lastseen": "2019-05-29T18:38:43", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-1099", "CVE-2011-4319", "CVE-2011-2197", "CVE-2012-2660"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2012-06-19T00:00:00", "id": "OPENVAS:1361412562310864461", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310864461", "type": "openvas", "title": "Fedora Update for rubygem-actionpack FEDORA-2012-8912", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for rubygem-actionpack FEDORA-2012-8912\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082316.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.864461\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-06-19 09:37:33 +0530 (Tue, 19 Jun 2012)\");\n script_cve_id(\"CVE-2012-2660\", \"CVE-2012-1099\", \"CVE-2011-4319\", \"CVE-2011-2197\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_xref(name:\"FEDORA\", value:\"2012-8912\");\n script_name(\"Fedora Update for rubygem-actionpack FEDORA-2012-8912\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'rubygem-actionpack'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC15\");\n script_tag(name:\"affected\", value:\"rubygem-actionpack on Fedora 15\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"rubygem-actionpack\", rpm:\"rubygem-actionpack~3.0.5~8.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2018-01-06T13:06:21", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-1099", "CVE-2011-4319", "CVE-2012-2660", "CVE-2012-1098"], "description": "Check for the Version of rubygem-actionpack", "modified": "2018-01-04T00:00:00", "published": "2012-06-15T00:00:00", "id": "OPENVAS:864444", "href": "http://plugins.openvas.org/nasl.php?oid=864444", "type": "openvas", "title": "Fedora Update for rubygem-actionpack FEDORA-2012-8883", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for rubygem-actionpack FEDORA-2012-8883\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"rubygem-actionpack on Fedora 16\";\ntag_insight = \"Eases web-request routing, handling, and response as a half-way front,\n half-way page controller. Implemented with specific emphasis on enabling easy\n unit/integration testing that doesn't require a browser.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082226.html\");\n script_id(864444);\n script_version(\"$Revision: 8285 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-04 07:29:16 +0100 (Thu, 04 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-06-15 09:44:08 +0530 (Fri, 15 Jun 2012)\");\n script_cve_id(\"CVE-2012-2660\", \"CVE-2012-1098\", \"CVE-2012-1099\", \"CVE-2011-4319\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_xref(name: \"FEDORA\", value: \"2012-8883\");\n script_name(\"Fedora Update for rubygem-actionpack FEDORA-2012-8883\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of rubygem-actionpack\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"rubygem-actionpack\", rpm:\"rubygem-actionpack~3.0.10~6.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}], "github": [{"lastseen": "2020-03-10T23:26:17", "bulletinFamily": "software", "cvelist": ["CVE-2011-4319"], "description": "Cross-site scripting (XSS) vulnerability in the i18n translations helper method in Ruby on Rails 3.0.x before 3.0.11 and 3.1.x before 3.1.2, and the rails_xss plugin in Ruby on Rails 2.3.x, allows remote attackers to inject arbitrary web script or HTML via vectors related to a translations string whose name ends with an \"html\" substring.", "edition": 2, "modified": "2019-07-03T21:02:00", "published": "2017-10-24T18:33:38", "id": "GHSA-XXR8-833V-C7WC", "href": "https://github.com/advisories/GHSA-xxr8-833v-c7wc", "title": "Moderate severity vulnerability that affects rails", "type": "github", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "fedora": [{"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4319"], "description": "Eases web-request routing, handling, and response as a half-way front, half-way page controller. Implemented with specific emphasis on enabling ea sy unit/integration testing that doesn't require a browser. ", "modified": "2012-01-25T22:34:25", "published": "2012-01-25T22:34:25", "id": "FEDORA:48F8B200DF", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 16 Update: rubygem-actionpack-3.0.10-2.fc16", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2011-2197", "CVE-2011-4319"], "description": "Eases web-request routing, handling, and response as a half-way front, half-way page controller. Implemented with specific emphasis on enabling ea sy unit/integration testing that doesn't require a browser. ", "modified": "2012-01-25T22:34:43", "published": "2012-01-25T22:34:43", "id": "FEDORA:AFC4820E15", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 15 Update: rubygem-actionpack-3.0.5-5.fc15", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2011-2197", "CVE-2011-4319", "CVE-2012-1099"], "description": "Eases web-request routing, handling, and response as a half-way front, half-way page controller. Implemented with specific emphasis on enabling ea sy unit/integration testing that doesn't require a browser. ", "modified": "2012-03-17T23:51:39", "published": "2012-03-17T23:51:39", "id": "FEDORA:CC91B21827", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 15 Update: rubygem-actionpack-3.0.5-6.fc15", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4319", "CVE-2012-1098", "CVE-2012-1099"], "description": "Eases web-request routing, handling, and response as a half-way front, half-way page controller. Implemented with specific emphasis on enabling ea sy unit/integration testing that doesn't require a browser. ", "modified": "2012-03-17T23:41:07", "published": "2012-03-17T23:41:07", "id": "FEDORA:79C4F20EDE", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 16 Update: rubygem-actionpack-3.0.10-3.fc16", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-12-21T08:17:51", "bulletinFamily": "unix", "cvelist": ["CVE-2011-2197", "CVE-2011-4319", "CVE-2012-1099", "CVE-2012-2660"], "description": "Eases web-request routing, handling, and response as a half-way front, half-way page controller. Implemented with specific emphasis on enabling ea sy unit/integration testing that doesn't require a browser. ", "modified": "2012-06-15T12:33:31", "published": "2012-06-15T12:33:31", "id": "FEDORA:B5E2821466", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 15 Update: rubygem-actionpack-3.0.5-8.fc15", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2020-12-21T08:17:51", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4319", "CVE-2012-1098", "CVE-2012-1099", "CVE-2012-2660"], "description": "Eases web-request routing, handling, and response as a half-way front, half-way page controller. Implemented with specific emphasis on enabling ea sy unit/integration testing that doesn't require a browser. ", "modified": "2012-06-15T00:29:09", "published": "2012-06-15T00:29:09", "id": "FEDORA:1946120C02", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 16 Update: rubygem-actionpack-3.0.10-6.fc16", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2020-12-21T08:17:51", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4319", "CVE-2012-1098", "CVE-2012-1099", "CVE-2012-2660", "CVE-2012-2694"], "description": "Eases web-request routing, handling, and response as a half-way front, half-way page controller. Implemented with specific emphasis on enabling ea sy unit/integration testing that doesn't require a browser. ", "modified": "2012-06-30T08:26:22", "published": "2012-06-30T08:26:22", "id": "FEDORA:4559220F4C", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 16 Update: rubygem-actionpack-3.0.10-7.fc16", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2020-12-21T08:17:51", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4319", "CVE-2012-1098", "CVE-2012-1099", "CVE-2012-2660", "CVE-2012-2694", "CVE-2012-3424"], "description": "Eases web-request routing, handling, and response as a half-way front, half-way page controller. Implemented with specific emphasis on enabling ea sy unit/integration testing that doesn't require a browser. ", "modified": "2012-08-09T23:26:17", "published": "2012-08-09T23:26:17", "id": "FEDORA:8AEB121931", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 16 Update: rubygem-actionpack-3.0.10-8.fc16", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2020-12-21T08:17:51", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4319", "CVE-2012-1098", "CVE-2012-1099", "CVE-2012-2660", "CVE-2012-2694", "CVE-2012-3424", "CVE-2012-3463", "CVE-2012-3464", "CVE-2012-3465"], "description": "Eases web-request routing, handling, and response as a half-way front, half-way page controller. Implemented with specific emphasis on enabling ea sy unit/integration testing that doesn't require a browser. ", "modified": "2012-08-22T20:58:55", "published": "2012-08-22T20:58:55", "id": "FEDORA:68E0120EF2", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 16 Update: rubygem-actionpack-3.0.10-9.fc16", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2020-12-21T08:17:51", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4319", "CVE-2012-1098", "CVE-2012-1099", "CVE-2012-2660", "CVE-2012-2694", "CVE-2012-3424", "CVE-2012-3463", "CVE-2012-3464", "CVE-2012-3465", "CVE-2013-0155", "CVE-2013-0156"], "description": "Eases web-request routing, handling, and response as a half-way front, half-way page controller. Implemented with specific emphasis on enabling ea sy unit/integration testing that doesn't require a browser. ", "modified": "2013-01-23T01:34:00", "published": "2013-01-23T01:34:00", "id": "FEDORA:0132C20F1D", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 16 Update: rubygem-actionpack-3.0.10-10.fc16", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}]}