Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2013 Greenbone AGOPENVAS:1361412562310864987
HistoryJan 15, 2013 - 12:00 a.m.

Fedora Update for rubygem-activerecord FEDORA-2013-0244

2013-01-1500:00:00
Copyright (C) 2013 Greenbone AG
plugins.openvas.org
12

6.7 Medium

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.177 Low

EPSS

Percentile

96.1%

JSON

The remote host is missing an update for the

# SPDX-FileCopyrightText: 2013 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

if(description)
{
  script_xref(name:"URL", value:"http://lists.fedoraproject.org/pipermail/package-announce/2013-January/096787.html");
  script_oid("1.3.6.1.4.1.25623.1.0.864987");
  script_version("2023-06-22T10:34:14+0000");
  script_tag(name:"last_modification", value:"2023-06-22 10:34:14 +0000 (Thu, 22 Jun 2023)");
  script_tag(name:"creation_date", value:"2013-01-15 18:05:36 +0530 (Tue, 15 Jan 2013)");
  script_cve_id("CVE-2012-6496", "CVE-2012-2695", "CVE-2012-2661");
  script_tag(name:"cvss_base", value:"7.5");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_xref(name:"FEDORA", value:"2013-0244");
  script_name("Fedora Update for rubygem-activerecord FEDORA-2013-0244");
  script_tag(name:"summary", value:"The remote host is missing an update for the 'rubygem-activerecord'
  package(s) announced via the referenced advisory.");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2013 Greenbone AG");
  script_family("Fedora Local Security Checks");
  script_dependencies("gather-package-list.nasl");
  script_mandatory_keys("ssh/login/fedora", "ssh/login/rpms", re:"ssh/login/release=FC16");
  script_tag(name:"affected", value:"rubygem-activerecord on Fedora 16");
  script_tag(name:"solution", value:"Please install the updated package(s).");
  script_tag(name:"qod_type", value:"package");
  script_tag(name:"solution_type", value:"VendorFix");

  exit(0);
}

include("revisions-lib.inc");
include("pkg-lib-rpm.inc");

release = rpm_get_ssh_release();
if(!release)
  exit(0);

res = "";

if(release == "FC16")
{

  if ((res = isrpmvuln(pkg:"rubygem-activerecord", rpm:"rubygem-activerecord~3.0.10~4.fc16", rls:"FC16")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if (__pkg_match) exit(99);
  exit(0);
}

Related

openvas 36
fedora 13
osv 4
debiancve 3
cve 5
github 4
nessus 20
ubuntucve 3
prion 4
gitlab 3
rubygems 2
suse 7
seebug 3
gentoo 1
veracode 6
checkpoint_advisories 1
redhat 3
freebsd 1
ibm 1
securityvulns 1
openvas
openvas
Fedora Update for rubygem-activerecord FEDORA-2013-0245
2013-01-15 00:00:00
Fedora Update for rubygem-activerecord FEDORA-2013-0244
2013-01-15 00:00:00
Fedora Update for rubygem-activerecord FEDORA-2013-0245
2013-01-15 00:00:00
fedora
fedora
[SECURITY] Fedora 16 Update: rubygem-activerecord-3.0.10-4.fc16
2013-01-15 02:22:33
[SECURITY] Fedora 17 Update: rubygem-activerecord-3.0.11-4.fc17
2013-01-15 02:31:35
[SECURITY] Fedora 17 Update: rubygem-activerecord-3.0.11-3.fc17
2012-06-30 08:27:28
osv
osv
activerecord vulnerable to SQL Injection
2017-10-24 18:33:38
Active Record vulnerable to SQL Injection via nested query parameters
2017-10-24 18:33:38
Active Record contains SQL Injection
2017-10-24 18:33:37
debiancve
debiancve
CVE-2012-2661
2012-06-22 14:55:00
CVE-2012-6496
2013-01-04 04:46:00
CVE-2012-6497
2013-01-04 04:46:00
cve
cve
CVE-2012-2661
2012-06-22 14:55:00
CVE-2012-2695
2012-06-22 14:55:00
CVE-2012-6496
2013-01-04 04:46:00
github
github
Active Record vulnerable to SQL Injection via nested query parameters
2017-10-24 18:33:38
activerecord vulnerable to SQL Injection
2017-10-24 18:33:38
Active Record contains SQL Injection
2017-10-24 18:33:37
nessus
nessus
Fedora 16 : rubygem-activerecord-3.0.10-3.fc16 (2012-9639)
2012-07-01 00:00:00
Fedora 17 : rubygem-activerecord-3.0.11-3.fc17 (2012-9635)
2012-07-01 00:00:00
openSUSE Security Update : rubygem-actionmailer-3_2 / rubygem-actionpack-3_2 / rubygem-activemodel-3_2 / etc (openSUSE-SU-2012:1066-1)
2014-06-13 00:00:00
ubuntucve
ubuntucve
CVE-2012-2695
2012-06-22 00:00:00
CVE-2012-2661
2012-06-22 00:00:00
CVE-2012-6496
2013-01-04 00:00:00
prion
prion
Sql injection
2012-06-22 14:55:00
Sql injection
2012-06-22 14:55:00
Sql injection
2013-01-04 04:46:00
gitlab
gitlab
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
2017-10-24 00:00:00
Ruby on Rails find_by_* Methods Authlogic SQL Injection Bypass
2013-01-03 00:00:00
SQL injection vulnerability in Active Record
2012-06-22 00:00:00
rubygems
rubygems
CVE-2012-2661 rubygem-activerecord: SQL injection when processing nested query paramaters
2012-05-30 20:00:00
SQL Injection Vulnerability in Ruby on Rails
2017-10-23 21:00:00
suse
suse
Security update for rubygem-actionpack (important)
2012-08-21 19:08:38
Security update for rubygem-activerecord (important)
2012-08-21 20:08:28
Security update for rubygem-activerecord (important)
2012-08-21 19:08:36
seebug
seebug
Ruby on Rails Active Record组件SQL注入漏洞(CVE-2012-6496)
2013-01-05 00:00:00
SQL Injection Vulnerability in Ruby on Rails
2012-06-01 00:00:00
Ruby on Rails嵌套参数SQL注入漏洞
2012-06-16 00:00:00
gentoo
gentoo
Active Record: SQL injection
2014-01-21 00:00:00
veracode
veracode
SQL Command Injection
2019-01-15 08:53:39
Arbitrary File Overwrite
2019-05-02 04:52:24
Carriage Return And Line Feed (CRLF) Injection
2019-05-02 04:52:21
checkpoint_advisories
checkpoint_advisories
Ruby on Rails Hash SQL Injection (CVE-2012-2695)
2012-10-14 00:00:00
redhat
redhat
(RHSA-2013:0154) Critical: Ruby on Rails security update
2013-01-10 20:37:00
(RHSA-2013:0582) Moderate: Red Hat OpenShift Enterprise 1.1.1 update
2013-02-28 00:00:00
(RHSA-2013:0220) Important: Red Hat OpenShift Enterprise 1.1 update
2013-01-31 00:00:00
freebsd
freebsd
rubygem-activerecord -- multiple vulnerabilities
2012-05-31 00:00:00
ibm
ibm
Security Bulletin: IBM Security Network Intrusion Prevention System can be affected by vulnerabilities in Ruby on Rails (CVE-2012-2660, CVE-2012-2694, CVE-2013-0156, CVE-2012-6496, CVE-2012-3424, and CVE-2012-2695)
2021-01-25 20:13:51
securityvulns
securityvulns
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
2013-01-10 00:00:00

6.7 Medium

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.177 Low

EPSS

Percentile

96.1%

JSON
Related for OPENVAS:1361412562310864987
openvas36fedora13osv4debiancve3cve5github4nessus20ubuntucve3prion4gitlab3rubygems2suse7seebug3gentoo1veracode6checkpoint_advisories1redhat3freebsd1ibm1securityvulns1