Lucene search
RubySecRUBY:PARATROOPER-PINGDOM-2014-1233-101847HistoryDec 25, 2013 - 8:00 p.m.
paratrooper-pingdom Gem for Ruby /lib/paratrooper-pingdom.rb API Login Credentials Local Disclosure
2013-12-2520:00:00
RubySec
nvd.nist.gov
21
CVSS2
2.1
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
paratrooper-pingdom Gem for Ruby contains a flaw in
/lib/paratrooper-pingdom.rb. The issue is triggered when the script exposes
API login credentials, allowing a local attacker to gain access to the API
key, username, and password for the API login by monitoring the process tree.
References
Related
nvd
nvd
CVE-2014-1233
2014-01-10 12:02:51
cvelist
cvelist
CVE-2014-1233
2014-01-10 11:00:00
prion
prion
Default credentials
2014-01-10 12:02:00
github
github
Local API Login Credentials Disclosure in paratrooper-pingdom
2017-10-24 18:33:36
osv
osv
Local API Login Credentials Disclosure in paratrooper-pingdom
2017-10-24 18:33:36
cve
cve
CVE-2014-1233
2014-01-10 12:02:51
CVSS2
2.1
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
Related for RUBY:PARATROOPER-PINGDOM-2014-1233-101847