Moderate: Red Hat Security Advisory: ruby193-ruby, rubygem-json and rubygem-rdoc security update

Updated ruby193-ruby, rubygem-json and rubygem-rdoc packages that fix two security issues are now available for Red Hat OpenShift Enterprise 1.1.3. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores,...

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS darkfish.js in RDoc 2.3.0 through 3.12 and 4.x before 4.0.0.preview2.1, as used in Ruby, does not properly generate documents, which allows remote attackers to conduct cross-site scripting XSS attacks via a...

DSA-2609-1 rails - SQL query manipulation

Bulletin has no description...

Fedora Update for xchat-ruby FEDORA-2012-1334

Check for the Version of xchat-ruby OpenVAS Vulnerability Test Fedora Update for xchat-ruby FEDORA-2012-1334 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...

Fedora Update for xchat-ruby FEDORA-2012-1325

Check for the Version of xchat-ruby OpenVAS Vulnerability Test Fedora Update for xchat-ruby FEDORA-2012-1325 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...

[SECURITY] Fedora 15 Update: xchat-ruby-1.2-11.fc15

For those of us that prefer the Ruby programming language above all others, the XChat-Ruby Plugin now allows X-Chat plugins to be written in Ruby, in addition to the other supported scripting interfaces. This means that, for the first time, you can use a purely object-oriented language in which t...

[SECURITY] Fedora 16 Update: xchat-ruby-1.2-11.fc16

For those of us that prefer the Ruby programming language above all others, the XChat-Ruby Plugin now allows X-Chat plugins to be written in Ruby, in addition to the other supported scripting interfaces. This means that, for the first time, you can use a purely object-oriented language in which t...

Ruby 1.9 - regex engine Remote Socket Memory Leak

------------------------------------------------------- Language : Ruby Web Site: www.ruby-lang.org Platform: All Bug: Remote Socket Memory Leak Products Affected: 1.8 series: - 1.8.5 and all prior versions - 1.8.6-p286 and all prior versions - 1.8.7-p71 and all prior versions 1.9 series - r18423...

lovecms-update.txt

!/usr/bin/ruby Exploit by PoMdaPiMp! --------------------- pomdapimpatgmaildotcom LoveCMS Exploit Series Episode 3: changing site settings ... Description: Simply change the site settings ! Usage: ./LoveCMS3settings.rb Ex: ./LoveCMS2themes.rb http://site.com/lovecms/ Tested on: lovecms1.6.2final...

[SECURITY] [DSA 1410-1] New ruby1.8 packages fix insecure SSL certificate validation

------------------------------------------------------------------------ Debian Security Advisory DSA-1410-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff November 24, 2007 http://www.debian.org/security/faq -...

CVE-2005-1992

Overview The XMLRPC server in utils.rb for the ruby library libruby 1.8 sets an invalid default value that prevents "security protection" using handlers, which allows remote attackers to execute arbitrary commands. Remediation There is no fixed version for ruby. References - Blade.nagaokaut.ac.jp...