Lucene search
K

7 matches found

CVE
CVE
added 2024/02/23 6:55 p.m.15 views

CAN-2004-0755

CVE-2004-0755 relates to Ruby CGI::Session's FileStore creating session files with insecure permissions, potentially allowing session information leakage. The JVN entry describes the issue, noting improper file permissions in CGI::Session FileStore. Fedo ra advisories mention a security fix and p...

7.5AI score0.00364EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2004/11/09 12:0 a.m.23 views

Mandrake Linux Security Advisory : ruby (MDKSA-2004:128)

Andres Salomon noticed a problem with the CGI session management in Ruby. The CGI:Session's FileStore implementations store session information in an insecure manner by just creating files and ignoring permission issues CVE-2004-0755. The ruby developers have corrected a problem in the ruby CGI...

5CVSS7.3AI score0.01898EPSS
Exploits0References2
NVD
NVD
added 2004/10/20 4:0 a.m.15 views

CVE-2004-0755

The FileStore capability in CGI::Session for Ruby before 1.8.1, and possibly PStore, creates files with insecure permissions, which can allow local users to steal session information and hijack sessions...

2.1CVSS5.9AI score0.00364EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2004/10/20 4:0 a.m.14 views

CVE-2004-0755

The FileStore capability in CGI::Session for Ruby before 1.8.1, and possibly PStore, creates files with insecure permissions, which can allow local users to steal session information and hijack sessions...

2.1CVSS7.1AI score0.00364EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2004/10/15 12:0 a.m.21 views

Fedora Core 2 : ruby-1.8.1-6 (2004-264)

Thu Aug 19 2004 Akira TAGOH 1.8.1-6 - security fix CVE-2004-0755 - ruby-1.8.1-cgisessionperms.patch: sets the permission of the session data file to 0600. 130063 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable...

2.1CVSS7.2AI score0.00364EPSS
Exploits0References1
CVE
CVE
added 2004/08/19 4:0 a.m.69 views

CVE-2004-0755

The CVE concerns Ruby CGI::Session FileStore creating session files with insecure permissions, enabling local users to read session data and hijack sessions. Technical details across connected docs confirm: FileStore writes session files with improper permissions, enabling a local information lea...

2.1CVSS5.8AI score0.00364EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2004/08/19 4:0 a.m.24 views

CVE-2004-0755

The FileStore capability in CGI::Session for Ruby before 1.8.1, and possibly PStore, creates files with insecure permissions, which can allow local users to steal session information and hijack sessions...

5.8AI score0.00364EPSS
Exploits0References6
Rows per page
Query Builder