Lucene search
K

5 matches found

OpenVAS
OpenVAS
added 2010/05/12 12:0 a.m.272 views

Mac OS X Security Update 2007-009

The remote host is missing Security Update 2007-009. One or more of the following components are affected: Address Book CFNetwork ColorSync Core Foundation CUPS Desktop Services Flash Player Plug-in GNU Tar iChat IO Storage Family Launch Services Mail perl python Quick Look ruby Safari Safari RSS...

10CVSS8.6AI score0.70386EPSS
Exploits24
OpenVAS
OpenVAS
added 2009/12/30 12:0 a.m.62 views

Gentoo Security Advisory GLSA 200912-02 (rails)

The remote host is missing updates announced in advisory GLSA 200912-02. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

7.5CVSS0.7AI score0.0808EPSS
Exploits5
FreeBSD
FreeBSD
added 2007/11/24 12:0 a.m.39 views

rubygem-rails -- session-fixation vulnerability

Rails core team reports: The rails core team has released ruby on rails 1.2.6 to address a bug in the fix for session fixation attacks CVE-2007-5380. The CVE Identifier for this new issue is CVE-2007-6077...

6.8CVSS6.4AI score0.03576EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2007/11/21 9:46 p.m.26 views

CVE-2007-6077

The session fixation protection mechanism in cgiprocess.rb in Rails 1.2.4, as used in Ruby on Rails, removes the :cookieonly attribute from the DEFAULTSESSIONOPTIONS constant, which effectively causes cookieonly to be applied only to the first instantiation of CgiRequest, which allows remote...

6.8CVSS5.9AI score0.02512EPSS
Exploits0References3
CVE
CVE
added 2007/11/21 9:0 p.m.106 views

CVE-2007-6077

The CVE-2007-6077 issue affects Ruby on Rails (Rails 1.2.4) in the session handling code: the session fixation protection in cgi_process.rb removes the :cookie_only attribute from DEFAULT_SESSION_OPTIONS, causing cookie_only to apply only to the first CgiRequest instance. This enables remote atta...

6.8CVSS9.5AI score0.02512EPSS
Exploits0References11Affected Software1
Rows per page
Query Builder