24 matches found
Debian: Security Advisory (DSA-2260-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian Security Advisory DSA 2301-2 (rails)
The remote host is missing an update to rails announced via advisory DSA 2301-2. OpenVAS Vulnerability Test $Id: deb23012.nasl 6612 2017-07-07 12:08:03Z cfischer $ Description: Auto-generated from advisory DSA 2301-2 rails Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...
[SECURITY] [DSA 2301-2] rails regression
------------------------------------------------------------------------- Debian Security Advisory DSA-2392-1 [email protected] http://www.debian.org/security/ January 23, 2012 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package...
Debian: Security Advisory (DSA-2301-2)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DSA 2301-1] rails security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2301-1 [email protected] http://www.debian.org/security/ Luciano Bello September 5, 2011 http://www.debian.org/security/faq -...
DSA-2301-1 rails - several
Bulletin has no description...
Debian DSA-2260-1 : rails - several vulnerabilities
Two vulnerabilities were discovered in Ruby on Rails, a web application framework. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2009-3086 The cookie store may be vulnerable to a timing attack, potentially allowing remote attackers to forge message...
[SECURITY] [DSA 2259-1] rails security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2260-1 [email protected] http://www.debian.org/security/ Florian Weimer June 14, 2011 http://www.debian.org/security/faq -...
openSUSE Security Update : rubygem-actionpack-2_3 (rubygem-actionpack-2_3-1934)
This update of rubygems fixes two vulnerabilities : - CVE-2008-7248: CVSS v2 Base Score: 4.3 Rails CSRF protection can be bypassed by using special content-types for a HTTP request. - CVE-2009-4214: CVSS v2 Base Score: 4.3 The method striptags does not completely protect against XSS attacks...
openSUSE Security Update : rubygem-actionpack (rubygem-actionpack-1946)
This update of rubygems fixes two vulnerabilities : - CVE-2008-7248: CVSS v2 Base Score: 4.3 Rails CSRF protection can be bypassed by using special content-types for a HTTP request. - CVE-2009-4214: CVSS v2 Base Score: 4.3 The method striptags does not completely protect against XSS attacks...
openSUSE Security Update : rubygem-actionpack (rubygem-actionpack-1946)
This update of rubygems fixes two vulnerabilities : - CVE-2008-7248: CVSS v2 Base Score: 4.3 Rails CSRF protection can be bypassed by using special content-types for a HTTP request. - CVE-2009-4214: CVSS v2 Base Score: 4.3 The method striptags does not completely protect against XSS attacks...
Gentoo Security Advisory GLSA 200912-02 (rails)
The remote host is missing updates announced in advisory GLSA 200912-02. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
Fedora Core 12 FEDORA-2009-13393 (rubygem-actionpack)
The remote host is missing an update to rubygem-actionpack announced via advisory FEDORA-2009-13393. OpenVAS Vulnerability Test $Id: fcore200913393.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-13393 rubygem-actionpack Authors: Thomas Reinke...
Fedora Core 12 FEDORA-2009-13393 (rubygem-actionpack)
The remote host is missing an update to rubygem-actionpack announced via advisory FEDORA-2009-13393. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are...
Fedora Core 11 FEDORA-2009-13361 (rubygem-actionpack)
The remote host is missing an update to rubygem-actionpack announced via advisory FEDORA-2009-13361. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are...
Fedora 11 : rubygem-actionpack-2.3.2-4.fc11 (2009-13361)
Fix CVE-2009-4214 bz 542786 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C...
Fedora 12 : rubygem-actionpack-2.3.4-3.fc12 (2009-13393)
Fix CVE-2009-4214 bz 542786 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C...
Fedora Core 10 FEDORA-2009-12966 (rubygem-actionpack)
The remote host is missing an update to rubygem-actionpack announced via advisory FEDORA-2009-12966. OpenVAS Vulnerability Test $Id: fcore200912966.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-12966 rubygem-actionpack Authors: Thomas Reinke...
Fedora Core 10 FEDORA-2009-12966 (rubygem-actionpack)
The remote host is missing an update to rubygem-actionpack announced via advisory FEDORA-2009-12966. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are...
Fedora 10 : rubygem-actionpack-2.1.1-5.fc10 (2009-12966)
Two security issues are found on activepack shipped on Fedora 10. One bug is that there is a weakness in the striptags function in ruby on rails bug 542786, CVE-2009-4214. Another one is a possibility to circumvent protection against cross-site request forgery CSRF attacks bug 544329. This new rp...