12 matches found
[SECURITY] [DSA 2783-2] librack-ruby regression update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - -------------------------------------------------------------------------- Debian Security Advisory DSA-2783-2 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso October 24, 2013 http://www.debian.org/security/faq -...
[SECURITY] [DSA 2783-2] librack-ruby regression update
-------------------------------------------------------------------------- Debian Security Advisory DSA-2783-2 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso October 24, 2013 http://www.debian.org/security/faq -...
Debian DSA-2783-1 : librack-ruby - several vulnerabilities
Several vulnerabilities were discovered in Rack, a modular Ruby webserver interface. The Common Vulnerabilites and Exposures project identifies the following vulnerabilities : - CVE-2011-5036 Rack computes hash values for form parameters without restricting the ability to trigger hash collisions...
[SECURITY] [DSA 2783-1] librack-ruby security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2783-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst October 21, 2013 http://www.debian.org/security/faq -...
Debian Security Advisory DSA 2783-1 (librack-ruby - several vulnerabilities)
Several vulnerabilities were discovered in Rack, a modular Ruby webserver interface. The Common Vulnerabilities and Exposures project identifies the following vulnerabilities: CVE-2011-5036 Rack computes hash values for form parameters without restricting the ability to trigger hash collisions...
Fedora Update for rubygem-rack FEDORA-2013-0896
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
GLSA-201203-05 : Rack: Denial of Service
The remote host is affected by the vulnerability described in GLSA-201203-05 Rack: Denial of Service Rack does not properly randomize hash functions to protect against hash collision attacks. Impact : A remote attacker could send a specially crafted form post, possibly resulting in a Denial of...
FreeBSD Ports: jruby
The remote host is missing an update to the system as announced in the referenced advisory. VID 91be81e7-3fea-11e1-afc7-2c4138874f7d OpenVAS Vulnerability Test $ Description: Auto generated from VID 91be81e7-3fea-11e1-afc7-2c4138874f7d Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...
FreeBSD Ports: jruby
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2012 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Fedora Update for rubygem-rack FEDORA-2012-0233
Check for the Version of rubygem-rack OpenVAS Vulnerability Test Fedora Update for rubygem-rack FEDORA-2012-0233 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...
Fedora Update for rubygem-rack FEDORA-2012-0233
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
CVE-2011-5036
Rack before 1.1.3, 1.2.x before 1.2.5, and 1.3.x before 1.3.6 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service CPU consumption by sending many crafted parameters...