Lucene search
K

35 matches found

OpenVAS
OpenVAS
added 2015/09/08 12:0 a.m.29 views

Amazon Linux: Security Advisory (ALAS-2012-139)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS7AI score0.02619EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.36 views

openSUSE Security Update : ruby / ruby19 (openSUSE-SU-2012:1443-1)

This update of ruby fixed multiple SAFE level bypass flaws. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2012-763. The text description of this plugin is C SUSE LLC...

5CVSS7.7AI score0.02619EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.37 views

openSUSE Security Update : ruby19 (openSUSE-SU-2013:0376-1)

ruby19 was updated to fix various bugs and security issues: Update to 1.9.3 p385 bnc802406 - XSS exploit of RDoc documentation generated by rdoc CVE-2013-0256 - for other changes see /usr/share/doc/packages/ruby19/Changelog Update to 1.9.3 p327 bnc789983 - CVE-2012-5371 and plenty of other fixes...

5CVSS7.8AI score0.03622EPSS
Exploits2References10
Tenable Nessus
Tenable Nessus
added 2013/09/04 12:0 a.m.35 views

Amazon Linux AMI : ruby (ALAS-2012-139)

Ruby 1.8.7 before patchlevel 371, 1.9.3 before patchlevel 286, and 2.0 before revision r37068 allows context-dependent attackers to bypass safe-level restrictions and modify untainted strings via the nameerrmesgtostr API function, which marks the string as tainted, a different vulnerability than...

5CVSS8AI score0.02619EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2013/05/31 12:0 a.m.29 views

Fedora Update for ruby FEDORA-2013-8411

Check for the Version of ruby OpenVAS Vulnerability Test Fedora Update for ruby FEDORA-2013-8411 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...

6.4CVSS6.1AI score0.03357EPSS
Exploits3References2
seebug.org
seebug.org
added 2013/04/28 12:0 a.m.41 views

Ruby 安全级别限制绕过漏洞(CVE-2012-4466)

CVE ID:CVE-2012-4466 Ruby是一种为简单快捷的面向对象编程而创的脚本语言 Ruby 1.8.7 patchlevel 371之前版本,1.9.3patchlevel 286之前版本及Ruby 2.0 revision r37068之前版本存在安全漏洞,允许攻击者利用漏洞绕过安全级别限制,修改未污染字符串,如通过nameerrmesgtostr函数把字符串标记为污染。此漏洞不同于CVE-2011-1005 0 Ruby 1.8.7 Ruby 1.9.3 Ruby 2.0 厂商解决方案 用户可联系厂商获得相应的升级程序或补丁: http://www.ruby-lang....

5CVSS0.1AI score0.02772EPSS
Exploits2
NVD
NVD
added 2013/04/25 11:55 p.m.34 views

CVE-2012-4464

Ruby 1.9.3 before patchlevel 286 and 2.0 before revision r37068 allows context-dependent attackers to bypass safe-level restrictions and modify untainted strings via the 1 exctos or 2 nameerrtos API function, which marks the string as tainted, a different vulnerability than CVE-2012-4466. NOTE:...

5CVSS6.6AI score0.0218EPSS
Exploits0References7
Prion
Prion
added 2013/04/25 11:55 p.m.23 views

Design/Logic Flaw

Ruby 1.9.3 before patchlevel 286 and 2.0 before revision r37068 allows context-dependent attackers to bypass safe-level restrictions and modify untainted strings via the 1 exctos or 2 nameerrtos API function, which marks the string as tainted, a different vulnerability than CVE-2012-4466. NOTE:...

5CVSS6.6AI score0.02772EPSS
Exploits2References7Affected Software1
CVE
CVE
added 2013/04/25 11:0 p.m.100 views

CVE-2012-4466

CVE-2012-4466 affects Ruby 1.8.7 before patchlevel 371, Ruby 1.9.3 before patchlevel 286, and Ruby 2.0 before revision r37068. The issue allows context-dependent attackers to bypass safe-level restrictions and modify untainted strings via name_err_mesg_to_str, tainting handling for strings. This ...

5CVSS5.8AI score0.02619EPSS
Exploits1References9Affected Software1
Tenable Nessus
Tenable Nessus
added 2013/04/20 12:0 a.m.31 views

Mandriva Linux Security Advisory : ruby (MDVSA-2013:124)

Updated ruby packages fix security vulnerabilities : Shugo Maedo and Vit Ondruch discovered that Ruby incorrectly allowed untainted strings to be modified in protective safe levels. An attacker could use this flaw to bypass intended access restrictions CVE-2012-4466, CVE-2012-4481. It was...

5CVSS8AI score0.06617EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2013/04/04 12:0 a.m.28 views

SuSE 10 Security Update : ruby (ZYPP Patch Number 8524)

The ruby interpreter received a fix for two security issues : - Ruby's $SAFE mechanism enables untrusted user codes to run in $SAFE = 4 mode. This is a kind of sandboxing so some operations are restricted in that mode to protect other data outside the sandbox. CVE-2012-4466 The problem found was...

5CVSS8.1AI score0.06617EPSS
Exploits3References10
Tenable Nessus
Tenable Nessus
added 2013/03/13 12:0 a.m.37 views

SuSE 11.2 Security Update : ruby (SAT Patch Number 7386)

The ruby interpreter received a fix for a security issue : - Ruby's $SAFE mechanism enables untrusted user codes to run in $SAFE = 4 mode. This is a kind of sandboxing so some operations are restricted in that mode to protect other data outside the sandbox. CVE-2012-4466 The problem found was...

5CVSS8AI score0.02619EPSS
Exploits2References7
OpenVAS
OpenVAS
added 2013/03/08 12:0 a.m.28 views

Fedora Update for ruby FEDORA-2013-3038

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scripttagname:"affected", value:"rub...

5CVSS6.4AI score0.03357EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2012/11/19 12:0 a.m.27 views

Fedora Update for ruby FEDORA-2012-18017

Check for the Version of ruby OpenVAS Vulnerability Test Fedora Update for ruby FEDORA-2012-18017 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...

5CVSS6AI score0.03357EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2012/10/31 12:0 a.m.33 views

Ubuntu Update for ruby1.8 USN-1603-2

Ubuntu Update for Linux kernel vulnerabilities USN-1603-2 OpenVAS Vulnerability Test $Id: gbubuntuUSN16032.nasl 7960 2017-12-01 06:58:16Z santu $ Ubuntu Update for ruby1.8 USN-1603-2 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This...

5CVSS6AI score0.02619EPSS
Exploits1References2
Ubuntu
Ubuntu
added 2012/10/23 12:1 a.m.64 views

USN-1603-2: Ruby vulnerabilities

USN-1603-1 fixed vulnerabilities in Ruby. This update provides the corresponding updates for Ubuntu 12.10. Original advisory details: Shugo Maedo and Vit Ondruch discovered that Ruby incorrectly allowed untainted strings to be modified in protective safe levels. An attacker could use this flaw to...

5CVSS8AI score0.02619EPSS
Exploits1
Ubuntu
Ubuntu
added 2012/10/23 12:1 a.m.58 views

USN-1614-1: Ruby vulnerabilities

Tyler Hicks and Shugo Maeda discovered that Ruby incorrectly allowed untainted strings to be modified in protective safe levels. An attacker could use this flaw to bypass intended access restrictions. USN-1602-1 fixed these vulnerabilities in other Ubuntu releases. This update provides the...

5CVSS8AI score0.02619EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2012/10/23 12:0 a.m.38 views

Ubuntu 12.04 LTS / 12.10 : ruby1.9.1 vulnerabilities (USN-1614-1)

Tyler Hicks and Shugo Maeda discovered that Ruby incorrectly allowed untainted strings to be modified in protective safe levels. An attacker could use this flaw to bypass intended access restrictions. USN-1602-1 fixed these vulnerabilities in other Ubuntu releases. This update provides the...

5CVSS8AI score0.02619EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2012/10/23 12:0 a.m.30 views

Ubuntu 12.10 : ruby1.8 vulnerabilities (USN-1603-2)

USN-1603-1 fixed vulnerabilities in Ruby. This update provides the corresponding updates for Ubuntu 12.10. Shugo Maedo and Vit Ondruch discovered that Ruby incorrectly allowed untainted strings to be modified in protective safe levels. An attacker could use this flaw to bypass intended access...

5CVSS8AI score0.02619EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2012/10/23 12:0 a.m.27 views

Fedora Update for ruby FEDORA-2012-16086

Check for the Version of ruby OpenVAS Vulnerability Test Fedora Update for ruby FEDORA-2012-16086 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...

5CVSS5.9AI score0.02619EPSS
Exploits2References2
Rows per page
Query Builder