Lucene search
+L

4 matches found

Tenable Nessus
Tenable Nessus
added 2014/04/08 12:0 a.m.34 views

GLSA-201404-04 : Crack: Arbitrary code execution

The remote host is affected by the vulnerability described in GLSA-201404-04 Crack: Arbitrary code execution An XML parameter parsing vulnerability has been discovered in Crack. Impact : A remote attacker could execute arbitrary code with the privileges of the process, cause a Denial of Service...

7.5CVSS6.1AI score0.04952EPSS
Exploits1References2
NVD
NVD
added 2013/04/09 8:55 p.m.48 views

CVE-2013-1800

The crack gem 0.3.1 and earlier for Ruby does not properly restrict casts of string values, which might allow remote attackers to conduct object-injection attacks and execute arbitrary code, or cause a denial of service memory and CPU consumption by leveraging Action Pack support for 1 YAML type...

7.5CVSS7.1AI score0.04952EPSS
Exploits1References6
CVE
CVE
added 2013/04/09 8:0 p.m.119 views

CVE-2013-1800

CVE-2013-1800 concerns the crack gem for Ruby (0.3.1 and earlier). The issue arises from improper restriction of casts of string values, enabling potential object-injection and arbitrary code execution, or a denial of service, via Action Pack support for YAML type conversion or Symbol type conver...

7.5CVSS9.6AI score0.04952EPSS
Exploits1References6Affected Software1
Debian CVE
Debian CVE
added 2013/04/09 8:0 p.m.58 views

CVE-2013-1800

The crack gem 0.3.1 and earlier for Ruby does not properly restrict casts of string values, which might allow remote attackers to conduct object-injection attacks and execute arbitrary code, or cause a denial of service memory and CPU consumption by leveraging Action Pack support for 1 YAML type...

7.5CVSS6.7AI score0.04952EPSS
Exploits1
Rows per page
Query Builder