12 matches found
SUSE CVE-2013-2119
Phusion Passenger gem before 3.0.21 and 4.0.x before 4.0.5 for Ruby allows local users to cause a denial of service prevent application start or gain privileges by pre-creating a temporary "config" file in a directory with a predictable name in /tmp/ before it is used by the gem...
Mageia: Security Advisory (MGASA-2013-0205)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
RHEL 6 : rubygem-passenger (RHSA-2013:1136)
Updated rubygem-passenger packages that fix two security issues are now available for Red Hat OpenShift Enterprise 1.2.2. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...
CVE-2013-2119
Phusion Passenger gem vulnerability (CVE-2013-2119) affects Phusion Passenger for Ruby, specifically the gem versions before 3.0.21 and 4.0.x before 4.0.5. The issue arises from insecure handling of temporary directories/files in /tmp, where a local attacker can pre-create a predictable temporary...
Moderate: Red Hat Security Advisory: rubygem-passenger security update
Updated rubygem-passenger packages that fix two security issues are now available for Red Hat OpenShift Enterprise 1.2.2. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...
Fedora Update for rubygem-passenger FEDORA-2013-13234
Check for the Version of rubygem-passenger OpenVAS Vulnerability Test Fedora Update for rubygem-passenger FEDORA-2013-13234 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...
Fedora Update for rubygem-passenger FEDORA-2013-13234
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 17 : rubygem-passenger-3.0.21-1.fc17 (2013-9771)
Update to version 3.0.21 - Fix for CVE-2013-2119 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...
MGASA-2013-0205 Updated rubygem-passenger package fixes CVE-2013-2119
Phusion Passengers code did not always create temporary files and directories in a secure manner. Temporary files and directories were sometimes created with a predictable filename. A local attacker can pre-create temporary files, resulting in a denial of service. In addition, this vulnerability...
Updated rubygem-passenger package fixes CVE-2013-2119
Phusion Passengers code did not always create temporary files and directories in a secure manner. Temporary files and directories were sometimes created with a predictable filename. A local attacker can pre-create temporary files, resulting in a denial of service. In addition, this vulnerability...
Fedora Update for rubygem-passenger FEDORA-2013-9789
Check for the Version of rubygem-passenger OpenVAS Vulnerability Test Fedora Update for rubygem-passenger FEDORA-2013-9789 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...
CVE-2013-2119 rubygem-passenger: incorrect temporary file usage
Phusion Passenger gem before 3.0.21 and 4.0.x before 4.0.5 for Ruby allows local users to cause a denial of service prevent application start or gain privileges by pre-creating a temporary "config" file in a directory with a predictable name in /tmp/ before it is used by the gem...