3 matches found
CVE-2014-1233
The paratrooper-pingdom gem 1.0.0 for Ruby allows local users to obtain the App-Key, username, and password values by listing the curl process...
CVE-2014-1233
The paratrooper-pingdom gem 1.0.0 for Ruby allows local users to obtain the App-Key, username, and password values by listing the curl process...
CVE-2014-1233
The CVE-2014-1233 vulnerability affects the paratrooper-pingdom gem for Ruby (version 1.0.0). The exposed code path demonstrates that setup/teardown routines invoke curl to Pingdom API, passing App-Key and basic auth (username:password) in commands. This enables a local attacker to monitor the pr...