2 matches found
CVE-2014-4995
Race condition in lib/vlad/dba/mysql.rb in the VladTheEnterprising gem 0.2 for Ruby allows local users to obtain sensitive information by reading the MySQL root password from a temporary file before it is removed...
CVE-2014-4995
Vulnerability CVE-2014-4995 affects the VladTheEnterprising Ruby gem (version ~0.2); a race condition in lib/vlad/dba/mysql.rb allows local users to obtain the MySQL root password from a temporary file before it is removed. Related advisories describe insecure temporary file handling and potentia...