3 matches found
CVE-2014-5001
lib/ksymfony1.rb in the kcapifony gem 2.1.6 for Ruby places database user passwords on the 1 mysqldump, 2 pgdump, 3 mysql, and 4 psql command lines, which allows local users to obtain sensitive information by listing the processes...
CVE-2014-5001
lib/ksymfony1.rb in the kcapifony gem 2.1.6 for Ruby places database user passwords on the 1 mysqldump, 2 pgdump, 3 mysql, and 4 psql command lines, which allows local users to obtain sensitive information by listing the processes...
CVE-2014-5001
CVE-2014-5001 affects the Ruby gem kcapifony (version 2.1.6) via the file lib/ksymfony1.rb . The underlying issue is that the program places database user passwords on the command line for the tools mysqldump , pg_dump , mysql , and psql , which allows local users to obtain sensitive information ...