RedHat Update for ruby RHSA-2011:0910-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

CVE-2011-2649

Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows attackers to execute arbitrary commands via shell metacharacters in an unspecified FileUtils function call...

RHEL 5 : ruby (RHSA-2011:0909)

The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2011:0909 advisory. - ruby WEBrick log escape sequence CVE-2009-4492 - Ruby WEBrick javascript injection flaw CVE-2010-0541 - ruby: memory corruption in...

Ruby: Symlink race condition by removing directory trees in fileutils module

The FileUtils.removeentrysecure method in Ruby 1.8.6 through 1.8.6-420, 1.8.7 through 1.8.7-330, 1.8.8dev, 1.9.1 through 1.9.1-430, 1.9.2 through 1.9.2-136, and 1.9.3dev allows local users to delete arbitrary files via a symlink attack...

Mandriva Update for ruby MDVSA-2011:097 (ruby)

Check for the Version of ruby OpenVAS Vulnerability Test Mandriva Update for ruby MDVSA-2011:097 ruby Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...

[ MDVSA-2011:097 ] ruby

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2011:097 http://www.mandriva.com/security/ Package : ruby Date : May 23, 2011 Affected: 2009.0, 2010.1, Enterprise Server 5.0 Problem Description: Multiple vulnerabilities have been identified and fixed in ruby:...

Ruby 'FileUtils.remove_entry_secure()' Method Race Condition Vulnerability

Ruby is prone to race condition vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:ruby-lang:ruby"; ifdescription...

CVE-2011-1004

The FileUtils.removeentrysecure method in Ruby 1.8.6 through 1.8.6-420, 1.8.7 through 1.8.7-330, 1.8.8dev, 1.9.1 through 1.9.1-430, 1.9.2 through 1.9.2-136, and 1.9.3dev allows local users to delete arbitrary files via a symlink attack...

Authorization

The FileUtils.removeentrysecure method in Ruby 1.8.6 through 1.8.6-420, 1.8.7 through 1.8.7-330, 1.8.8dev, 1.9.1 through 1.9.1-430, 1.9.2 through 1.9.2-136, and 1.9.3dev allows local users to delete arbitrary files via a symlink attack...

CVE-2011-1004

The FileUtils.removeentrysecure method in Ruby 1.8.6 through 1.8.6-420, 1.8.7 through 1.8.7-330, 1.8.8dev, 1.9.1 through 1.9.1-430, 1.9.2 through 1.9.2-136, and 1.9.3dev allows local users to delete arbitrary files via a symlink attack...

CVE-2011-1004 Ruby: Symlink race condition by removing directory trees in fileutils module

The FileUtils.removeentrysecure method in Ruby 1.8.6 through 1.8.6-420, 1.8.7 through 1.8.7-330, 1.8.8dev, 1.9.1 through 1.9.1-430, 1.9.2 through 1.9.2-136, and 1.9.3dev allows local users to delete arbitrary files via a symlink attack...

[SECURITY] Fedora 12 Update: coreutils-7.6-8.fc12

These are the GNU core utilities. This package is the combination of the old GNU fileutils, sh-utils, and textutils packages...

[SECURITY] Fedora 11 Update: coreutils-7.2-5.fc11

These are the GNU core utilities. This package is the combination of the old GNU fileutils, sh-utils, and textutils packages...

Apple Mac OSX 10.4.8 - Apple Finder DMG Volume Name Memory Corruption (PoC)

!/usr/bin/ruby c 2006 LMH . require 'fileutils' require 'zlib' hdiutil = "/usr/bin/hdiutil" dmgname = ARGV0 || "MOAB-09-01-2007.dmg" dmgsize = ARGV1 || "200k" filesys = ARGV2 || "UFS" volname = "" 255.times do volname i = Kernel.rand62; i += i 10 ? 48 : i 36 ? 55 : 61 .chr end FileUtils.rmfdmgnam...

fileutils security update

CentOS Errata and Security Advisory CESA-2005:470-04 Merged security bulletin from advisories: https://lists.centos.org/pipermail/centos-announce/2005-July/074099.html Affected packages: fileutils...

Mandrake Linux Security Advisory : fileutils (MDKSA-2002:031)

Wojciech Purczynski reported a race condition in some utilities in the GNU fileutils package that may cause root to delete the entire filesystem. This only affects version 4.1 stable and 4.1.6 development versions, and the authors have fixed this in the latest development version. %NASLMINLEVEL...

CVE-2003-0854

ls in the fileutils or coreutils packages allows local users to consume a large amount of memory via a large -w value, which can be remotely exploited via applications that use ls, such as wu-ftpd...

CVE-2003-0853

An integer overflow in ls in the fileutils or coreutils packages may allow local users to cause a denial of service or execute arbitrary code via a large -w value, which could be remotely exploited via applications that use ls, such as wu-ftpd...

CVE-2003-0854

ls in the fileutils or coreutils packages allows local users to consume a large amount of memory via a large -w value, which can be remotely exploited via applications that use ls, such as wu-ftpd...

DEBIAN-CVE-2003-0854

ls in the fileutils or coreutils packages allows local users to consume a large amount of memory via a large -w value, which can be remotely exploited via applications that use ls, such as wu-ftpd...