4 matches found
kajam allows local users to obtain sensitive information by listing the process
vendor/plugins/dataset/lib/dataset/database/mysql.rb in the kajam gem 1.0.3.rc2 for Ruby places the mysql user password on the 1 mysqldump command line in the capture function and 2 mysql command line in the restore function, which allows local users to obtain sensitive information by listing the...
Command injection
test/tcdatabase.rb in the lean-ruport gem 0.3.8 for Ruby places the mysql user password on the mysqldump command line, which allows local users to obtain sensitive information by listing the process...
CVE-2014-4999
vendor/plugins/dataset/lib/dataset/database/mysql.rb in the kajam gem 1.0.3.rc2 for Ruby places the mysql user password on the 1 mysqldump command line in the capture function and 2 mysql command line in the restore function, which allows local users to obtain sensitive information by listing the...
CVE-2014-4998
test/tcdatabase.rb in the lean-ruport gem 0.3.8 for Ruby places the mysql user password on the mysqldump command line, which allows local users to obtain sensitive information by listing the process...