FreeBSD : rubygem-rails -- multiple vulnerabilities (be77eff6-ca91-11e0-aea3-00215c6a37bb)

SecurityFocus reports : Ruby on Rails is prone to multiple vulnerabilities including SQL-injection, information-disclosure, HTTP-header-injection, security-bypass and cross-site scripting issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this...

FreeBSD : rubygem-rails -- SQL injection vulnerability (8e8b8b94-7f1d-11dd-a66a-0019666436c2)

Jonathan Weiss reports, that it is possible to perform a SQL injection in Rails applications via not correctly sanitized :limit and :offset parameters. It is possible to change arbitrary values in affected tables or gain access to the sensitive data. %NASLMINLEVEL 70300 C Tenable Network Security...

Fedora Update for rubygem-rails FEDORA-2008-8322

Check for the Version of rubygem-rails OpenVAS Vulnerability Test Fedora Update for rubygem-rails FEDORA-2008-8322 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

Fedora Update for rubygem-rails FEDORA-2008-8322

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Fedora Update for rubygem-rails FEDORA-2008-8282

Check for the Version of rubygem-rails OpenVAS Vulnerability Test Fedora Update for rubygem-rails FEDORA-2008-8282 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

Fedora Update for rubygem-rails FEDORA-2008-8282

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

[SECURITY] Fedora 8 Update: rubygem-rails-2.1.1-2.fc8

Rails is a framework for building web-application using CGI, FCGI, modruby, or WEBrick on top of either MySQL, PostgreSQL, SQLite, DB2, SQL Server, or Oracle with eRuby- or Builder-based templates...

FreeBSD Ports: rubygem-rails

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

FreeBSD Ports: rubygem-rails

The remote host is missing an update to the system as announced in the referenced advisory. VID 8e8b8b94-7f1d-11dd-a66a-0019666436c2 OpenVAS Vulnerability Test $ Description: Auto generated from VID 8e8b8b94-7f1d-11dd-a66a-0019666436c2 Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

FreeBSD Ports: rubygem-rails

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

FreeBSD Ports: rubygem-rails

The remote host is missing an update to the system as announced in the referenced advisory. VID 44fb0302-9d38-11dc-9114-001c2514716c OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

FreeBSD Ports: rubygem-rails

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

FreeBSD Ports: rubygem-rails

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

FreeBSD Ports: rubygem-rails

The remote host is missing an update to the system as announced in the referenced advisory. VID 30acb8ae-9d46-11dc-9114-001c2514716c OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

FreeBSD Ports: rubygem-rails

The remote host is missing an update to the system as announced in the referenced advisory. VID 90064567-28b1-11db-844d-000c6ec775d9 OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

FreeBSD : rubygem-rails -- session-fixation vulnerability (30acb8ae-9d46-11dc-9114-001c2514716c)

Rails core team reports : The rails core team has released ruby on rails 1.2.6 to address a bug in the fix for session fixation attacks CVE-2007-5380. The CVE Identifier for this new issue is CVE-2007-6077. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package chec...

FreeBSD : rubygem-rails -- JSON XSS vulnerability (44fb0302-9d38-11dc-9114-001c2514716c)

Rails core team reports : All users of Rails 1.2.4 or earlier are advised to upgrade to 1.2.5, though it isn't strictly necessary if you aren't working with JSON. For more information the JSON vulnerability, see CVE-2007-3227. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive...