EUVD-2017-0171

Malware in sbrugna...

Foreman rubygem-safemode security bypass vulnerability

Foreman is a set of lifecycle management tools for use in physical and virtual servers. The tool provides features such as service provisioning, configuration management, and status reporting. A security vulnerability exists in rubygem-safemode in Foreman 1.3.2 and earlier versions. An attacker c...

CVE-2017-7540

rubygem-safemode, as used in Foreman, versions 1.3.2 and earlier are vulnerable to bypassing safe mode limitations via special Ruby syntax. This can lead to deletion of objects for which the user does not have delete permissions or possibly to privilege escalation...

CVE-2017-7540

rubygem-safemode, as used in Foreman, versions 1.3.2 and earlier are vulnerable to bypassing safe mode limitations via special Ruby syntax. This can lead to deletion of objects for which the user does not have delete permissions or possibly to privilege escalation...

Privilege escalation

rubygem-safemode, as used in Foreman, versions 1.3.2 and earlier are vulnerable to bypassing safe mode limitations via special Ruby syntax. This can lead to deletion of objects for which the user does not have delete permissions or possibly to privilege escalation...

CVE-2017-7540

The CVE-2017-7540 entry concerns rubygem-safemode used by Foreman up to v1.3.2. Concrete details in connected documents indicate a bypass of safe mode restrictions via special Ruby syntax, allowing deletion of objects without delete permissions and potential privilege escalation. Affected compone...

CVE-2017-7540

rubygem-safemode, as used in Foreman, versions 1.3.2 and earlier are vulnerable to bypassing safe mode limitations via special Ruby syntax. This can lead to deletion of objects for which the user does not have delete permissions or possibly to privilege escalation...