10 matches found
EUVD-2017-0278
Malware in sbrugna...
GHSA-P65M-QR5X-RRQQ Webbynode Code Injection vulnerability
The message function in lib/webbynode/notify.rb in the Webbynode gem 1.0.5.3 and earlier for Ruby allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a growlnotify message...
Webbynode Code Injection vulnerability
The message function in lib/webbynode/notify.rb in the Webbynode gem 1.0.5.3 and earlier for Ruby allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a growlnotify message...
Command injection in Ruby Gem Webbynode 1.0.5.3
Title: Command injection in Ruby Gem Webbynode 1.0.5.3 Date: 11/11/2013 Author: Larry W. Cashdollar, @larry0 Download: http://rubygems.org/gems/webbynode Vulnerability Description: The following code located in: ./webbynode-1.0.5.3/lib/webbynode/notify.rb doesn't fully sanitize user supplied inpu...
CVE-2013-7086
The message function in lib/webbynode/notify.rb in the Webbynode gem 1.0.5.3 and earlier for Ruby allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a growlnotify message...
Design/Logic Flaw
The message function in lib/webbynode/notify.rb in the Webbynode gem 1.0.5.3 and earlier for Ruby allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a growlnotify message...
CVE-2013-7086
The CVE concerns the Webbynode Ruby gem. The affected component is the notify.rb in the Webbynode gem (version 1.0.5.3 and earlier). The root cause is improper handling of growlnotify messages, allowing context-dependent attackers to inject and execute arbitrary shell commands via metacharacters ...
CVE-2013-7086
The message function in lib/webbynode/notify.rb in the Webbynode gem 1.0.5.3 and earlier for Ruby allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a growlnotify message...
Webbynode Ruby Gems命令注入漏洞
Bugtraq ID:64289 CVE ID:CVE-2013-7086 Ruby Gem Webbynode是一款让用户部署应用至Webbynode平台的工具。 Ruby Gem Webbynode没有正确过滤通过growlnotify命令所提交的消息,如果消息中包含shell元字符,可以应用程序上下文执行任意命令。 0 Ruby Gem Webbynode 1.0.5.3 目前厂商暂无提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: http://rubygems.org/gems/webbynode...
Webbynode Gem for Ruby notify.rb growlnotify Message Handling Arbitrary Command Execution
Webbynode Gem for Ruby contains a flaw in notify.rb that is triggered when handling a specially crafted growlnotify message. This may allow a context-dependent attacker to execute arbitrary commands...