Package : rails
Vulnerability : several
Problem type : remote
Debian-specific: no
CVE ID : CVE-2013-0276 CVE-2013-0277
Two vulnerabilities were discovered in Ruby on Rails, a Ruby framework
for web application development.
CVE-2013-0276
The blacklist provided by the attr_protected method could be
bypassed with crafted requests, having an application-specific
impact.
CVE-2013-0277
In some applications, the +serialize+ helper in ActiveRecord
could be tricked into deserializing arbitrary YAML data,
possibly leading to remote code execution.
For the stable distribution (squeeze), these problems have been fixed
in version 2.3.5-1.2+squeeze7.
We recommend that you upgrade your rails packages.
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/
{"id": "SECURITYVULNS:DOC:29058", "bulletinFamily": "software", "title": "[SECURITY] [DSA 2620-1] rails security update", "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n- -------------------------------------------------------------------------\r\nDebian Security Advisory DSA-2620-1 security@debian.org\r\nhttp://www.debian.org/security/ Florian Weimer\r\nFebruary 12, 2013 http://www.debian.org/security/faq\r\n- -------------------------------------------------------------------------\r\n\r\nPackage : rails\r\nVulnerability : several\r\nProblem type : remote\r\nDebian-specific: no\r\nCVE ID : CVE-2013-0276 CVE-2013-0277\r\n\r\nTwo vulnerabilities were discovered in Ruby on Rails, a Ruby framework\r\nfor web application development.\r\n\r\nCVE-2013-0276\r\n\tThe blacklist provided by the attr_protected method could be\r\n\tbypassed with crafted requests, having an application-specific\r\n\timpact.\r\n\r\nCVE-2013-0277\r\n\tIn some applications, the +serialize+ helper in ActiveRecord\r\n\tcould be tricked into deserializing arbitrary YAML data,\r\n\tpossibly leading to remote code execution.\r\n\r\nFor the stable distribution (squeeze), these problems have been fixed\r\nin version 2.3.5-1.2+squeeze7.\r\n\r\nWe recommend that you upgrade your rails packages.\r\n\r\nFurther information about Debian Security Advisories, how to apply\r\nthese updates to your system and frequently asked questions can be\r\nfound at: http://www.debian.org/security/\r\n\r\nMailing list: debian-security-announce@lists.debian.org\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.10 (GNU/Linux)\r\n\r\niQEcBAEBAgAGBQJRGrHZAAoJEL97/wQC1SS+MioH/3mCWr/isUqOa4xgITK7PheV\r\nhlWnwSBhKK9Yc6s25Nb6tK1qUgsiHTWOviEmKuMoEPWQicj9JNvl8C5sf8iiFGlM\r\nswAgdN43TZY7s7ohZuttW6bnvJRiWxLcP60qlVlN2IBGsdxY2kGz25L7l3wOEqsp\r\nwluacV5sUBBDAi9HJ2Fle3PvW3LbVv4HthpHyILXONgm97dCgB8ZjFRqWm50piIo\r\n5QTZjrcGmCdjWwLKzd/s+xwoaMF1keU7lRsMlEBicESb4h8qd4fKOXxbDjO3MdSR\r\nsH71oJgihBzC2GYTNjwjSia1KeOhkaSwBAuZqvf4ihsovKiwiQ7Ajh1eJkJkCbA=\r\n=wTxl\r\n-----END PGP SIGNATURE-----\r\n", "published": "2013-02-18T00:00:00", "modified": "2013-02-18T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:29058", "reporter": "Securityvulns", "references": [], "cvelist": ["CVE-2013-0276", "CVE-2013-0277"], "type": "securityvulns", "lastseen": "2018-08-31T11:10:47", "edition": 1, "viewCount": 27, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2013-0276", "CVE-2013-0277"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2620-1:C2977"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2013-0276", "DEBIANCVE:CVE-2013-0277"]}, {"type": "fedora", "idList": ["FEDORA:6035420AD7", "FEDORA:A683320E82", "FEDORA:C3FBF20AD7"]}, {"type": "freebsd", "idList": ["BEAB40BF-C1CA-4D2B-AD46-2F14BAC8A968"]}, {"type": "gentoo", "idList": ["GLSA-201412-28"]}, {"type": "github", "idList": ["GHSA-FHJ9-CJJH-27VM", "GHSA-GR44-7GRC-37VQ"]}, {"type": "nessus", "idList": ["DEBIAN_DSA-2620.NASL", "FEDORA_2013-2351.NASL", "FEDORA_2013-2391.NASL", "FEDORA_2013-2398.NASL", "FREEBSD_PKG_BEAB40BFC1CA4D2BAD462F14BAC8A968.NASL", "GENTOO_GLSA-201412-28.NASL", "MACOSX_SECUPD2013-002.NASL", "OPENSUSE-2013-152.NASL", "REDHAT-RHSA-2013-0582.NASL", "REDHAT-RHSA-2013-0686.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310121314", "OPENVAS:1361412562310804062", "OPENVAS:1361412562310865364", "OPENVAS:1361412562310865365", "OPENVAS:1361412562310865378", "OPENVAS:1361412562310892620", "OPENVAS:865364", "OPENVAS:865365", "OPENVAS:865378", "OPENVAS:892620"]}, {"type": "redhat", "idList": ["RHSA-2013:0582", "RHSA-2013:0686"]}, {"type": "rubygems", "idList": ["RUBY:ACTIVERECORD-2013-0276-90072", "RUBY:ACTIVERECORD-2013-0277-90073"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:29464", "SECURITYVULNS:VULN:12899", "SECURITYVULNS:VULN:13126"]}, {"type": "seebug", "idList": ["SSV:60662", "SSV:60663"]}, {"type": "suse", "idList": ["SUSE-SU-2013:0486-1", "SUSE-SU-2013:0606-1"]}, {"type": "threatpost", "idList": ["THREATPOST:4578050E70C81D137F2430D701799EDA"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2013-0276", "UB:CVE-2013-0277"]}]}, "backreferences": {"references": [{"type": "cve", "idList": ["CVE-2013-0276", "CVE-2013-0277"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2620-1:C2977"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2013-0276", "DEBIANCVE:CVE-2013-0277"]}, {"type": "fedora", "idList": ["FEDORA:A683320E82"]}, {"type": "freebsd", "idList": ["BEAB40BF-C1CA-4D2B-AD46-2F14BAC8A968"]}, {"type": "gentoo", "idList": ["GLSA-201412-28"]}, {"type": "github", "idList": ["GHSA-FHJ9-CJJH-27VM"]}, {"type": "nessus", "idList": ["FEDORA_2013-2351.NASL", "REDHAT-RHSA-2013-0686.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:892620"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:29464"]}, {"type": "suse", "idList": ["SUSE-SU-2013:0606-1"]}, {"type": "threatpost", "idList": ["THREATPOST:4578050E70C81D137F2430D701799EDA"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2013-0277"]}]}, "exploitation": null, "vulnersScore": 7.5}, "affectedSoftware": [], "immutableFields": [], "cvss2": {}, "cvss3": {}, "_state": {"dependencies": 1647589307, "score": 0}}
{"nessus": [{"lastseen": "2021-08-19T12:56:22", "description": "Two vulnerabilities were discovered in Ruby on Rails, a Ruby framework for web application development.\n\n - CVE-2013-0276 The blacklist provided by the attr_protected method could be bypassed with crafted requests, having an application-specific impact.\n\n - CVE-2013-0277 In some applications, the +serialize+ helper in ActiveRecord could be tricked into deserializing arbitrary YAML data, possibly leading to remote code execution.", "cvss3": {"score": null, "vector": null}, "published": "2013-02-13T00:00:00", "type": "nessus", "title": "Debian DSA-2620-1 : rails - several vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0276", "CVE-2013-0277"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:rails", "cpe:/o:debian:debian_linux:6.0"], "id": "DEBIAN_DSA-2620.NASL", "href": "https://www.tenable.com/plugins/nessus/64591", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2620. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(64591);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2013-0276\", \"CVE-2013-0277\");\n script_bugtraq_id(57896, 57898);\n script_xref(name:\"DSA\", value:\"2620\");\n\n script_name(english:\"Debian DSA-2620-1 : rails - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Two vulnerabilities were discovered in Ruby on Rails, a Ruby framework\nfor web application development.\n\n - CVE-2013-0276\n The blacklist provided by the attr_protected method\n could be bypassed with crafted requests, having an\n application-specific impact.\n\n - CVE-2013-0277\n In some applications, the +serialize+ helper in\n ActiveRecord could be tricked into deserializing\n arbitrary YAML data, possibly leading to remote code\n execution.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-0276\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-0277\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze/rails\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2013/dsa-2620\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the rails packages.\n\nFor the stable distribution (squeeze), these problems have been fixed\nin version 2.3.5-1.2+squeeze7.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:rails\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/02/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/02/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"libactionmailer-ruby\", reference:\"2.3.5-1.2+squeeze7\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libactionmailer-ruby1.8\", reference:\"2.3.5-1.2+squeeze7\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libactionpack-ruby\", reference:\"2.3.5-1.2+squeeze7\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libactionpack-ruby1.8\", reference:\"2.3.5-1.2+squeeze7\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libactiverecord-ruby\", reference:\"2.3.5-1.2+squeeze7\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libactiverecord-ruby1.8\", reference:\"2.3.5-1.2+squeeze7\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libactiverecord-ruby1.9.1\", reference:\"2.3.5-1.2+squeeze7\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libactiveresource-ruby\", reference:\"2.3.5-1.2+squeeze7\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libactiveresource-ruby1.8\", reference:\"2.3.5-1.2+squeeze7\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libactivesupport-ruby\", reference:\"2.3.5-1.2+squeeze7\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libactivesupport-ruby1.8\", reference:\"2.3.5-1.2+squeeze7\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libactivesupport-ruby1.9.1\", reference:\"2.3.5-1.2+squeeze7\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"rails\", reference:\"2.3.5-1.2+squeeze7\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"rails-doc\", reference:\"2.3.5-1.2+squeeze7\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"rails-ruby1.8\", reference:\"2.3.5-1.2+squeeze7\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:56:22", "description": "Fix for CVE-2013-0276.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2013-02-21T00:00:00", "type": "nessus", "title": "Fedora 17 : rubygem-activemodel-3.0.11-3.fc17 (2013-2391)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0276"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:rubygem-activemodel", "cpe:/o:fedoraproject:fedora:17"], "id": "FEDORA_2013-2391.NASL", "href": "https://www.tenable.com/plugins/nessus/64737", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2013-2391.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(64737);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2013-0276\");\n script_bugtraq_id(57896);\n script_xref(name:\"FEDORA\", value:\"2013-2391\");\n\n script_name(english:\"Fedora 17 : rubygem-activemodel-3.0.11-3.fc17 (2013-2391)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Fix for CVE-2013-0276.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=909528\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2013-February/099036.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1f40be0c\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected rubygem-activemodel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:rubygem-activemodel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:17\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/02/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/02/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^17([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 17.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC17\", reference:\"rubygem-activemodel-3.0.11-3.fc17\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"rubygem-activemodel\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-08-19T12:56:03", "description": "Fix for CVE-2013-0276.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2013-02-21T00:00:00", "type": "nessus", "title": "Fedora 18 : rubygem-activemodel-3.2.8-2.fc18 (2013-2398)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0276"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:rubygem-activemodel", "cpe:/o:fedoraproject:fedora:18"], "id": "FEDORA_2013-2398.NASL", "href": "https://www.tenable.com/plugins/nessus/64738", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2013-2398.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(64738);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2013-0276\");\n script_bugtraq_id(57896);\n script_xref(name:\"FEDORA\", value:\"2013-2398\");\n\n script_name(english:\"Fedora 18 : rubygem-activemodel-3.2.8-2.fc18 (2013-2398)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Fix for CVE-2013-0276.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=909528\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2013-February/099035.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2f952f3f\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected rubygem-activemodel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:rubygem-activemodel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:18\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/02/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/02/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^18([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 18.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC18\", reference:\"rubygem-activemodel-3.2.8-2.fc18\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"rubygem-activemodel\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-08-19T12:55:55", "description": "Aaron Patterson reports :\n\nThe attr_protected method allows developers to specify a blacklist of model attributes which users should not be allowed to assign to. By using a specially crafted request, attackers could circumvent this protection and alter values that were meant to be protected.\n\nAll users running an affected release should either upgrade or use one of the work arounds immediately. Users should also consider switching from attr_protected to the whitelist method attr_accessible which is not vulnerable to this attack.", "cvss3": {"score": null, "vector": null}, "published": "2013-02-18T00:00:00", "type": "nessus", "title": "FreeBSD : Ruby Activemodel Gem -- Circumvention of attr_protected (beab40bf-c1ca-4d2b-ad46-2f14bac8a968)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0276"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:rubygem18-activemodel", "p-cpe:/a:freebsd:freebsd:rubygem19-activemodel", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_BEAB40BFC1CA4D2BAD462F14BAC8A968.NASL", "href": "https://www.tenable.com/plugins/nessus/64667", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(64667);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2013-0276\");\n\n script_name(english:\"FreeBSD : Ruby Activemodel Gem -- Circumvention of attr_protected (beab40bf-c1ca-4d2b-ad46-2f14bac8a968)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Aaron Patterson reports :\n\nThe attr_protected method allows developers to specify a blacklist of\nmodel attributes which users should not be allowed to assign to. By\nusing a specially crafted request, attackers could circumvent this\nprotection and alter values that were meant to be protected.\n\nAll users running an affected release should either upgrade or use one\nof the work arounds immediately. Users should also consider switching\nfrom attr_protected to the whitelist method attr_accessible which is\nnot vulnerable to this attack.\"\n );\n # https://vuxml.freebsd.org/freebsd/beab40bf-c1ca-4d2b-ad46-2f14bac8a968.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1a0e0256\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:rubygem18-activemodel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:rubygem19-activemodel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/02/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/02/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/02/18\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"rubygem18-activemodel<3.2.12\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"rubygem19-activemodel<3.2.12\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-08-19T12:56:02", "description": "Fix for CVE-2013-0277.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2013-02-21T00:00:00", "type": "nessus", "title": "Fedora 17 : rubygem-activerecord-3.0.11-6.fc17 (2013-2351)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0277"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:rubygem-activerecord", "cpe:/o:fedoraproject:fedora:17"], "id": "FEDORA_2013-2351.NASL", "href": "https://www.tenable.com/plugins/nessus/64734", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2013-2351.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(64734);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2013-0277\");\n script_bugtraq_id(57898);\n script_xref(name:\"FEDORA\", value:\"2013-2351\");\n\n script_name(english:\"Fedora 17 : rubygem-activerecord-3.0.11-6.fc17 (2013-2351)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Fix for CVE-2013-0277.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=909633\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2013-February/099026.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f53f98a8\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected rubygem-activerecord package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:rubygem-activerecord\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:17\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/02/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/02/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^17([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 17.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC17\", reference:\"rubygem-activerecord-3.0.11-6.fc17\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"rubygem-activerecord\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:49:46", "description": "The Ruby on Rails 2.3 stack was updated to 2.3.17. The Ruby on Rails 3.2 stack was updated to 3.2.12.\n\nThe Ruby Rack was updated to 1.1.6. The Ruby Rack was updated to 1.2.8. The Ruby Rack was updated to 1.3.10. The Ruby Rack was updated to 1.4.5.\n\nThe updates fix various security issues and bugs.\n\n - update to version 2.3.17 (bnc#803336, bnc#803339) CVE-2013-0276 CVE-2013-0277 :\n\n - update to version 3.2.12 (bnc#803336) CVE-2013-0276 :\n\n - update to version 3.2.12 (bnc#803336) CVE-2013-0276:\n issue with attr_protected where malformed input could circumvent protection\n\n - update to version 2.3.17 (bnc#803336, bnc#803339) CVE-2013-0276 CVE-2013-0277 :\n\n - Fix issue with attr_protected where malformed input could circumvent protection\n\n - Fix Serialized Attributes YAML Vulnerability\n\n - update to version 2.3.17 (bnc#803336, bnc#803339) CVE-2013-0276 CVE-2013-0277 :\n\n - Fix issue with attr_protected where malformed input could circumvent protection\n\n - Fix Serialized Attributes YAML Vulnerability\n\n - update to version 3.2.12 (bnc#803336) CVE-2013-0276 :\n\n - Quote numeric values being compared to non-numeric columns. Otherwise, in some database, the string column values will be coerced to a numeric allowing 0, 0.0 or false to match any string starting with a non-digit.\n\n - update to 1.1.6 (bnc#802794)\n\n - Fix CVE-2013-0263, timing attack against Rack::Session::Cookie\n\n - update to 1.2.8 (bnc#802794)\n\n - Fix CVE-2013-0263, timing attack against Rack::Session::Cookie\n\n - update to 1.3.10 (bnc#802794)\n\n - Fix CVE-2013-0263, timing attack against Rack::Session::Cookie\n\n - ruby rack update to 1.4.5 (bnc#802794 bnc#802795)\n\n - Fix CVE-2013-0263, timing attack against Rack::Session::Cookie\n\n - Fix CVE-2013-0262, symlink path traversal in Rack::File\n\n - ruby rack update to 1.4.4 (bnc#798452)\n\n - [SEC] Rack::Auth::AbstractRequest no longer symbolizes arbitrary strings (CVE-2013-0184)\n\n - ruby rack changes from 1.4.3\n\n - Security: Prevent unbounded reads in large multipart boundaries (CVE-2013-0183)\n\n - ruby rack changes from 1.4.2 (CVE-2012-6109)\n\n - Add warnings when users do not provide a session secret\n\n - Fix parsing performance for unquoted filenames\n\n - Updated URI backports\n\n - Fix URI backport version matching, and silence constant warnings\n\n - Correct parameter parsing with empty values\n\n - Correct rackup '-I' flag, to allow multiple uses\n\n - Correct rackup pidfile handling\n\n - Report rackup line numbers correctly\n\n - Fix request loops caused by non-stale nonces with time limits\n\n - Fix reloader on Windows\n\n - Prevent infinite recursions from Response#to_ary\n\n - Various middleware better conforms to the body close specification\n\n - Updated language for the body close specification\n\n - Additional notes regarding ECMA escape compatibility issues\n\n - Fix the parsing of multiple ranges in range headers\n\n - Prevent errors from empty parameter keys\n\n - Added PATCH verb to Rack::Request\n\n - Various documentation updates\n\n - Fix session merge semantics (fixes rack-test)\n\n - Rack::Static :index can now handle multiple directories\n\n - All tests now utilize Rack::Lint (special thanks to Lars Gierth)\n\n - Rack::File cache_control parameter is now deprecated, and removed by 1.5\n\n - Correct Rack::Directory script name escaping\n\n - Rack::Static supports header rules for sophisticated configurations\n\n - Multipart parsing now works without a Content-Length header\n\n - New logos courtesy of Zachary Scott!\n\n - Rack::BodyProxy now explicitly defines #each, useful for C extensions\n\n - Cookies that are not URI escaped no longer cause exceptions", "cvss3": {"score": null, "vector": null}, "published": "2014-06-13T00:00:00", "type": "nessus", "title": "openSUSE Security Update : RubyOnRails (openSUSE-SU-2013:0338-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-6109", "CVE-2013-0183", "CVE-2013-0184", "CVE-2013-0262", "CVE-2013-0263", "CVE-2013-0276", "CVE-2013-0277"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:rubygem-actionmailer", "p-cpe:/a:novell:opensuse:rubygem-actionmailer-2_3", "p-cpe:/a:novell:opensuse:rubygem-actionmailer-2_3-testsuite", "p-cpe:/a:novell:opensuse:rubygem-actionmailer-3_2", "p-cpe:/a:novell:opensuse:rubygem-actionpack", "p-cpe:/a:novell:opensuse:rubygem-actionpack-2_3", "p-cpe:/a:novell:opensuse:rubygem-actionpack-2_3-testsuite", "p-cpe:/a:novell:opensuse:rubygem-actionpack-3_2", "p-cpe:/a:novell:opensuse:rubygem-activemodel-3_2", "p-cpe:/a:novell:opensuse:rubygem-activerecord", "p-cpe:/a:novell:opensuse:rubygem-activerecord-2_3", "p-cpe:/a:novell:opensuse:rubygem-activerecord-2_3-testsuite", "p-cpe:/a:novell:opensuse:rubygem-activerecord-3_2", "p-cpe:/a:novell:opensuse:rubygem-activeresource", "p-cpe:/a:novell:opensuse:rubygem-activeresource-2_3", "p-cpe:/a:novell:opensuse:rubygem-activeresource-2_3-testsuite", "p-cpe:/a:novell:opensuse:rubygem-activeresource-3_2", "p-cpe:/a:novell:opensuse:rubygem-activesupport", "p-cpe:/a:novell:opensuse:rubygem-activesupport-2_3", "p-cpe:/a:novell:opensuse:rubygem-activesupport-3_2", "p-cpe:/a:novell:opensuse:rubygem-rack-1_1", "p-cpe:/a:novell:opensuse:rubygem-rack-1_1-testsuite", "p-cpe:/a:novell:opensuse:rubygem-rack-1_2", "p-cpe:/a:novell:opensuse:rubygem-rack-1_2-testsuite", "p-cpe:/a:novell:opensuse:rubygem-rack-1_3", "p-cpe:/a:novell:opensuse:rubygem-rack-1_3-testsuite", "p-cpe:/a:novell:opensuse:rubygem-rack-1_4", "p-cpe:/a:novell:opensuse:rubygem-rack-1_4-testsuite", "p-cpe:/a:novell:opensuse:rubygem-rails", "p-cpe:/a:novell:opensuse:rubygem-rails-2_3", "p-cpe:/a:novell:opensuse:rubygem-rails-3_2", "p-cpe:/a:novell:opensuse:rubygem-railties-3_2", "cpe:/o:novell:opensuse:12.1", "cpe:/o:novell:opensuse:12.2"], "id": "OPENSUSE-2013-152.NASL", "href": "https://www.tenable.com/plugins/nessus/74900", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2013-152.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(74900);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2012-6109\", \"CVE-2013-0183\", \"CVE-2013-0184\", \"CVE-2013-0262\", \"CVE-2013-0263\", \"CVE-2013-0276\", \"CVE-2013-0277\");\n\n script_name(english:\"openSUSE Security Update : RubyOnRails (openSUSE-SU-2013:0338-1)\");\n script_summary(english:\"Check for the openSUSE-2013-152 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Ruby on Rails 2.3 stack was updated to 2.3.17. The Ruby on Rails\n3.2 stack was updated to 3.2.12.\n\nThe Ruby Rack was updated to 1.1.6. The Ruby Rack was\nupdated to 1.2.8. The Ruby Rack was updated to 1.3.10. The\nRuby Rack was updated to 1.4.5.\n\nThe updates fix various security issues and bugs.\n\n - update to version 2.3.17 (bnc#803336, bnc#803339)\n CVE-2013-0276 CVE-2013-0277 :\n\n - update to version 3.2.12 (bnc#803336) CVE-2013-0276 :\n\n - update to version 3.2.12 (bnc#803336) CVE-2013-0276:\n issue with attr_protected where malformed input could\n circumvent protection\n\n - update to version 2.3.17 (bnc#803336, bnc#803339)\n CVE-2013-0276 CVE-2013-0277 :\n\n - Fix issue with attr_protected where malformed input\n could circumvent protection\n\n - Fix Serialized Attributes YAML Vulnerability\n\n - update to version 2.3.17 (bnc#803336, bnc#803339)\n CVE-2013-0276 CVE-2013-0277 :\n\n - Fix issue with attr_protected where malformed input\n could circumvent protection\n\n - Fix Serialized Attributes YAML Vulnerability\n\n - update to version 3.2.12 (bnc#803336) CVE-2013-0276 :\n\n - Quote numeric values being compared to non-numeric\n columns. Otherwise, in some database, the string column\n values will be coerced to a numeric allowing 0, 0.0 or\n false to match any string starting with a non-digit.\n\n - update to 1.1.6 (bnc#802794)\n\n - Fix CVE-2013-0263, timing attack against\n Rack::Session::Cookie\n\n - update to 1.2.8 (bnc#802794)\n\n - Fix CVE-2013-0263, timing attack against\n Rack::Session::Cookie\n\n - update to 1.3.10 (bnc#802794)\n\n - Fix CVE-2013-0263, timing attack against\n Rack::Session::Cookie\n\n - ruby rack update to 1.4.5 (bnc#802794 bnc#802795)\n\n - Fix CVE-2013-0263, timing attack against\n Rack::Session::Cookie\n\n - Fix CVE-2013-0262, symlink path traversal in Rack::File\n\n - ruby rack update to 1.4.4 (bnc#798452)\n\n - [SEC] Rack::Auth::AbstractRequest no longer symbolizes\n arbitrary strings (CVE-2013-0184)\n\n - ruby rack changes from 1.4.3\n\n - Security: Prevent unbounded reads in large multipart\n boundaries (CVE-2013-0183)\n\n - ruby rack changes from 1.4.2 (CVE-2012-6109)\n\n - Add warnings when users do not provide a session secret\n\n - Fix parsing performance for unquoted filenames\n\n - Updated URI backports\n\n - Fix URI backport version matching, and silence constant\n warnings\n\n - Correct parameter parsing with empty values\n\n - Correct rackup '-I' flag, to allow multiple uses\n\n - Correct rackup pidfile handling\n\n - Report rackup line numbers correctly\n\n - Fix request loops caused by non-stale nonces with time\n limits\n\n - Fix reloader on Windows\n\n - Prevent infinite recursions from Response#to_ary\n\n - Various middleware better conforms to the body close\n specification\n\n - Updated language for the body close specification\n\n - Additional notes regarding ECMA escape compatibility\n issues\n\n - Fix the parsing of multiple ranges in range headers\n\n - Prevent errors from empty parameter keys\n\n - Added PATCH verb to Rack::Request\n\n - Various documentation updates\n\n - Fix session merge semantics (fixes rack-test)\n\n - Rack::Static :index can now handle multiple directories\n\n - All tests now utilize Rack::Lint (special thanks to Lars\n Gierth)\n\n - Rack::File cache_control parameter is now deprecated,\n and removed by 1.5\n\n - Correct Rack::Directory script name escaping\n\n - Rack::Static supports header rules for sophisticated\n configurations\n\n - Multipart parsing now works without a Content-Length\n header\n\n - New logos courtesy of Zachary Scott!\n\n - Rack::BodyProxy now explicitly defines #each, useful for\n C extensions\n\n - Cookies that are not URI escaped no longer cause\n exceptions\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=798452\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=802794\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=802795\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=803336\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=803339\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2013-02/msg00071.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected RubyOnRails packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rubygem-actionmailer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rubygem-actionmailer-2_3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rubygem-actionmailer-2_3-testsuite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rubygem-actionmailer-3_2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rubygem-actionpack\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rubygem-actionpack-2_3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rubygem-actionpack-2_3-testsuite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rubygem-actionpack-3_2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rubygem-activemodel-3_2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rubygem-activerecord\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rubygem-activerecord-2_3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rubygem-activerecord-2_3-testsuite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rubygem-activerecord-3_2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rubygem-activeresource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rubygem-activeresource-2_3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rubygem-activeresource-2_3-testsuite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rubygem-activeresource-3_2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rubygem-activesupport\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rubygem-activesupport-2_3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rubygem-activesupport-3_2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rubygem-rack-1_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rubygem-rack-1_1-testsuite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rubygem-rack-1_2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rubygem-rack-1_2-testsuite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rubygem-rack-1_3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rubygem-rack-1_3-testsuite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rubygem-rack-1_4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rubygem-rack-1_4-testsuite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rubygem-rails\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rubygem-rails-2_3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rubygem-rails-3_2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rubygem-railties-3_2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/02/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.1|SUSE12\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.1 / 12.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.1\", reference:\"rubygem-actionmailer-2.3.17-2.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"rubygem-actionmailer-2_3-2.3.17-3.13.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"rubygem-actionmailer-2_3-testsuite-2.3.17-3.13.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"rubygem-actionpack-2.3.17-2.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"rubygem-actionpack-2_3-2.3.17-3.20.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"rubygem-actionpack-2_3-testsuite-2.3.17-3.20.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"rubygem-activerecord-2.3.17-2.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"rubygem-activerecord-2_3-2.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"rubygem-activerecord-2_3-testsuite-2.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"rubygem-activeresource-2.3.17-2.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"rubygem-activeresource-2_3-2.3.17-3.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"rubygem-activeresource-2_3-testsuite-2.3.17-3.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"rubygem-activesupport-2.3.17-2.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"rubygem-activesupport-2_3-2.3.17-3.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"rubygem-rack-1_1-1.1.6-3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"rubygem-rack-1_1-testsuite-1.1.6-3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"rubygem-rails-2.3.17-2.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"rubygem-rails-2_3-2.3.17-3.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"rubygem-actionmailer-2.3.17-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"rubygem-actionmailer-2_3-2.3.17-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"rubygem-actionmailer-2_3-testsuite-2.3.17-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"rubygem-actionmailer-3_2-3.2.12-2.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"rubygem-actionpack-2.3.17-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"rubygem-actionpack-2_3-2.3.17-2.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"rubygem-actionpack-2_3-testsuite-2.3.17-2.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"rubygem-actionpack-3_2-3.2.12-3.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"rubygem-activemodel-3_2-3.2.12-2.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"rubygem-activerecord-2.3.17-3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"rubygem-activerecord-2_3-2.3.17-2.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"rubygem-activerecord-2_3-testsuite-2.3.17-2.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"rubygem-activerecord-3_2-3.2.12-2.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"rubygem-activeresource-2.3.17-3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"rubygem-activeresource-2_3-2.3.17-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"rubygem-activeresource-2_3-testsuite-2.3.17-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"rubygem-activeresource-3_2-3.2.12-2.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"rubygem-activesupport-2.3.17-3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"rubygem-activesupport-2_3-2.3.17-3.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"rubygem-activesupport-3_2-3.2.12-2.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"rubygem-rack-1_1-1.1.6-6.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"rubygem-rack-1_1-testsuite-1.1.6-6.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"rubygem-rack-1_2-1.2.8-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"rubygem-rack-1_2-testsuite-1.2.8-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"rubygem-rack-1_3-1.3.10-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"rubygem-rack-1_3-testsuite-1.3.10-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"rubygem-rack-1_4-1.4.5-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"rubygem-rack-1_4-testsuite-1.4.5-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"rubygem-rails-2.3.17-3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"rubygem-rails-2_3-2.3.17-3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"rubygem-rails-3_2-3.2.12-2.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"rubygem-railties-3_2-3.2.12-2.13.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"RubyOnRails\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:55:16", "description": "Red Hat Subscription Asset Manager 1.2.1, which fixes several security issues, multiple bugs, and adds various enhancements, is now available.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nRed Hat Subscription Asset Manager acts as a proxy for handling subscription information and software updates on client machines.\n\nThe latest packages for Subscription Asset Manager include a number of security fixes :\n\nWhen a Subscription Asset Manager instance is created, its configuration script automatically creates an RPM of the internal subscription service CA certificate. However, this RPM incorrectly created the CA certificate with file permissions of 0666. This allowed other users on a client system to modify the CA certificate used to trust the remote subscription server. All administrators are advised to update and deploy the subscription service certificate on all systems which use Subscription Asset Manager as their subscription service. This procedure is described in:\nhttps://access.redhat.com/knowledge/docs/en-US/ Red_Hat_Subscription_Asset_Manager/1.2/html/Installation_Guide/ sect-Installation_Guide-Administration-Upgrading_Subscription_Asset_Ma nager.html (CVE-2012-6116)\n\nManifest signature checking was not implemented for early versions of Subscription Asset Manager. This meant that a malicious user could edit a manifest file, insert arbitrary data, and successfully upload the edited manifest file into the Subscription Asset Manager server.\n(CVE-2012-6119)\n\nRuby's documentation generator had a flaw in the way it generated HTML documentation. When a Ruby application exposed its documentation on a network (such as a web page), an attacker could use a specially- crafted URL to open an arbitrary web script or to execute HTML code within the application's user session. (CVE-2013-0256)\n\nA timing attack flaw was found in the way rubygem-rack and ruby193-rubygem-rack processed HMAC digests in cookies. This flaw could aid an attacker using forged digital signatures to bypass authentication checks. (CVE-2013-0263)\n\nA flaw in rubygem-json allowed remote attacks by creating different types of malicious objects. For example, it could initiate a denial of service (DoS) attack through resource consumption by using a JSON document to create arbitrary Ruby symbols, which were never garbage collected. It could also be exploited to create internal objects which could allow a SQL injection attack. (CVE-2013-0269)\n\nA flaw in ActiveRecord in Ruby on Rails allowed remote attackers to circumvent attribute protections and to insert their own crafted requests to change protected attribute values. (CVE-2013-0276)\n\nHTML markup was not properly escaped when filling in the username field in the Notifications form of the Subscription Asset Manager UI.\nThis meant that HTML code used in the value was then applied in the UI page when the entry was viewed. This could have allowed malicious HTML code to be entered. The field value is now validated and any HTML tags are escaped. (CVE-2013-1823)\n\nThese updated packages also include bug fixes and enhancements :\n\n* Previously, no SELinux policy for the subscription service was included with the Subscription Asset Manager packages. The candlepin-selinux package is now included with SELinux policies for the subscription server. (BZ#906901)\n\n* When attempting to use the subscription service's CA certificate to validate a manifest during import, the comparison failed. The upstream subscription service which generated the manifest is a different service than the local subscription service; thus, they have different CA certificates. This caused importing a manifest to fail with the error 'archive failed signature'. This has been fixed so that the proper certificate is used for verification. (BZ#918778)\n\nAll users of Subscription Asset Manager are recommended to update to the latest packages.", "cvss3": {"score": null, "vector": null}, "published": "2013-04-10T00:00:00", "type": "nessus", "title": "RHEL 6 : Subscription Asset Manager (RHSA-2013:0686)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-6116", "CVE-2012-6119", "CVE-2013-0256", "CVE-2013-0263", "CVE-2013-0269", "CVE-2013-0276", "CVE-2013-1823"], "modified": "2014-05-02T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:candlepin", "p-cpe:/a:redhat:enterprise_linux:candlepin-devel", "p-cpe:/a:redhat:enterprise_linux:candlepin-selinux", "p-cpe:/a:redhat:enterprise_linux:candlepin-tomcat6", "p-cpe:/a:redhat:enterprise_linux:katello-common", "p-cpe:/a:redhat:enterprise_linux:katello-configure", "p-cpe:/a:redhat:enterprise_linux:katello-glue-candlepin", "p-cpe:/a:redhat:enterprise_linux:katello-headpin", "p-cpe:/a:redhat:enterprise_linux:katello-headpin-all", "p-cpe:/a:redhat:enterprise_linux:ruby-nokogiri", "p-cpe:/a:redhat:enterprise_linux:rubygem-actionpack", "p-cpe:/a:redhat:enterprise_linux:rubygem-activemodel", "p-cpe:/a:redhat:enterprise_linux:rubygem-activemodel-doc", "p-cpe:/a:redhat:enterprise_linux:rubygem-delayed_job", "p-cpe:/a:redhat:enterprise_linux:rubygem-delayed_job-doc", "p-cpe:/a:redhat:enterprise_linux:rubygem-json", "p-cpe:/a:redhat:enterprise_linux:rubygem-json-debuginfo", "p-cpe:/a:redhat:enterprise_linux:rubygem-nokogiri", "p-cpe:/a:redhat:enterprise_linux:rubygem-nokogiri-debuginfo", "p-cpe:/a:redhat:enterprise_linux:rubygem-nokogiri-doc", "p-cpe:/a:redhat:enterprise_linux:rubygem-rack", "p-cpe:/a:redhat:enterprise_linux:rubygem-rails_warden", "p-cpe:/a:redhat:enterprise_linux:rubygem-rails_warden-doc", "p-cpe:/a:redhat:enterprise_linux:rubygem-rdoc", "p-cpe:/a:redhat:enterprise_linux:rubygem-rdoc-doc", "p-cpe:/a:redhat:enterprise_linux:thumbslug", "p-cpe:/a:redhat:enterprise_linux:thumbslug-selinux", "cpe:/o:redhat:enterprise_linux:6"], "id": "REDHAT-RHSA-2013-0686.NASL", "href": "https://www.tenable.com/plugins/nessus/65904", "sourceData": "#%NASL_MIN_LEVEL 999999\n\n# @DEPRECATED@\n#\n# Disabled on 2013/06/06.\n#\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2013:0686. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(65904);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2018/07/20 0:18:52\");\n\n script_cve_id(\"CVE-2012-6116\", \"CVE-2012-6119\", \"CVE-2013-0256\", \"CVE-2013-0263\", \"CVE-2013-0269\", \"CVE-2013-0276\", \"CVE-2013-1823\");\n script_xref(name:\"RHSA\", value:\"2013:0686\");\n\n script_name(english:\"RHEL 6 : Subscription Asset Manager (RHSA-2013:0686)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Red Hat Subscription Asset Manager 1.2.1, which fixes several security\nissues, multiple bugs, and adds various enhancements, is now\navailable.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nRed Hat Subscription Asset Manager acts as a proxy for handling\nsubscription information and software updates on client machines.\n\nThe latest packages for Subscription Asset Manager include a number of\nsecurity fixes :\n\nWhen a Subscription Asset Manager instance is created, its\nconfiguration script automatically creates an RPM of the internal\nsubscription service CA certificate. However, this RPM incorrectly\ncreated the CA certificate with file permissions of 0666. This allowed\nother users on a client system to modify the CA certificate used to\ntrust the remote subscription server. All administrators are advised\nto update and deploy the subscription service certificate on all\nsystems which use Subscription Asset Manager as their subscription\nservice. This procedure is described in:\nhttps://access.redhat.com/knowledge/docs/en-US/\nRed_Hat_Subscription_Asset_Manager/1.2/html/Installation_Guide/\nsect-Installation_Guide-Administration-Upgrading_Subscription_Asset_Ma\nnager.html (CVE-2012-6116)\n\nManifest signature checking was not implemented for early versions of\nSubscription Asset Manager. This meant that a malicious user could\nedit a manifest file, insert arbitrary data, and successfully upload\nthe edited manifest file into the Subscription Asset Manager server.\n(CVE-2012-6119)\n\nRuby's documentation generator had a flaw in the way it generated HTML\ndocumentation. When a Ruby application exposed its documentation on a\nnetwork (such as a web page), an attacker could use a specially-\ncrafted URL to open an arbitrary web script or to execute HTML code\nwithin the application's user session. (CVE-2013-0256)\n\nA timing attack flaw was found in the way rubygem-rack and\nruby193-rubygem-rack processed HMAC digests in cookies. This flaw\ncould aid an attacker using forged digital signatures to bypass\nauthentication checks. (CVE-2013-0263)\n\nA flaw in rubygem-json allowed remote attacks by creating different\ntypes of malicious objects. For example, it could initiate a denial of\nservice (DoS) attack through resource consumption by using a JSON\ndocument to create arbitrary Ruby symbols, which were never garbage\ncollected. It could also be exploited to create internal objects which\ncould allow a SQL injection attack. (CVE-2013-0269)\n\nA flaw in ActiveRecord in Ruby on Rails allowed remote attackers to\ncircumvent attribute protections and to insert their own crafted\nrequests to change protected attribute values. (CVE-2013-0276)\n\nHTML markup was not properly escaped when filling in the username\nfield in the Notifications form of the Subscription Asset Manager UI.\nThis meant that HTML code used in the value was then applied in the UI\npage when the entry was viewed. This could have allowed malicious HTML\ncode to be entered. The field value is now validated and any HTML tags\nare escaped. (CVE-2013-1823)\n\nThese updated packages also include bug fixes and enhancements :\n\n* Previously, no SELinux policy for the subscription service was\nincluded with the Subscription Asset Manager packages. The\ncandlepin-selinux package is now included with SELinux policies for\nthe subscription server. (BZ#906901)\n\n* When attempting to use the subscription service's CA certificate to\nvalidate a manifest during import, the comparison failed. The upstream\nsubscription service which generated the manifest is a different\nservice than the local subscription service; thus, they have different\nCA certificates. This caused importing a manifest to fail with the\nerror 'archive failed signature'. This has been fixed so that the\nproper certificate is used for verification. (BZ#918778)\n\nAll users of Subscription Asset Manager are recommended to update to\nthe latest packages.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2012-6116.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2012-6119.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2013-0256.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2013-0263.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2013-0269.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2013-0276.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2013-1823.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://rhn.redhat.com/errata/RHSA-2013-0686.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:candlepin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:candlepin-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:candlepin-selinux\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:candlepin-tomcat6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:katello-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:katello-configure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:katello-glue-candlepin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:katello-headpin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:katello-headpin-all\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-nokogiri\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygem-actionpack\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygem-activemodel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygem-activemodel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygem-delayed_job\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygem-delayed_job-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygem-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygem-json-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygem-nokogiri\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygem-nokogiri-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygem-nokogiri-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygem-rack\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygem-rails_warden\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygem-rails_warden-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygem-rdoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygem-rdoc-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:thumbslug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:thumbslug-selinux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/04/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\n# Deprecated\nexit(0, \"This plugin has been temporarily deprecated.\");\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"RHEL6\", reference:\"candlepin-0.7.24-1.el6_3\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"candlepin-devel-0.7.24-1.el6_3\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"candlepin-selinux-0.7.24-1.el6_3\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"candlepin-tomcat6-0.7.24-1.el6_3\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"katello-common-1.2.1.1-1h.el6_4\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"katello-configure-1.2.3.1-4h.el6_4\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"katello-glue-candlepin-1.2.1.1-1h.el6_4\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"katello-headpin-1.2.1.1-1h.el6_4\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"katello-headpin-all-1.2.1.1-1h.el6_4\")) flag++;\nif (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"ruby-nokogiri-1.5.0-0.9.beta4.el6cf\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"rubygem-actionpack-3.0.10-12.el6cf\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"rubygem-activemodel-3.0.10-3.el6cf\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"rubygem-activemodel-doc-3.0.10-3.el6cf\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"rubygem-delayed_job-2.1.4-3.el6cf\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"rubygem-delayed_job-doc-2.1.4-3.el6cf\")) flag++;\nif (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"rubygem-json-1.7.3-2.el6_3\")) flag++;\nif (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"rubygem-json-debuginfo-1.7.3-2.el6_3\")) flag++;\nif (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"rubygem-nokogiri-1.5.0-0.9.beta4.el6cf\")) flag++;\nif (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"rubygem-nokogiri-debuginfo-1.5.0-0.9.beta4.el6cf\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"rubygem-nokogiri-doc-1.5.0-0.9.beta4.el6cf\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"rubygem-rack-1.3.0-4.el6cf\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"rubygem-rails_warden-0.5.5-2.el6cf\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"rubygem-rails_warden-doc-0.5.5-2.el6cf\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"rubygem-rdoc-3.8-6.el6cf\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"rubygem-rdoc-doc-3.8-6.el6cf\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"thumbslug-0.0.28.1-1.el6_4\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"thumbslug-selinux-0.0.28.1-1.el6_4\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:47:25", "description": "The remote host is affected by the vulnerability described in GLSA-201412-28 (Ruby on Rails: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Ruby on Rails. Please review the CVE identifiers referenced below for details.\n Impact :\n\n A remote attacker could execute arbitrary code or cause a Denial of Service condition. Furthermore, a remote attacker may be able to execute arbitrary SQL commands, change parameter names for form inputs and make changes to arbitrary records in the system, bypass intended access restrictions, render arbitrary views, inject arbitrary web script or HTML, or conduct cross-site request forgery (CSRF) attacks.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {"score": null, "vector": null}, "published": "2014-12-15T00:00:00", "type": "nessus", "title": "GLSA-201412-28 : Ruby on Rails: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3933", "CVE-2011-0446", "CVE-2011-0447", "CVE-2011-0448", "CVE-2011-0449", "CVE-2011-2929", "CVE-2011-2930", "CVE-2011-2931", "CVE-2011-2932", "CVE-2011-3186", "CVE-2013-0155", "CVE-2013-0156", "CVE-2013-0276", "CVE-2013-0277", "CVE-2013-0333", "CVE-2013-1854", "CVE-2013-1855", "CVE-2013-1856", "CVE-2013-1857"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:rails", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-201412-28.NASL", "href": "https://www.tenable.com/plugins/nessus/79981", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201412-28.\n#\n# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(79981);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2010-3933\", \"CVE-2011-0446\", \"CVE-2011-0447\", \"CVE-2011-0448\", \"CVE-2011-0449\", \"CVE-2011-2929\", \"CVE-2011-2930\", \"CVE-2011-2931\", \"CVE-2011-2932\", \"CVE-2011-3186\", \"CVE-2013-0155\", \"CVE-2013-0156\", \"CVE-2013-0276\", \"CVE-2013-0277\", \"CVE-2013-0333\", \"CVE-2013-1854\", \"CVE-2013-1855\", \"CVE-2013-1856\", \"CVE-2013-1857\");\n script_bugtraq_id(44124, 46291, 46292, 49179, 57187, 57192, 57575, 57896, 57898, 58549, 58552, 58554, 58555);\n script_xref(name:\"GLSA\", value:\"201412-28\");\n\n script_name(english:\"GLSA-201412-28 : Ruby on Rails: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201412-28\n(Ruby on Rails: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Ruby on Rails. Please\n review the CVE identifiers referenced below for details.\n \nImpact :\n\n A remote attacker could execute arbitrary code or cause a Denial of\n Service condition. Furthermore, a remote attacker may be able to execute\n arbitrary SQL commands, change parameter names for form inputs and make\n changes to arbitrary records in the system, bypass intended access\n restrictions, render arbitrary views, inject arbitrary web script or\n HTML, or conduct cross-site request forgery (CSRF) attacks.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201412-28\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Ruby on Rails 2.x users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-ruby/rails-2.3.18'\n NOTE: All applications using Ruby on Rails should also be configured to\n use the latest version available by running “rake rails:update”\n inside the application directory.\n NOTE: This is a legacy GLSA and stable updates for Ruby on Rails,\n including the unaffected version listed above, are no longer available\n from Gentoo. It may be possible to upgrade to the 3.2, 4.0, or 4.1\n branches, however these packages are not currently stable.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Ruby on Rails JSON Processor YAML Deserialization Code Execution');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:rails\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/12/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/12/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"dev-ruby/rails\", unaffected:make_list(\"ge 2.3.18\"), vulnerable:make_list(\"lt 2.3.18\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Ruby on Rails\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-10-16T14:55:23", "description": "The remote host is running a version of Mac OS X 10.6 or 10.7 that does not have Security Update 2013-002 applied. This update contains numerous security-related fixes for the following components :\n\n - CoreMedia Playback (10.7 only)\n - Directory Service (10.6 only)\n - OpenSSL\n - QuickDraw Manager\n - QuickTime\n - Ruby (10.6 only)\n - SMB (10.7 only)", "cvss3": {"score": null, "vector": null}, "published": "2013-06-05T00:00:00", "type": "nessus", "title": "Mac OS X Multiple Vulnerabilities (Security Update 2013-002)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1945", "CVE-2011-3207", "CVE-2011-3210", "CVE-2011-4108", "CVE-2011-4109", "CVE-2011-4576", "CVE-2011-4577", "CVE-2011-4619", "CVE-2012-0050", "CVE-2012-2110", "CVE-2012-2131", "CVE-2012-2333", "CVE-2012-4929", "CVE-2013-0155", "CVE-2013-0276", "CVE-2013-0277", "CVE-2013-0333", "CVE-2013-0975", "CVE-2013-0984", "CVE-2013-0986", "CVE-2013-0987", "CVE-2013-0988", "CVE-2013-0990", "CVE-2013-1024", "CVE-2013-1854", "CVE-2013-1855", "CVE-2013-1856", "CVE-2013-1857"], "modified": "2019-11-27T00:00:00", "cpe": ["cpe:/o:apple:mac_os_x"], "id": "MACOSX_SECUPD2013-002.NASL", "href": "https://www.tenable.com/plugins/nessus/66809", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\ninclude(\"compat.inc\");\n\n\nif (description)\n{\n script_id(66809);\n script_version(\"1.22\");\n script_cvs_date(\"Date: 2019/11/27\");\n\n script_cve_id(\n \"CVE-2011-1945\",\n \"CVE-2011-3207\",\n \"CVE-2011-3210\",\n \"CVE-2011-4108\",\n \"CVE-2011-4109\",\n \"CVE-2011-4576\",\n \"CVE-2011-4577\",\n \"CVE-2011-4619\",\n \"CVE-2012-0050\",\n \"CVE-2012-2110\",\n \"CVE-2012-2131\",\n \"CVE-2012-2333\",\n \"CVE-2012-4929\",\n \"CVE-2013-0155\",\n \"CVE-2013-0276\",\n \"CVE-2013-0277\",\n \"CVE-2013-0333\",\n \"CVE-2013-0975\",\n \"CVE-2013-0984\",\n \"CVE-2013-0986\",\n \"CVE-2013-0987\",\n \"CVE-2013-0988\",\n \"CVE-2013-0990\",\n \"CVE-2013-1024\",\n \"CVE-2013-1854\",\n \"CVE-2013-1855\",\n \"CVE-2013-1856\",\n \"CVE-2013-1857\"\n );\n script_bugtraq_id(\n 47888,\n 49469,\n 49471,\n 51281,\n 51563,\n 53158,\n 53212,\n 53476,\n 55704,\n 57192,\n 57575,\n 57896,\n 57898,\n 58549,\n 58552,\n 58554,\n 58555,\n 60099,\n 60100,\n 60328,\n 60365,\n 60368,\n 60369\n );\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2013-06-04-1\");\n script_xref(name:\"EDB-ID\", value:\"25974\");\n\n script_name(english:\"Mac OS X Multiple Vulnerabilities (Security Update 2013-002)\");\n script_summary(english:\"Check for the presence of Security Update 2013-002\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is missing a Mac OS X update that fixes several\nsecurity issues.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is running a version of Mac OS X 10.6 or 10.7 that\ndoes not have Security Update 2013-002 applied. This update contains\nnumerous security-related fixes for the following components :\n\n - CoreMedia Playback (10.7 only)\n - Directory Service (10.6 only)\n - OpenSSL\n - QuickDraw Manager\n - QuickTime\n - Ruby (10.6 only)\n - SMB (10.7 only)\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.zerodayinitiative.com/advisories/ZDI-13-111/\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.zerodayinitiative.com/advisories/ZDI-13-119/\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.zerodayinitiative.com/advisories/ZDI-13-150/\");\n script_set_attribute(attribute:\"see_also\", value:\"http://support.apple.com/kb/HT5784\");\n script_set_attribute(attribute:\"see_also\", value:\"http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.securityfocus.com/archive/1/526808/30/0/threaded\");\n script_set_attribute(attribute:\"solution\", value:\n\"Install Security Update 2013-002 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2013-0277\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Ruby on Rails JSON Processor YAML Deserialization Code Execution');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/05/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/06/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/06/05\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:apple:mac_os_x\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/MacOSX/Version\", \"Host/MacOSX/packages/boms\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nos = get_kb_item(\"Host/MacOSX/Version\");\nif (!os) audit(AUDIT_OS_NOT, \"Mac OS X\");\nif (!ereg(pattern:\"Mac OS X 10\\.[67]([^0-9]|$)\", string:os)) audit(AUDIT_OS_NOT, \"Mac OS X 10.6 / 10.7\");\nelse if (\"Mac OS X 10.6\" >< os && !ereg(pattern:\"Mac OS X 10\\.6($|\\.[0-8]([^0-9]|$))\", string:os)) exit(0, \"The remote host uses a version of Mac OS X Snow Leopard later than 10.6.8.\");\nelse if (\"Mac OS X 10.7\" >< os && !ereg(pattern:\"Mac OS X 10\\.7($|\\.[0-5]([^0-9]|$))\", string:os)) exit(0, \"The remote host uses a version of Mac OS X Lion later than 10.7.5.\");\n\npackages = get_kb_item_or_exit(\"Host/MacOSX/packages/boms\", exit_code:1);\nif (\n egrep(pattern:\"^com\\.apple\\.pkg\\.update\\.security(\\.10\\.[67]\\..+)?\\.(2013\\.00[2-9]|201[4-9]\\.[0-9]+)(\\.(snowleopard[0-9.]*|lion))?\\.bom\", string:packages)\n) exit(0, \"The host has Security Update 2013-002 or later installed and is therefore not affected.\");\nelse\n{\n if (report_verbosity > 0)\n {\n security_boms = egrep(pattern:\"^com\\.apple\\.pkg\\.update\\.security\", string:packages);\n\n report = '\\n Installed security updates : ';\n if (security_boms) report += str_replace(find:'\\n', replace:'\\n ', string:security_boms);\n else report += 'n/a';\n report += '\\n';\n\n security_hole(port:0, extra:report);\n }\n else security_hole(0);\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:29:42", "description": "Red Hat OpenShift Enterprise 1.1.1 is now available.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nOpenShift Enterprise is a cloud computing Platform-as-a-Service (PaaS) solution from Red Hat, and is designed for on-premise or private cloud deployments.\n\nInstalling the updated packages and restarting the OpenShift services are the only requirements for this update. However, if you are updating your system to Red Hat Enterprise Linux 6.4 while applying OpenShift Enterprise 1.1.1 updates, it is recommended that you restart your system.\n\nFor further information about this release, refer to the OpenShift Enterprise 1.1.1 Technical Notes, available shortly from https://access.redhat.com/knowledge/docs/\n\nThis update also fixes the following security issues :\n\nMultiple cross-site scripting (XSS) flaws were found in rubygem-actionpack. A remote attacker could use these flaws to conduct XSS attacks against users of an application using rubygem-actionpack.\n(CVE-2012-3463, CVE-2012-3464, CVE-2012-3465)\n\nIt was found that certain methods did not sanitize file names before passing them to lower layer routines in Ruby. If a Ruby application created files with names based on untrusted input, it could result in the creation of files with different names than expected.\n(CVE-2012-4522)\n\nA denial of service flaw was found in the implementation of associative arrays (hashes) in Ruby. An attacker able to supply a large number of inputs to a Ruby application (such as HTTP POST request parameters sent to a web application) that are used as keys when inserting data into an array could trigger multiple hash function collisions, making array operations take an excessive amount of CPU time. To mitigate this issue, a new, more collision resistant algorithm has been used to reduce the chance of an attacker successfully causing intentional collisions. (CVE-2012-5371)\n\nInput validation vulnerabilities were discovered in rubygem-activerecord. A remote attacker could possibly use these flaws to perform a SQL injection attack against an application using rubygem-activerecord. (CVE-2012-2661, CVE-2012-2695, CVE-2013-0155)\n\nInput validation vulnerabilities were discovered in rubygem-actionpack. A remote attacker could possibly use these flaws to perform a SQL injection attack against an application using rubygem-actionpack and rubygem-activerecord. (CVE-2012-2660, CVE-2012-2694)\n\nA flaw was found in the HTTP digest authentication implementation in rubygem-actionpack. A remote attacker could use this flaw to cause a denial of service of an application using rubygem-actionpack and digest authentication. (CVE-2012-3424)\n\nA flaw was found in the handling of strings in Ruby safe level 4. A remote attacker can use Exception#to_s to destructively modify an untainted string so that it is tainted, the string can then be arbitrarily modified. (CVE-2012-4466)\n\nA flaw was found in the method for translating an exception message into a string in the Ruby Exception class. A remote attacker could use this flaw to bypass safe level 4 restrictions, allowing untrusted (tainted) code to modify arbitrary, trusted (untainted) strings, which safe level 4 restrictions would otherwise prevent. (CVE-2012-4464)\n\nIt was found that ruby_parser from rubygem-ruby_parser created a temporary file in an insecure way. A local attacker could use this flaw to perform a symbolic link attack, overwriting arbitrary files accessible to the application using ruby_parser. (CVE-2013-0162)\n\nThe CVE-2013-0162 issue was discovered by Michael Scherer of the Red Hat Regional IT team.\n\nUsers are advised to upgrade to Red Hat OpenShift Enterprise 1.1.1.", "cvss3": {"score": null, "vector": null}, "published": "2018-12-06T00:00:00", "type": "nessus", "title": "RHEL 6 : openshift (RHSA-2013:0582)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2660", "CVE-2012-2661", "CVE-2012-2694", "CVE-2012-2695", "CVE-2012-3424", "CVE-2012-3463", "CVE-2012-3464", "CVE-2012-3465", "CVE-2012-4464", "CVE-2012-4466", "CVE-2012-4522", "CVE-2012-5371", "CVE-2013-0155", "CVE-2013-0162", "CVE-2013-0276"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:graphviz", "p-cpe:/a:redhat:enterprise_linux:graphviz-debuginfo", "p-cpe:/a:redhat:enterprise_linux:graphviz-devel", "p-cpe:/a:redhat:enterprise_linux:graphviz-doc", "p-cpe:/a:redhat:enterprise_linux:graphviz-gd", "p-cpe:/a:redhat:enterprise_linux:graphviz-ruby", "p-cpe:/a:redhat:enterprise_linux:openshift-console", "p-cpe:/a:redhat:enterprise_linux:openshift-origin-broker", "p-cpe:/a:redhat:enterprise_linux:openshift-origin-broker-util", "p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-cron-1.4", "p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-diy-0.1", "p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-haproxy-1.4", "p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-jbosseap-6.0", "p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-jbossews-1.0", "p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-jenkins-1.4", "p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-jenkins-client-1.4", "p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-mysql-5.1", "p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-perl-5.10", "p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-php-5.3", "p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-postgresql-8.4", "p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-ruby-1.8", "p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-ruby-1.9-scl", "p-cpe:/a:redhat:enterprise_linux:openshift-origin-msg-node-mcollective", "p-cpe:/a:redhat:enterprise_linux:php-bcmath", "p-cpe:/a:redhat:enterprise_linux:php-debuginfo", "p-cpe:/a:redhat:enterprise_linux:php-devel", "p-cpe:/a:redhat:enterprise_linux:php-imap", "p-cpe:/a:redhat:enterprise_linux:php-mbstring", "p-cpe:/a:redhat:enterprise_linux:php-process", "p-cpe:/a:redhat:enterprise_linux:ruby193-ruby", "p-cpe:/a:redhat:enterprise_linux:ruby193-ruby-debuginfo", "p-cpe:/a:redhat:enterprise_linux:ruby193-ruby-devel", "p-cpe:/a:redhat:enterprise_linux:ruby193-ruby-doc", "p-cpe:/a:redhat:enterprise_linux:ruby193-ruby-irb", "p-cpe:/a:redhat:enterprise_linux:ruby193-ruby-libs", "p-cpe:/a:redhat:enterprise_linux:ruby193-ruby-tcltk", "p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-actionpack", "p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-actionpack-doc", "p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-activemodel", "p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-activemodel-doc", "p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-activerecord", "p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-activerecord-doc", "p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-bigdecimal", "p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-io-console", "p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-json", "p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-minitest", "p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-railties", "p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-railties-doc", "p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-rake", "p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-rdoc", "p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-ruby_parser", "p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-ruby_parser-doc", "p-cpe:/a:redhat:enterprise_linux:ruby193-rubygems", "p-cpe:/a:redhat:enterprise_linux:ruby193-rubygems-devel", "p-cpe:/a:redhat:enterprise_linux:rubygem-actionpack", "p-cpe:/a:redhat:enterprise_linux:rubygem-activemodel", "p-cpe:/a:redhat:enterprise_linux:rubygem-activemodel-doc", "p-cpe:/a:redhat:enterprise_linux:rubygem-activerecord", "p-cpe:/a:redhat:enterprise_linux:rubygem-bson", "p-cpe:/a:redhat:enterprise_linux:rubygem-mongo", "p-cpe:/a:redhat:enterprise_linux:rubygem-mongo-doc", "p-cpe:/a:redhat:enterprise_linux:rubygem-openshift-origin-auth-remote-user", "p-cpe:/a:redhat:enterprise_linux:rubygem-openshift-origin-console", "p-cpe:/a:redhat:enterprise_linux:rubygem-openshift-origin-console-doc", "p-cpe:/a:redhat:enterprise_linux:rubygem-openshift-origin-controller", "p-cpe:/a:redhat:enterprise_linux:rubygem-openshift-origin-node", "p-cpe:/a:redhat:enterprise_linux:rubygem-ruby_parser", "p-cpe:/a:redhat:enterprise_linux:rubygem-ruby_parser-doc", "cpe:/o:redhat:enterprise_linux:6"], "id": "REDHAT-RHSA-2013-0582.NASL", "href": "https://www.tenable.com/plugins/nessus/119432", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2013:0582. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(119432);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-2660\", \"CVE-2012-2661\", \"CVE-2012-2694\", \"CVE-2012-2695\", \"CVE-2012-3424\", \"CVE-2012-3463\", \"CVE-2012-3464\", \"CVE-2012-3465\", \"CVE-2012-4464\", \"CVE-2012-4466\", \"CVE-2012-4522\", \"CVE-2012-5371\", \"CVE-2013-0155\", \"CVE-2013-0162\", \"CVE-2013-0276\");\n script_bugtraq_id(53753, 53754, 53970, 53976, 54704, 54957, 54958, 54959, 55757, 56115, 56484, 57192, 58110);\n script_xref(name:\"RHSA\", value:\"2013:0582\");\n\n script_name(english:\"RHEL 6 : openshift (RHSA-2013:0582)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Red Hat OpenShift Enterprise 1.1.1 is now available.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nOpenShift Enterprise is a cloud computing Platform-as-a-Service (PaaS)\nsolution from Red Hat, and is designed for on-premise or private cloud\ndeployments.\n\nInstalling the updated packages and restarting the OpenShift services\nare the only requirements for this update. However, if you are\nupdating your system to Red Hat Enterprise Linux 6.4 while applying\nOpenShift Enterprise 1.1.1 updates, it is recommended that you restart\nyour system.\n\nFor further information about this release, refer to the OpenShift\nEnterprise 1.1.1 Technical Notes, available shortly from\nhttps://access.redhat.com/knowledge/docs/\n\nThis update also fixes the following security issues :\n\nMultiple cross-site scripting (XSS) flaws were found in\nrubygem-actionpack. A remote attacker could use these flaws to conduct\nXSS attacks against users of an application using rubygem-actionpack.\n(CVE-2012-3463, CVE-2012-3464, CVE-2012-3465)\n\nIt was found that certain methods did not sanitize file names before\npassing them to lower layer routines in Ruby. If a Ruby application\ncreated files with names based on untrusted input, it could result in\nthe creation of files with different names than expected.\n(CVE-2012-4522)\n\nA denial of service flaw was found in the implementation of\nassociative arrays (hashes) in Ruby. An attacker able to supply a\nlarge number of inputs to a Ruby application (such as HTTP POST\nrequest parameters sent to a web application) that are used as keys\nwhen inserting data into an array could trigger multiple hash function\ncollisions, making array operations take an excessive amount of CPU\ntime. To mitigate this issue, a new, more collision resistant\nalgorithm has been used to reduce the chance of an attacker\nsuccessfully causing intentional collisions. (CVE-2012-5371)\n\nInput validation vulnerabilities were discovered in\nrubygem-activerecord. A remote attacker could possibly use these flaws\nto perform a SQL injection attack against an application using\nrubygem-activerecord. (CVE-2012-2661, CVE-2012-2695, CVE-2013-0155)\n\nInput validation vulnerabilities were discovered in\nrubygem-actionpack. A remote attacker could possibly use these flaws\nto perform a SQL injection attack against an application using\nrubygem-actionpack and rubygem-activerecord. (CVE-2012-2660,\nCVE-2012-2694)\n\nA flaw was found in the HTTP digest authentication implementation in\nrubygem-actionpack. A remote attacker could use this flaw to cause a\ndenial of service of an application using rubygem-actionpack and\ndigest authentication. (CVE-2012-3424)\n\nA flaw was found in the handling of strings in Ruby safe level 4. A\nremote attacker can use Exception#to_s to destructively modify an\nuntainted string so that it is tainted, the string can then be\narbitrarily modified. (CVE-2012-4466)\n\nA flaw was found in the method for translating an exception message\ninto a string in the Ruby Exception class. A remote attacker could use\nthis flaw to bypass safe level 4 restrictions, allowing untrusted\n(tainted) code to modify arbitrary, trusted (untainted) strings, which\nsafe level 4 restrictions would otherwise prevent. (CVE-2012-4464)\n\nIt was found that ruby_parser from rubygem-ruby_parser created a\ntemporary file in an insecure way. A local attacker could use this\nflaw to perform a symbolic link attack, overwriting arbitrary files\naccessible to the application using ruby_parser. (CVE-2013-0162)\n\nThe CVE-2013-0162 issue was discovered by Michael Scherer of the Red\nHat Regional IT team.\n\nUsers are advised to upgrade to Red Hat OpenShift Enterprise 1.1.1.\"\n );\n # https://access.redhat.com/knowledge/docs/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/documentation/en-us/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2013:0582\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-2660\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-3463\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-3465\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-3424\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-2661\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-2694\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-2695\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-3464\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-4522\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2013-0155\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-4464\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-5371\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-4466\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2013-0162\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2013-0276\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:graphviz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:graphviz-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:graphviz-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:graphviz-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:graphviz-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:graphviz-ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openshift-console\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openshift-origin-broker\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openshift-origin-broker-util\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-cron-1.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-diy-0.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-haproxy-1.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-jbosseap-6.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-jbossews-1.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-jenkins-1.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-jenkins-client-1.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-mysql-5.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-perl-5.10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-php-5.3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-postgresql-8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-ruby-1.8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-ruby-1.9-scl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openshift-origin-msg-node-mcollective\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-process\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby193-ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby193-ruby-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby193-ruby-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby193-ruby-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby193-ruby-irb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby193-ruby-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby193-ruby-tcltk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-actionpack\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-actionpack-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-activemodel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-activemodel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-activerecord\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-activerecord-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-bigdecimal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-io-console\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-minitest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-railties\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-railties-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-rake\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-rdoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-ruby_parser\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-ruby_parser-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby193-rubygems\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby193-rubygems-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygem-actionpack\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygem-activemodel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygem-activemodel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygem-activerecord\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygem-bson\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygem-mongo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygem-mongo-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygem-openshift-origin-auth-remote-user\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygem-openshift-origin-console\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygem-openshift-origin-console-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygem-openshift-origin-controller\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygem-openshift-origin-node\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygem-ruby_parser\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygem-ruby_parser-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/06/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/02/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/12/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2013:0582\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"graphviz-2.26.0-10.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"graphviz-debuginfo-2.26.0-10.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"graphviz-devel-2.26.0-10.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"graphviz-doc-2.26.0-10.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"graphviz-gd-2.26.0-10.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"graphviz-ruby-2.26.0-10.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"openshift-console-0.0.16-1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"openshift-origin-broker-1.0.11-1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"openshift-origin-broker-util-1.0.15-1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"openshift-origin-cartridge-cron-1.4-1.0.3-1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"openshift-origin-cartridge-diy-0.1-1.0.3-1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"openshift-origin-cartridge-haproxy-1.4-1.0.4-1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"openshift-origin-cartridge-jbosseap-6.0-1.0.4-1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"openshift-origin-cartridge-jbossews-1.0-1.0.13-1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"openshift-origin-cartridge-jenkins-1.4-1.0.2-1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"openshift-origin-cartridge-jenkins-client-1.4-1.0.2-1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"openshift-origin-cartridge-mysql-5.1-1.0.5-1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"openshift-origin-cartridge-perl-5.10-1.0.3-1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"openshift-origin-cartridge-php-5.3-1.0.5-1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"openshift-origin-cartridge-postgresql-8.4-1.0.3-2.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"openshift-origin-cartridge-ruby-1.8-1.0.7-1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"openshift-origin-cartridge-ruby-1.9-scl-1.0.8-1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"openshift-origin-msg-node-mcollective-1.0.3-1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"php-bcmath-5.3.3-22.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"php-debuginfo-5.3.3-22.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"php-devel-5.3.3-22.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"php-imap-5.3.3-22.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"php-mbstring-5.3.3-22.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"php-process-5.3.3-22.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"ruby193-ruby-1.9.3.327-25.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"ruby193-ruby-debuginfo-1.9.3.327-25.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"ruby193-ruby-devel-1.9.3.327-25.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"ruby193-ruby-doc-1.9.3.327-25.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"ruby193-ruby-irb-1.9.3.327-25.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"ruby193-ruby-libs-1.9.3.327-25.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"ruby193-ruby-tcltk-1.9.3.327-25.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"ruby193-rubygem-actionpack-3.2.8-3.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"ruby193-rubygem-actionpack-doc-3.2.8-3.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"ruby193-rubygem-activemodel-3.2.8-2.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"ruby193-rubygem-activemodel-doc-3.2.8-2.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"ruby193-rubygem-activerecord-3.2.8-3.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"ruby193-rubygem-activerecord-doc-3.2.8-3.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"ruby193-rubygem-bigdecimal-1.1.0-25.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"ruby193-rubygem-io-console-0.3-25.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"ruby193-rubygem-json-1.5.4-25.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"ruby193-rubygem-minitest-2.5.1-25.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"ruby193-rubygem-railties-3.2.8-2.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"ruby193-rubygem-railties-doc-3.2.8-2.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"ruby193-rubygem-rake-0.9.2.2-25.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"ruby193-rubygem-rdoc-3.9.4-25.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"ruby193-rubygem-ruby_parser-2.3.1-3.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"ruby193-rubygem-ruby_parser-doc-2.3.1-3.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"ruby193-rubygems-1.8.23-25.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"ruby193-rubygems-devel-1.8.23-25.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"rubygem-actionpack-3.0.13-4.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"rubygem-activemodel-3.0.13-3.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"rubygem-activemodel-doc-3.0.13-3.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"rubygem-activerecord-3.0.13-5.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"rubygem-bson-1.8.1-2.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"rubygem-mongo-1.8.1-2.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"rubygem-mongo-doc-1.8.1-2.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"rubygem-openshift-origin-auth-remote-user-1.0.5-1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"rubygem-openshift-origin-console-1.0.10-1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"rubygem-openshift-origin-console-doc-1.0.10-1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"rubygem-openshift-origin-controller-1.0.12-1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"rubygem-openshift-origin-node-1.0.11-1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"rubygem-ruby_parser-2.0.4-6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"rubygem-ruby_parser-doc-2.0.4-6.el6\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"graphviz / graphviz-debuginfo / graphviz-devel / graphviz-doc / etc\");\n }\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "debian": [{"lastseen": "2021-10-22T17:19:19", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2620-1 security@debian.org\nhttp://www.debian.org/security/ Florian Weimer\nFebruary 12, 2013 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : rails\nVulnerability : several\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2013-0276 CVE-2013-0277\n\nTwo vulnerabilities were discovered in Ruby on Rails, a Ruby framework\nfor web application development.\n\nCVE-2013-0276\n\tThe blacklist provided by the attr_protected method could be\n\tbypassed with crafted requests, having an application-specific\n\timpact.\n\nCVE-2013-0277\n\tIn some applications, the +serialize+ helper in ActiveRecord\n\tcould be tricked into deserializing arbitrary YAML data,\n\tpossibly leading to remote code execution.\n\nFor the stable distribution (squeeze), these problems have been fixed\nin version 2.3.5-1.2+squeeze7.\n\nWe recommend that you upgrade your rails packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {}, "published": "2013-02-12T21:09:50", "type": "debian", "title": "[SECURITY] [DSA 2620-1] rails security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0276", "CVE-2013-0277"], "modified": "2013-02-12T21:09:50", "id": "DEBIAN:DSA-2620-1:C2977", "href": "https://lists.debian.org/debian-security-announce/2013/msg00025.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "openvas": [{"lastseen": "2019-05-29T18:38:08", "description": "Two vulnerabilities were discovered in Ruby on Rails, a Ruby framework\nfor web application development.\n\nCVE-2013-0276\nThe blacklist provided by the attr_protected method could be\nbypassed with crafted requests, having an application-specific\nimpact.\n\nCVE-2013-0277\nIn some applications, the +serialize+ helper in ActiveRecord\ncould be tricked into deserializing arbitrary YAML data,\npossibly leading to remote code execution.", "cvss3": {}, "published": "2013-02-12T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2620-1 (rails - several vulnerabilities)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0276", "CVE-2013-0277"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:1361412562310892620", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310892620", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2620.nasl 14276 2019-03-18 14:43:56Z cfischer $\n# Auto-generated from advisory DSA 2620-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.892620\");\n script_version(\"$Revision: 14276 $\");\n script_cve_id(\"CVE-2013-0276\", \"CVE-2013-0277\");\n script_name(\"Debian Security Advisory DSA 2620-1 (rails - several vulnerabilities)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:43:56 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-02-12 00:00:00 +0100 (Tue, 12 Feb 2013)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2013/dsa-2620.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB6\");\n script_tag(name:\"affected\", value:\"rails on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (squeeze), these problems have been fixed\nin version 2.3.5-1.2+squeeze7.\n\nWe recommend that you upgrade your rails packages.\");\n script_tag(name:\"summary\", value:\"Two vulnerabilities were discovered in Ruby on Rails, a Ruby framework\nfor web application development.\n\nCVE-2013-0276\nThe blacklist provided by the attr_protected method could be\nbypassed with crafted requests, having an application-specific\nimpact.\n\nCVE-2013-0277\nIn some applications, the +serialize+ helper in ActiveRecord\ncould be tricked into deserializing arbitrary YAML data,\npossibly leading to remote code execution.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"libactionmailer-ruby\", ver:\"2.3.5-1.2+squeeze7\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libactionmailer-ruby1.8\", ver:\"2.3.5-1.2+squeeze7\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libactionpack-ruby\", ver:\"2.3.5-1.2+squeeze7\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libactionpack-ruby1.8\", ver:\"2.3.5-1.2+squeeze7\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libactiverecord-ruby\", ver:\"2.3.5-1.2+squeeze7\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libactiverecord-ruby1.8\", ver:\"2.3.5-1.2+squeeze7\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libactiverecord-ruby1.9.1\", ver:\"2.3.5-1.2+squeeze7\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libactiveresource-ruby\", ver:\"2.3.5-1.2+squeeze7\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libactiveresource-ruby1.8\", ver:\"2.3.5-1.2+squeeze7\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libactivesupport-ruby\", ver:\"2.3.5-1.2+squeeze7\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libactivesupport-ruby1.8\", ver:\"2.3.5-1.2+squeeze7\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libactivesupport-ruby1.9.1\", ver:\"2.3.5-1.2+squeeze7\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"rails\", ver:\"2.3.5-1.2+squeeze7\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"rails-doc\", ver:\"2.3.5-1.2+squeeze7\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"rails-ruby1.8\", ver:\"2.3.5-1.2+squeeze7\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-24T12:51:38", "description": "Two vulnerabilities were discovered in Ruby on Rails, a Ruby framework\nfor web application development.\n\nCVE-2013-0276 \nThe blacklist provided by the attr_protected method could be\nbypassed with crafted requests, having an application-specific\nimpact.\n\nCVE-2013-0277 \nIn some applications, the +serialize+ helper in ActiveRecord\ncould be tricked into deserializing arbitrary YAML data,\npossibly leading to remote code execution.", "cvss3": {}, "published": "2013-02-12T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2620-1 (rails - several vulnerabilities)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0276", "CVE-2013-0277"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:892620", "href": "http://plugins.openvas.org/nasl.php?oid=892620", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2620.nasl 6611 2017-07-07 12:07:20Z cfischer $\n# Auto-generated from advisory DSA 2620-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\n\ntag_affected = \"rails on Debian Linux\";\ntag_insight = \"Rails is a full-stack, open-source web framework in Ruby for writing\nreal-world applications.\";\ntag_solution = \"For the stable distribution (squeeze), these problems have been fixed\nin version 2.3.5-1.2+squeeze7.\n\nWe recommend that you upgrade your rails packages.\";\ntag_summary = \"Two vulnerabilities were discovered in Ruby on Rails, a Ruby framework\nfor web application development.\n\nCVE-2013-0276 \nThe blacklist provided by the attr_protected method could be\nbypassed with crafted requests, having an application-specific\nimpact.\n\nCVE-2013-0277 \nIn some applications, the +serialize+ helper in ActiveRecord\ncould be tricked into deserializing arbitrary YAML data,\npossibly leading to remote code execution.\";\ntag_vuldetect = \"This check tests the installed software version using the apt package manager.\";\n\nif(description)\n{\n script_id(892620);\n script_version(\"$Revision: 6611 $\");\n script_cve_id(\"CVE-2013-0276\", \"CVE-2013-0277\");\n script_name(\"Debian Security Advisory DSA 2620-1 (rails - several vulnerabilities)\");\n script_tag(name: \"last_modification\", value:\"$Date: 2017-07-07 14:07:20 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name: \"creation_date\", value:\"2013-02-12 00:00:00 +0100 (Tue, 12 Feb 2013)\");\n script_tag(name: \"cvss_base\", value:\"10.0\");\n script_tag(name: \"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2013/dsa-2620.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: tag_affected);\n script_tag(name: \"insight\", value: tag_insight);\n# script_tag(name: \"impact\", value: tag_impact);\n script_tag(name: \"solution\", value: tag_solution);\n script_tag(name: \"summary\", value: tag_summary);\n script_tag(name: \"vuldetect\", value: tag_vuldetect);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libactionmailer-ruby\", ver:\"2.3.5-1.2+squeeze7\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libactionmailer-ruby1.8\", ver:\"2.3.5-1.2+squeeze7\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libactionpack-ruby\", ver:\"2.3.5-1.2+squeeze7\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libactionpack-ruby1.8\", ver:\"2.3.5-1.2+squeeze7\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libactiverecord-ruby\", ver:\"2.3.5-1.2+squeeze7\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libactiverecord-ruby1.8\", ver:\"2.3.5-1.2+squeeze7\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libactiverecord-ruby1.9.1\", ver:\"2.3.5-1.2+squeeze7\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libactiveresource-ruby\", ver:\"2.3.5-1.2+squeeze7\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libactiveresource-ruby1.8\", ver:\"2.3.5-1.2+squeeze7\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libactivesupport-ruby\", ver:\"2.3.5-1.2+squeeze7\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libactivesupport-ruby1.8\", ver:\"2.3.5-1.2+squeeze7\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libactivesupport-ruby1.9.1\", ver:\"2.3.5-1.2+squeeze7\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"rails\", ver:\"2.3.5-1.2+squeeze7\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"rails-doc\", ver:\"2.3.5-1.2+squeeze7\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"rails-ruby1.8\", ver:\"2.3.5-1.2+squeeze7\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-18T11:08:54", "description": "Check for the Version of rubygem-activemodel", "cvss3": {}, "published": "2013-02-22T00:00:00", "type": "openvas", "title": "Fedora Update for rubygem-activemodel FEDORA-2013-2398", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0276"], "modified": "2018-01-18T00:00:00", "id": "OPENVAS:865364", "href": "http://plugins.openvas.org/nasl.php?oid=865364", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for rubygem-activemodel FEDORA-2013-2398\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\ntag_affected = \"rubygem-activemodel on Fedora 18\";\ntag_insight = \"Rich support for attributes, callbacks, validations, observers,\n serialization, internationalization, and testing. It provides a known\n set of interfaces for usage in model classes. It also helps building\n custom ORMs for use outside of the Rails framework.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2013-February/099035.html\");\n script_id(865364);\n script_version(\"$Revision: 8456 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-18 07:58:40 +0100 (Thu, 18 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-02-22 09:58:30 +0530 (Fri, 22 Feb 2013)\");\n script_cve_id(\"CVE-2013-0276\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_xref(name: \"FEDORA\", value: \"2013-2398\");\n script_name(\"Fedora Update for rubygem-activemodel FEDORA-2013-2398\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of rubygem-activemodel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC18\")\n{\n\n if ((res = isrpmvuln(pkg:\"rubygem-activemodel\", rpm:\"rubygem-activemodel~3.2.8~2.fc18\", rls:\"FC18\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2019-05-29T18:38:27", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2013-02-22T00:00:00", "type": "openvas", "title": "Fedora Update for rubygem-activemodel FEDORA-2013-2398", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0276"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310865364", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310865364", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for rubygem-activemodel FEDORA-2013-2398\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2013-February/099035.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.865364\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-02-22 09:58:30 +0530 (Fri, 22 Feb 2013)\");\n script_cve_id(\"CVE-2013-0276\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_xref(name:\"FEDORA\", value:\"2013-2398\");\n script_name(\"Fedora Update for rubygem-activemodel FEDORA-2013-2398\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'rubygem-activemodel'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC18\");\n script_tag(name:\"affected\", value:\"rubygem-activemodel on Fedora 18\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC18\")\n{\n\n if ((res = isrpmvuln(pkg:\"rubygem-activemodel\", rpm:\"rubygem-activemodel~3.2.8~2.fc18\", rls:\"FC18\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:37:27", "description": "This host is running Apple Mac OS X and\n is prone to buffer overflow vulnerability.", "cvss3": {}, "published": "2014-01-20T00:00:00", "type": "openvas", "title": "Apple Mac OS X Directory Service Remote Buffer Overflow Vulnerability", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-1854", "CVE-2013-0276", "CVE-2013-1856", "CVE-2013-0984", "CVE-2013-1855", "CVE-2013-0277", "CVE-2013-0155", "CVE-2013-0333", "CVE-2013-1857"], "modified": "2019-05-03T00:00:00", "id": "OPENVAS:1361412562310804062", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310804062", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_apple_macosx_bof_vuln_jan14.nasl 30092 2014-01-20 20:19:58Z Jan$\n#\n# Apple Mac OS X Directory Service Remote Buffer Overflow Vulnerability\n#\n# Authors:\n# Thanga Prakash S <tprakash@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.804062\");\n script_version(\"2019-05-03T08:55:39+0000\");\n script_cve_id(\"CVE-2013-0984\", \"CVE-2013-0155\", \"CVE-2013-0276\", \"CVE-2013-0277\",\n \"CVE-2013-0333\", \"CVE-2013-1854\", \"CVE-2013-1855\", \"CVE-2013-1856\",\n \"CVE-2013-1857\");\n script_bugtraq_id(60328);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-05-03 08:55:39 +0000 (Fri, 03 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2014-01-20 20:19:58 +0530 (Mon, 20 Jan 2014)\");\n script_name(\"Apple Mac OS X Directory Service Remote Buffer Overflow Vulnerability\");\n\n script_tag(name:\"summary\", value:\"This host is running Apple Mac OS X and\n is prone to buffer overflow vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are due to improper\n handling of network messages and multiple errors in ruby on rails.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow\n attackers to, execute arbitrary code or cause a denial of service.\");\n\n script_tag(name:\"affected\", value:\"Apple Mac OS X version 10.6.8\");\n\n script_tag(name:\"solution\", value:\"Apply the Mac Security Update 2013-002. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"http://support.apple.com/kb/HT5784\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Mac OS X Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/osx_name\", \"ssh/login/osx_version\", re:\"ssh/login/osx_version=^10\\.6\\.8\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"ssh_func.inc\");\n\nosName = get_kb_item(\"ssh/login/osx_name\");\nif(!osName || \"Mac OS X\" >!< osName)\n exit(0);\n\nosVer = get_kb_item(\"ssh/login/osx_version\");\nif(!osVer)\n exit(0);\n\nif(osVer == \"10.6.8\")\n{\n buildVer = get_kb_item(\"ssh/login/osx_build\");\n if(!buildVer){\n exit(0);\n }\n\n if(version_is_less(version:buildVer, test_version:\"10K1115\"))\n {\n osVer = osVer + \" Build \" + buildVer;\n report = report_fixed_ver(installed_version:osVer, fixed_version:\"Apply security update 2013-002 from vendor\");\n security_message(data:report);\n exit(0);\n }\n exit(99);\n}\n\nexit(0);", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:37:52", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2013-02-22T00:00:00", "type": "openvas", "title": "Fedora Update for rubygem-activemodel FEDORA-2013-2391", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0276", "CVE-2013-0156", "CVE-2013-0155"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310865378", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310865378", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for rubygem-activemodel FEDORA-2013-2391\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2013-February/099036.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.865378\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-02-22 09:59:54 +0530 (Fri, 22 Feb 2013)\");\n script_cve_id(\"CVE-2013-0276\", \"CVE-2013-0155\", \"CVE-2013-0156\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"FEDORA\", value:\"2013-2391\");\n script_name(\"Fedora Update for rubygem-activemodel FEDORA-2013-2391\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'rubygem-activemodel'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC17\");\n script_tag(name:\"affected\", value:\"rubygem-activemodel on Fedora 17\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"rubygem-activemodel\", rpm:\"rubygem-activemodel~3.0.11~3.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-25T10:51:37", "description": "Check for the Version of rubygem-activemodel", "cvss3": {}, "published": "2013-02-22T00:00:00", "type": "openvas", "title": "Fedora Update for rubygem-activemodel FEDORA-2013-2391", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0276", "CVE-2013-0156", "CVE-2013-0155"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:865378", "href": "http://plugins.openvas.org/nasl.php?oid=865378", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for rubygem-activemodel FEDORA-2013-2391\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\ntag_affected = \"rubygem-activemodel on Fedora 17\";\ntag_insight = \"Rich support for attributes, callbacks, validations, observers,\n serialization, internationalization, and testing. It provides a known\n set of interfaces for usage in model classes. It also helps building\n custom ORMs for use outside of the Rails framework.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2013-February/099036.html\");\n script_id(865378);\n script_version(\"$Revision: 6628 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:32:47 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-02-22 09:59:54 +0530 (Fri, 22 Feb 2013)\");\n script_cve_id(\"CVE-2013-0276\", \"CVE-2013-0155\", \"CVE-2013-0156\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2013-2391\");\n script_name(\"Fedora Update for rubygem-activemodel FEDORA-2013-2391\");\n\n script_summary(\"Check for the Version of rubygem-activemodel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"rubygem-activemodel\", rpm:\"rubygem-activemodel~3.0.11~3.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:38:09", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2013-02-22T00:00:00", "type": "openvas", "title": "Fedora Update for rubygem-activerecord FEDORA-2013-2351", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2695", "CVE-2012-6496", "CVE-2012-2661", "CVE-2013-0277", "CVE-2013-0155"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310865365", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310865365", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for rubygem-activerecord FEDORA-2013-2351\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2013-February/099026.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.865365\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-02-22 09:58:32 +0530 (Fri, 22 Feb 2013)\");\n script_cve_id(\"CVE-2013-0277\", \"CVE-2013-0155\", \"CVE-2012-6496\", \"CVE-2012-2695\", \"CVE-2012-2661\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"FEDORA\", value:\"2013-2351\");\n script_name(\"Fedora Update for rubygem-activerecord FEDORA-2013-2351\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'rubygem-activerecord'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC17\");\n script_tag(name:\"affected\", value:\"rubygem-activerecord on Fedora 17\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"rubygem-activerecord\", rpm:\"rubygem-activerecord~3.0.11~6.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2018-01-26T11:10:09", "description": "Check for the Version of rubygem-activerecord", "cvss3": {}, "published": "2013-02-22T00:00:00", "type": "openvas", "title": "Fedora Update for rubygem-activerecord FEDORA-2013-2351", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2695", "CVE-2012-6496", "CVE-2012-2661", "CVE-2013-0277", "CVE-2013-0155"], "modified": "2018-01-26T00:00:00", "id": "OPENVAS:865365", "href": "http://plugins.openvas.org/nasl.php?oid=865365", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for rubygem-activerecord FEDORA-2013-2351\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\ntag_affected = \"rubygem-activerecord on Fedora 17\";\ntag_insight = \"Implements the ActiveRecord pattern (Fowler, PoEAA) for ORM. It ties database\n tables and classes together for business objects, like Customer or\n Subscription, that can find, save, and destroy themselves without resorting to\n manual SQL.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2013-February/099026.html\");\n script_id(865365);\n script_version(\"$Revision: 8542 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-26 07:57:28 +0100 (Fri, 26 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-02-22 09:58:32 +0530 (Fri, 22 Feb 2013)\");\n script_cve_id(\"CVE-2013-0277\", \"CVE-2013-0155\", \"CVE-2012-6496\", \"CVE-2012-2695\", \"CVE-2012-2661\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2013-2351\");\n script_name(\"Fedora Update for rubygem-activerecord FEDORA-2013-2351\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of rubygem-activerecord\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"rubygem-activerecord\", rpm:\"rubygem-activerecord~3.0.11~6.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:36:12", "description": "Gentoo Linux Local Security Checks GLSA 201412-28", "cvss3": {}, "published": "2015-09-29T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201412-28", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-1854", "CVE-2013-0276", "CVE-2011-0449", "CVE-2011-2932", "CVE-2013-0156", "CVE-2013-1856", "CVE-2013-1855", "CVE-2011-0448", "CVE-2011-3186", "CVE-2011-2929", "CVE-2013-0277", "CVE-2010-3933", "CVE-2013-0155", "CVE-2011-2931", "CVE-2011-2930", "CVE-2013-0333", "CVE-2011-0446", "CVE-2013-1857", "CVE-2011-0447"], "modified": "2018-10-26T00:00:00", "id": "OPENVAS:1361412562310121314", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310121314", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: glsa-201412-28.nasl 12128 2018-10-26 13:35:25Z cfischer $\n#\n# Gentoo Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.121314\");\n script_version(\"$Revision: 12128 $\");\n script_tag(name:\"creation_date\", value:\"2015-09-29 11:28:16 +0300 (Tue, 29 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-26 15:35:25 +0200 (Fri, 26 Oct 2018) $\");\n script_name(\"Gentoo Security Advisory GLSA 201412-28\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities have been discovered in Ruby on Rails. Please review the CVE identifiers referenced below for details.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://security.gentoo.org/glsa/201412-28\");\n script_cve_id(\"CVE-2010-3933\", \"CVE-2011-0446\", \"CVE-2011-0447\", \"CVE-2011-0448\", \"CVE-2011-0449\", \"CVE-2011-2929\", \"CVE-2011-2930\", \"CVE-2011-2931\", \"CVE-2011-2932\", \"CVE-2011-3186\", \"CVE-2013-0155\", \"CVE-2013-0156\", \"CVE-2013-0276\", \"CVE-2013-0277\", \"CVE-2013-0333\", \"CVE-2013-1854\", \"CVE-2013-1855\", \"CVE-2013-1856\", \"CVE-2013-1857\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Gentoo Linux Local Security Checks GLSA 201412-28\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Gentoo Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\n\nif((res=ispkgvuln(pkg:\"dev-ruby/rails\", unaffected: make_list(\"ge 2.3.18\"), vulnerable: make_list(\"lt 2.3.18\"))) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "threatpost": [{"lastseen": "2018-10-06T23:01:19", "description": "Web app framework Ruby on Rails patched two security flaws this week in the open source framework that could have led to denial of service attacks and remote execution vulnerabilities.\n\nWith builds 3.2.12, 3.1.11 and 2.3.17, the framework fixed a serialized attributes YAML vulnerability ([CVE-2013-0277](<https://groups.google.com/forum/?fromgroups=#!topic/rubyonrails-security/KtmwSbEpzrU>)) that could have let developers give users access to the +serialize+ helper in ActiveRecord. From there an attacker could have used a specially crafted request to trick the function into deserializing arbitrary YAML data, potentially leading to remote code execution.\n\nThe update also fixes another problem ([CVE-2013-0276](<https://groups.google.com/forum/?fromgroups=#!topic/rubyonrails-security/AFBKNY7VSH8>)) in the framework\u2019s ActiveRecord function, this one with its attr_protected method. Attackers could have bypassed the protection and alter values that were meant to be protected, according to an alert issued by Ruby on Rails contributer Aaron Patterson on Monday.\n\nUsers of the framework are encouraged to apply the new patches \u2013 available [here](<http://weblog.rubyonrails.org/2013/2/11/SEC-ANN-Rails-3-2-12-3-1-11-and-2-3-17-have-been-released/>) \u2013 and when it comes to the second vulnerability, are advised to replace the attr_protected whitelist with the attr_accessible whitelist, which isn\u2019t vulnerable\n\nA [post on Ruby on Rails\u2019 blog](<http://weblog.rubyonrails.org/2013/2/11/SEC-ANN-Rails-3-2-12-3-1-11-and-2-3-17-have-been-released/>) notes that a new JavaScript Object Notation (JSON) gem was also released this week. That gem contains a security fix for a flaw ([CVE-2013-0269](<https://groups.google.com/forum/?fromgroups=#!topic/rubyonrails-security/4_YvCpLzL58>)) could\u2019ve allowed denial of service attacks and \u201cbe used as a spring board\u201d for SQL injection attacks, according to a subsequent alert.\n\nIt was only two weeks ago that Ruby on Rails patched [its last JSON vulnerability](<https://threatpost.com/some-versions-ruby-rails-vulnerable-new-parsing-attack-012913/>), a problem that stemmed from the way the function parsed YAML code.\n", "cvss3": {}, "published": "2013-02-13T17:51:57", "type": "threatpost", "title": "Ruby on Rails Patches DoS, Remote Execution Flaws", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2013-0269", "CVE-2013-0276", "CVE-2013-0277"], "modified": "2013-05-13T17:28:13", "id": "THREATPOST:4578050E70C81D137F2430D701799EDA", "href": "https://threatpost.com/ruby-rails-patches-dos-remote-execution-flaws-021313/77525/", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:50", "description": "PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.", "edition": 1, "cvss3": {}, "published": "2013-02-18T00:00:00", "title": "Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2011-4969", "CVE-2013-0276", "CVE-2012-6446", "CVE-2013-0277", "CVE-2012-6445"], "modified": "2013-02-18T00:00:00", "id": "SECURITYVULNS:VULN:12899", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:12899", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2021-06-08T19:03:08", "description": "Information leakage, memory corruption on graphics and video formats parsing, privilege escalation, different libraries vulnerabilities.", "edition": 2, "cvss3": {}, "published": "2013-06-17T00:00:00", "title": "Apple Mac OS X multiple security vulnerabilities", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2013-0989", "CVE-2013-0975", "CVE-2013-1854", "CVE-2013-0276", "CVE-2013-0982", "CVE-2013-1856", "CVE-2013-0984", "CVE-2013-1855", "CVE-2013-0983", "CVE-2013-0985", "CVE-2012-5519", "CVE-2012-4929", "CVE-2013-0986", "CVE-2013-0990", "CVE-2013-0277", "CVE-2013-0155", "CVE-2013-0987", "CVE-2013-0333", "CVE-2013-1857", "CVE-2013-0988", "CVE-2013-1024"], "modified": "2013-06-17T00:00:00", "id": "SECURITYVULNS:VULN:13126", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:13126", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:48", "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nAPPLE-SA-2013-06-04-1 OS X Mountain Lion v10.8.4 and Security Update\r\n2013-002\r\n\r\nOS X Mountain Lion v10.8.4 and Security Update 2013-002 is now\r\navailable and addresses the following:\r\n\r\nCFNetwork\r\nAvailable for: OS X Mountain Lion v10.8 to v10.8.3\r\nImpact: An attacker with access to a user's session may be able to\r\nlog into previously accessed sites, even if Private Browsing was used\r\nDescription: Permanent cookies were saved after quitting Safari,\r\neven when Private Browsing was enabled. This issue was addressed by\r\nimproved handling of cookies.\r\nCVE-ID\r\nCVE-2013-0982 : Alexander Traud of www.traud.de\r\n\r\nCoreAnimation\r\nAvailable for: OS X Mountain Lion v10.8 to v10.8.3\r\nImpact: Visiting a maliciously crafted site may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: An unbounded stack allocation issue existed in the\r\nhandling of text glyphs. This could be triggered by maliciously\r\ncrafted URLs in Safari. The issue was addressed through improved\r\nbounds checking.\r\nCVE-ID\r\nCVE-2013-0983 : David Fifield of Stanford University, Ben Syverson\r\n\r\nCoreMedia Playback\r\nAvailable for: OS X Lion v10.7 to v10.7.5,\r\nOS X Lion Server v10.7 to v10.7.5,\r\nOS X Mountain Lion v10.8 to v10.8.3\r\nImpact: Viewing a maliciously crafted movie file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: An uninitialized memory access issue existed in the\r\nhandling of text tracks. This issue was addressed by additional\r\nvalidation of text tracks.\r\nCVE-ID\r\nCVE-2013-1024 : Richard Kuo and Billy Suguitan of Triemt Corporation\r\n\r\nCUPS\r\nAvailable for: OS X Mountain Lion v10.8 to v10.8.3\r\nImpact: A local user in the lpadmin group may be able to read or\r\nwrite arbitrary files with system privileges\r\nDescription: A privilege escalation issue existed in the handling of\r\nCUPS configuration via the CUPS web interface. A local user in the\r\nlpadmin group may be able to read or write arbitrary files with\r\nsystem privileges. This issue was addressed by moving certain\r\nconfiguration directives to cups-files.conf, which can not be\r\nmodified from the CUPS web interface.\r\nCVE-ID\r\nCVE-2012-5519\r\n\r\nDirectory Service\r\nAvailable for: Mac OS X 10.6.8, Mac OS X Server 10.6.8\r\nImpact: A remote attacker may execute arbitrary code with system\r\nprivileges on systems with Directory Service enabled\r\nDescription: An issue existed in the directory server's handling of\r\nmessages from the network. By sending a maliciously crafted message,\r\na remote attacker could cause the directory server to terminate or\r\nexecute arbitrary code with system privileges. This issue was\r\naddressed through improved bounds checking. This issue does not\r\naffect OS X Lion or OS X Mountain Lion systems.\r\nCVE-ID\r\nCVE-2013-0984 : Nicolas Economou of Core Security\r\n\r\nDisk Management\r\nAvailable for: OS X Mountain Lion v10.8 to v10.8.3\r\nImpact: A local user may disable FileVault\r\nDescription: A local user who is not an administrator may disable\r\nFileVault using the command-line. This issue was addressed by adding\r\nadditional authentication.\r\nCVE-ID\r\nCVE-2013-0985\r\n\r\nOpenSSL\r\nAvailable for: Mac OS X 10.6.8, Mac OS X Server 10.6.8,\r\nOS X Lion v10.7 to v10.7.5, OS X Lion Server v10.7 to v10.7.5,\r\nOS X Mountain Lion v10.8 to v10.8.3\r\nImpact: An attacker may be able to decrypt data protected by SSL\r\nDescription: There were known attacks on the confidentiality of TLS\r\n1.0 when compression was enabled. This issue was addressed by\r\ndisabling compression in OpenSSL.\r\nCVE-ID\r\nCVE-2012-4929 : Juliano Rizzo and Thai Duong\r\n\r\nOpenSSL\r\nAvailable for: Mac OS X 10.6.8, Mac OS X Server 10.6.8,\r\nOS X Lion v10.7 to v10.7.5, OS X Lion Server v10.7 to v10.7.5,\r\nOS X Mountain Lion v10.8 to v10.8.3\r\nImpact: Multiple vulnerabilities in OpenSSL\r\nDescription: OpenSSL was updated to version 0.9.8x to address\r\nmultiple vulnerabilities, which may lead to denial of service or\r\ndisclosure of a private key. Further information is available via the\r\nOpenSSL website at http://www.openssl.org/news/\r\nCVE-ID\r\nCVE-2011-1945\r\nCVE-2011-3207\r\nCVE-2011-3210\r\nCVE-2011-4108\r\nCVE-2011-4109\r\nCVE-2011-4576\r\nCVE-2011-4577\r\nCVE-2011-4619\r\nCVE-2012-0050\r\nCVE-2012-2110\r\nCVE-2012-2131\r\nCVE-2012-2333\r\n\r\nQuickDraw Manager\r\nAvailable for: OS X Lion v10.7 to v10.7.5,\r\nOS X Lion Server v10.7 to v10.7.5,\r\nOS X Mountain Lion v10.8 to v10.8.2\r\nImpact: Opening a maliciously crafted PICT image may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A buffer overflow existed in the handling of PICT\r\nimages. This issue was addressed through improved bounds checking.\r\nCVE-ID\r\nCVE-2013-0975 : Tobias Klein working with HP's Zero Day Initiative\r\n\r\nQuickTime\r\nAvailable for: Mac OS X 10.6.8, Mac OS X Server 10.6.8,\r\nOS X Lion v10.7 to v10.7.5, OS X Lion Server v10.7 to v10.7.5,\r\nOS X Mountain Lion v10.8 to v10.8.3\r\nImpact: Viewing a maliciously crafted movie file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A buffer overflow existed in the handling of 'enof'\r\natoms. This issue was addressed through improved bounds checking.\r\nCVE-ID\r\nCVE-2013-0986 : Tom Gallagher (Microsoft) & Paul Bates (Microsoft)\r\nworking with HP's Zero Day Initiative\r\n\r\nQuickTime\r\nAvailable for: Mac OS X 10.6.8, Mac OS X Server 10.6.8,\r\nOS X Lion v10.7 to v10.7.5, OS X Lion Server v10.7 to v10.7.5,\r\nOS X Mountain Lion v10.8 to v10.8.3\r\nImpact: Viewing a maliciously crafted QTIF file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A memory corruption issue existed in the handling of\r\nQTIF files. This issue was addressed through improved bounds\r\nchecking.\r\nCVE-ID\r\nCVE-2013-0987 : roob working with iDefense VCP\r\n\r\nQuickTime\r\nAvailable for: Mac OS X 10.6.8, Mac OS X Server 10.6.8,\r\nOS X Lion v10.7 to v10.7.5, OS X Lion Server v10.7 to v10.7.5,\r\nOS X Mountain Lion v10.8 to v10.8.3\r\nImpact: Viewing a maliciously crafted FPX file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A buffer overflow existed in the handling of FPX files.\r\nThis issue was addressed through improved bounds checking.\r\nCVE-ID\r\nCVE-2013-0988 : G. Geshev working with HP's Zero Day Initiative\r\n\r\nQuickTime\r\nAvailable for: OS X Mountain Lion v10.8 to v10.8.3\r\nImpact: Playing a maliciously crafted MP3 file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A buffer overflow existed in the handling of MP3 files.\r\nThis issue was addressed through improved bounds checking.\r\nCVE-ID\r\nCVE-2013-0989 : G. Geshev working with HP's Zero Day Initiative\r\n\r\nRuby\r\nAvailable for: Mac OS X 10.6.8, Mac OS X Server 10.6.8\r\nImpact: Multiple vulnerabilities in Ruby on Rails\r\nDescription: Multiple vulnerabilities existed in Ruby on Rails, the\r\nmost serious of which may lead to arbitrary code execution on systems\r\nrunning Ruby on Rails applications. These issues were addressed by\r\nupdating Ruby on Rails to version 2.3.18. This issue may affect OS X\r\nLion or OS X Mountain Lion systems that were upgraded from Mac OS X\r\n10.6.8 or earlier. Users can update affected gems on such systems by\r\nusing the /usr/bin/gem utility.\r\nCVE-ID\r\nCVE-2013-0155\r\nCVE-2013-0276\r\nCVE-2013-0277\r\nCVE-2013-0333\r\nCVE-2013-1854\r\nCVE-2013-1855\r\nCVE-2013-1856\r\nCVE-2013-1857\r\n\r\nSMB\r\nAvailable for: OS X Lion v10.7 to v10.7.5,\r\nOS X Lion Server v10.7 to v10.7.5,\r\nOS X Mountain Lion v10.8 to v10.8.3\r\nImpact: An authenticated user may be able to write files outside the\r\nshared directory\r\nDescription: If SMB file sharing is enabled, an authenticated user\r\nmay be able to write files outside the shared directory. This issue\r\nwas addressed through improved access control.\r\nCVE-ID\r\nCVE-2013-0990 : Ward van Wanrooij\r\n\r\nNote: Starting with OS X 10.8.4, Java Web Start (i.e. JNLP)\r\napplications downloaded from the Internet need to be signed with\r\na Developer ID certificate. Gatekeeper will check downloaded\r\nJava Web Start applications for a signature and block such\r\napplications from launching if they are not properly signed.\r\n\r\nNote: OS X Mountain Lion v10.8.4 includes the content of\r\nSafari 6.0.5. For further details see "About the security content\r\nof Safari 6.0.5" at http://http//support.apple.com/kb/HT5785\r\n\r\nOS X Mountain Lion v10.8.4 and Security Update 2013-002 may be\r\nobtained from the Software Update pane in System Preferences,\r\nor Apple's Software Downloads web site:\r\nhttp://www.apple.com/support/downloads/\r\n\r\nThe Software Update utility will present the update that applies\r\nto your system configuration. Only one is needed, either\r\nOS X Mountain Lion v10.8.4, or Security Update\r\n2013-002.\r\n\r\nFor OS X Mountain Lion v10.8.3\r\nThe download file is named: OSXUpd10.8.4.dmg\r\nIts SHA-1 digest is: 9cf99aa1293cefdac0fb9a24ea133c80f8237b5e\r\n\r\nFor OS X Mountain Lion v10.8 and v10.8.2\r\nThe download file is named: OSXUpdCombo10.8.4.dmg\r\nIts SHA-1 digest is: 3c95d0c8d0c7f43339a5f4e137e386dd5fe409c3\r\n\r\nFor OS X Lion v10.7.5\r\nThe download file is named: SecUpd2013-002.dmg\r\nIts SHA-1 digest is: cfc3bd0941d7c5838aee9e92ee087d78abff3ce7\r\n\r\nFor OS X Lion Server v10.7.5\r\nThe download file is named: SecUpdSrvr2013-002.dmg\r\nIts SHA-1 digest is: 34dff575a145e13404e7a2ee8a390d3e7c56fb5e\r\n\r\nFor Mac OS X v10.6.8\r\nThe download file is named: SecUpd2013-002.dmg\r\nIts SHA-1 digest is: 5da54b38ffb8c147925c3018a8f5bf30ad4ac5b1\r\n\r\nFor Mac OS X Server v10.6.8\r\nThe download file is named: SecUpdSrvr2013-002.dmg\r\nIts SHA-1 digest is: b20271f019930fe894c2247a6d5e05f00568b583\r\n\r\nInformation will also be posted to the Apple Security Updates\r\nweb site: http://support.apple.com/kb/HT1222\r\n\r\nThis message is signed with Apple's Product Security PGP key,\r\nand details are available at:\r\nhttps://www.apple.com/support/security/pgp/\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG/MacGPG2 v2.0.17 (Darwin)\r\nComment: GPGTools - http://gpgtools.org\r\n\r\niQIcBAEBAgAGBQJRrjkiAAoJEPefwLHPlZEwW+AP/0x/cHS3VPY0/a98Xpmdfkdb\r\neo9Ns5FKw6mIkUftrN6qwNAgFXWqQXNIbJ3q8ZnoxcFPakhYyPSp4XowpR79l7kG\r\nB2ZrdTx9aIn2bfHZ+h4cE8XnVL8qUDz2RxFopOGbb+wpJxl8/fehDmWokC5wCeF5\r\nN7mnwW2s37QL73BmAMRdi6CYcJCKwhZWGFWmqiNvpFlUP+kcjU/UM1MAzOu0xsiA\r\nPD6NrWeUOWfFrcQgx/pspWGvrFyV4FLu+0wQBl9f/DiQNrwVXIr85rHtah+b1NCU\r\npteSxQwb4kRojXdPm4+I3LKoghzGR8xD6+Xl6KdYgReSW89Di4bKM3WpbRLqhRuq\r\n8kv38Gk3/vZDfAnuNQX09dE6EgJ0DVu86SoRQZ1iYRQoLrizVsOvyVQUojZhT47t\r\n6l44L/5cNJd7EcaC8hdmr44cCZdMPDEqoKzn2BavH62WYXbZMPlHBDo/H2ujUUec\r\ni7XU7LA1Upw57X4wmIUU4QrlBhNBh39yRKh3katAklayFBjOMEyyL57gURvd6O77\r\ngFOQpUQ6kgqwgQCrtNT6R96igfyu7cVxYW7XchZDHgA3n/YWOAVvXkVeeQ5OUGzC\r\nO0UYLMBpPka31yfWP23QaXpV+LW462raI6LnMvRP1245RhokTTThZw6/9xochK2V\r\n+VoeoamqaQqZGyOiObbU\r\n=vG2v\r\n-----END PGP SIGNATURE-----\r\n", "edition": 1, "cvss3": {}, "published": "2013-06-17T00:00:00", "title": "APPLE-SA-2013-06-04-1 OS X Mountain Lion v10.8.4 and Security Update 2013-002", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2011-3210", "CVE-2013-0989", "CVE-2012-2333", "CVE-2013-0975", "CVE-2012-2131", "CVE-2013-1854", "CVE-2011-4108", "CVE-2013-0276", "CVE-2013-0982", "CVE-2011-4576", "CVE-2013-1856", "CVE-2013-0984", "CVE-2011-4577", "CVE-2013-1855", "CVE-2013-0983", "CVE-2011-4619", "CVE-2013-0985", "CVE-2012-5519", "CVE-2012-4929", "CVE-2013-0986", "CVE-2012-0050", "CVE-2013-0990", "CVE-2013-0277", "CVE-2013-0155", "CVE-2012-2110", "CVE-2013-0987", "CVE-2011-3207", "CVE-2013-0333", "CVE-2013-1857", "CVE-2013-0988", "CVE-2011-4109", "CVE-2011-1945", "CVE-2013-1024"], "modified": "2013-06-17T00:00:00", "id": "SECURITYVULNS:DOC:29464", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:29464", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "debiancve": [{"lastseen": "2022-05-02T07:34:12", "description": "ActiveRecord in Ruby on Rails before 2.3.17, 3.1.x before 3.1.11, and 3.2.x before 3.2.12 allows remote attackers to bypass the attr_protected protection mechanism and modify protected model attributes via a crafted request.", "cvss3": {}, "published": "2013-02-13T01:55:00", "type": "debiancve", "title": "CVE-2013-0276", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0276"], "modified": "2013-02-13T01:55:00", "id": "DEBIANCVE:CVE-2013-0276", "href": "https://security-tracker.debian.org/tracker/CVE-2013-0276", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-05-02T07:34:12", "description": "ActiveRecord in Ruby on Rails before 2.3.17 and 3.x before 3.1.0 allows remote attackers to cause a denial of service or execute arbitrary code via crafted serialized attributes that cause the +serialize+ helper to deserialize arbitrary YAML.", "cvss3": {}, "published": "2013-02-13T01:55:00", "type": "debiancve", "title": "CVE-2013-0277", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0277"], "modified": "2013-02-13T01:55:00", "id": "DEBIANCVE:CVE-2013-0277", "href": "https://security-tracker.debian.org/tracker/CVE-2013-0277", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "freebsd": [{"lastseen": "2022-01-19T15:51:33", "description": "\n\nAaron Patterson reports:\n\nThe attr_protected method allows developers to specify a blacklist\n\t of model attributes which users should not be allowed to assign to.\n\t By using a specially crafted request, attackers could circumvent\n\t this protection and alter values that were meant to be protected.\nAll users running an affected release should either upgrade or use\n\t one of the work arounds immediately. Users should also consider\n\t switching from attr_protected to the whitelist method\n\t attr_accessible which is not vulnerable to this attack.\n\n\n", "cvss3": {}, "published": "2013-02-11T00:00:00", "type": "freebsd", "title": "Ruby Activemodel Gem -- Circumvention of attr_protected", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0276"], "modified": "2013-02-11T00:00:00", "id": "BEAB40BF-C1CA-4D2B-AD46-2F14BAC8A968", "href": "https://vuxml.freebsd.org/freebsd/beab40bf-c1ca-4d2b-ad46-2f14bac8a968.html", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "fedora": [{"lastseen": "2020-12-21T08:17:51", "description": "Rich support for attributes, callbacks, validations, observers, serialization, internationalization, and testing. It provides a known set of interfaces for usage in model classes. It also helps building custom ORMs for use outside of the Rails framework. ", "edition": 2, "cvss3": {}, "published": "2013-02-21T05:37:58", "type": "fedora", "title": "[SECURITY] Fedora 18 Update: rubygem-activemodel-3.2.8-2.fc18", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0276"], "modified": "2013-02-21T05:37:58", "id": "FEDORA:C3FBF20AD7", "href": "", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-12-21T08:17:51", "description": "Rich support for attributes, callbacks, validations, observers, serialization, internationalization, and testing. It provides a known set of interfaces for usage in model classes. It also helps building custom ORMs for use outside of the Rails framework. ", "edition": 2, "cvss3": {}, "published": "2013-02-21T05:38:11", "type": "fedora", "title": "[SECURITY] Fedora 17 Update: rubygem-activemodel-3.0.11-3.fc17", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0155", "CVE-2013-0156", "CVE-2013-0276"], "modified": "2013-02-21T05:38:11", "id": "FEDORA:6035420AD7", "href": "", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:51", "description": "Implements the ActiveRecord pattern (Fowler, PoEAA) for ORM. It ties databa se tables and classes together for business objects, like Customer or Subscription, that can find, save, and destroy themselves without resorting to manual SQL. ", "edition": 2, "cvss3": {}, "published": "2013-02-21T05:33:12", "type": "fedora", "title": "[SECURITY] Fedora 17 Update: rubygem-activerecord-3.0.11-6.fc17", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-2661", "CVE-2012-2695", "CVE-2012-6496", "CVE-2013-0155", "CVE-2013-0277"], "modified": "2013-02-21T05:33:12", "id": "FEDORA:A683320E82", "href": "", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "ubuntucve": [{"lastseen": "2021-11-22T21:54:02", "description": "ActiveRecord in Ruby on Rails before 2.3.17, 3.1.x before 3.1.11, and 3.2.x\nbefore 3.2.12 allows remote attackers to bypass the attr_protected\nprotection mechanism and modify protected model attributes via a crafted\nrequest.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[mdeslaur](<https://launchpad.net/~mdeslaur>) | in Oneiric+, rails package is just for transition\n", "cvss3": {}, "published": "2013-02-13T00:00:00", "type": "ubuntucve", "title": "CVE-2013-0276", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0276"], "modified": "2013-02-13T00:00:00", "id": "UB:CVE-2013-0276", "href": "https://ubuntu.com/security/CVE-2013-0276", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-11-22T21:54:02", "description": "ActiveRecord in Ruby on Rails before 2.3.17 and 3.x before 3.1.0 allows\nremote attackers to cause a denial of service or execute arbitrary code via\ncrafted serialized attributes that cause the +serialize+ helper to\ndeserialize arbitrary YAML.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[mdeslaur](<https://launchpad.net/~mdeslaur>) | in Oneiric+, rails package is just for transition\n", "cvss3": {}, "published": "2013-02-13T00:00:00", "type": "ubuntucve", "title": "CVE-2013-0277", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0277"], "modified": "2013-02-13T00:00:00", "id": "UB:CVE-2013-0277", "href": "https://ubuntu.com/security/CVE-2013-0277", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "seebug": [{"lastseen": "2017-11-19T17:46:17", "description": "BUGTRAQ ID: 57896\r\nCVE(CAN) ID: CVE-2013-0276\r\n\r\nRuby on Rails\u7b80\u79f0RoR\u6216Rails\uff0c\u662f\u4e00\u4e2a\u4f7f\u7528Ruby\u8bed\u8a00\u5199\u7684\u5f00\u6e90Web\u5e94\u7528\u6846\u67b6\uff0c\u5b83\u662f\u4e25\u683c\u6309\u7167MVC\u7ed3\u6784\u5f00\u53d1\u7684\u3002\r\n\r\nRuby on Rails 3.2.12, 3.1.11, 2.3.17\u4e4b\u524d\u7248\u672c\u5728ActiveRecord\u7684 "attr_protected" \u65b9\u6cd5\u4e2d\u5b58\u5728\u9519\u8bef\uff0c\u6ca1\u6709\u6b63\u786e\u9650\u5236\u8bbf\u95ee\u6a21\u5757\u5c5e\u6027\u7684\u9ed1\u540d\u5355\uff0c\u901a\u8fc7\u7279\u5236\u7684\u8bf7\u6c42\uff0c\u53ef\u5bfc\u81f4\u975e\u6cd5\u4fee\u6539\u67d0\u4e9b\u503c\u3002\r\n0\r\nRuby on Rails 3.2.x\r\nRuby on Rails 3.1.x\r\nRuby on Rails 2.3.x\r\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nRuby on Rails\r\n-------------\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\nhttp://www.rubyonrails.com/", "cvss3": {}, "published": "2013-03-07T00:00:00", "title": "Ruby on Rails \u8fdc\u7a0b\u5b89\u5168\u7ed5\u8fc7\u6f0f\u6d1e(CVE-2013-0276)", "type": "seebug", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2013-0276"], "modified": "2013-03-07T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-60662", "id": "SSV:60662", "sourceData": "", "sourceHref": "", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2017-11-19T17:46:15", "description": "BUGTRAQ ID: 57898\r\nCVE(CAN) ID: CVE-2013-0277\r\n\r\nRuby on Rails\u7b80\u79f0RoR\u6216Rails\uff0c\u662f\u4e00\u4e2a\u4f7f\u7528Ruby\u8bed\u8a00\u5199\u7684\u5f00\u6e90Web\u5e94\u7528\u6846\u67b6\uff0c\u5b83\u662f\u4e25\u683c\u6309\u7167MVC\u7ed3\u6784\u5f00\u53d1\u7684\u3002\r\n\r\nRuby on Rails 3.x\u30012.3.x\u4e2d\u7684\u6d3b\u52a8\u8bb0\u5f55\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u901a\u8fc7\u7279\u5236\u7684\u5e8f\u5217\u5316\u5c5e\u6027\u9020\u6210\u62d2\u7edd\u670d\u52a1\u6216\u6267\u884c\u4efb\u610f\u4ee3\u7801\uff0c\u8fd9\u4e9b\u7279\u5236\u7684\u5c5e\u6027\u53ef\u9020\u6210+serialize+ helper\u53cd\u5e8f\u5217\u5316\u4efb\u610fYAML\u3002\r\n0\r\nRuby on Rails 3.2.x\r\nRuby on Rails 3.1.x\r\nRuby on Rails 2.3.x\r\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nRuby on Rails\r\n-------------\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\nhttp://www.rubyonrails.com/", "cvss3": {}, "published": "2013-03-07T00:00:00", "title": "Ruby on Rails \u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e(CVE-2013-0277)", "type": "seebug", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2013-0277"], "modified": "2013-03-07T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-60663", "id": "SSV:60663", "sourceData": "", "sourceHref": "", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "cve": [{"lastseen": "2022-03-23T11:53:25", "description": "ActiveRecord in Ruby on Rails before 2.3.17, 3.1.x before 3.1.11, and 3.2.x before 3.2.12 allows remote attackers to bypass the attr_protected protection mechanism and modify protected model attributes via a crafted request.", "cvss3": {}, "published": "2013-02-13T01:55:00", "type": "cve", "title": "CVE-2013-0276", "cwe": ["CWE-264"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0276"], "modified": "2019-08-08T15:42:00", "cpe": ["cpe:/a:rubyonrails:rails:3.1.8", "cpe:/a:rubyonrails:rails:3.1.3", "cpe:/a:rubyonrails:rails:3.2.0", "cpe:/a:rubyonrails:rails:3.1.9", "cpe:/a:rubyonrails:rails:3.2.4", "cpe:/a:rubyonrails:rails:3.1.2", "cpe:/a:rubyonrails:rails:3.1.4", "cpe:/a:rubyonrails:rails:3.2.7", "cpe:/a:rubyonrails:rails:3.1.10", "cpe:/a:rubyonrails:rails:3.2.6", "cpe:/a:rubyonrails:rails:3.2.5", "cpe:/a:rubyonrails:rails:2.3.11", "cpe:/a:rubyonrails:rails:3.2.11", "cpe:/a:rubyonrails:rails:3.2.2", "cpe:/a:rubyonrails:rails:2.3.15", "cpe:/a:rubyonrails:rails:2.3.3", "cpe:/a:rubyonrails:rails:3.2.9", "cpe:/a:rubyonrails:rails:2.3.16", "cpe:/a:rubyonrails:rails:3.1.7", "cpe:/a:rubyonrails:rails:2.3.1", "cpe:/a:rubyonrails:rails:2.3.12", "cpe:/a:rubyonrails:rails:3.1.0", "cpe:/a:rubyonrails:rails:2.3.14", "cpe:/a:rubyonrails:rails:2.3.2", "cpe:/a:rubyonrails:rails:3.2.1", "cpe:/a:rubyonrails:rails:2.3.4", "cpe:/a:rubyonrails:rails:2.3.10", "cpe:/a:rubyonrails:rails:3.1.1", "cpe:/a:rubyonrails:rails:2.3.0", "cpe:/a:rubyonrails:rails:2.3.13", "cpe:/a:rubyonrails:rails:3.2.3", "cpe:/a:rubyonrails:rails:2.3.9", "cpe:/a:rubyonrails:rails:3.2.10", "cpe:/a:rubyonrails:rails:3.2.8", "cpe:/a:rubyonrails:rails:3.1.6", "cpe:/a:rubyonrails:rails:3.1.5"], "id": "CVE-2013-0276", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0276", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:rubyonrails:rails:3.2.3:rc1:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.1.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:2.3.11:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:2.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.1.0:rc6:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.1.0:rc5:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:2.3.10:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.2.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.2.8:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:2.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:2.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.1.7:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.2.10:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.1.9:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.2.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:2.3.13:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.2.7:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.1.2:rc2:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.1.0:rc4:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.1.5:rc1:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.1.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:2.3.12:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.1.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.2.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.1.8:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:2.3.15:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.1.1:rc2:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.2.4:rc1:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.1.0:beta1:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.1.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:2.3.14:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.2.9:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.1.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.1.0:rc8:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:2.3.16:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.2.3:rc2:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:2.3.9:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.2.6:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.1.0:rc7:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.1.4:rc1:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.1.1:rc3:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:2.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:2.3.4:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.2.11:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.1.10:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T11:53:25", "description": "ActiveRecord in Ruby on Rails before 2.3.17 and 3.x before 3.1.0 allows remote attackers to cause a denial of service or execute arbitrary code via crafted serialized attributes that cause the +serialize+ helper to deserialize arbitrary YAML.", "cvss3": {}, "published": "2013-02-13T01:55:00", "type": "cve", "title": "CVE-2013-0277", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0277"], "modified": "2019-08-08T15:42:00", "cpe": ["cpe:/a:rubyonrails:rails:3.0.5", "cpe:/a:rubyonrails:rails:3.0.13", "cpe:/a:rubyonrails:rails:3.0.0", "cpe:/a:rubyonrails:rails:2.3.11", "cpe:/a:rubyonrails:rails:3.0.7", "cpe:/a:rubyonrails:ruby_on_rails:3.0.4", "cpe:/a:rubyonrails:rails:3.0.17", "cpe:/a:rubyonrails:rails:3.0.20", "cpe:/a:rubyonrails:rails:3.0.9", "cpe:/a:rubyonrails:rails:2.3.3", "cpe:/a:rubyonrails:rails:2.3.15", "cpe:/a:rubyonrails:rails:3.0.8", "cpe:/a:rubyonrails:rails:3.0.14", "cpe:/a:rubyonrails:rails:3.0.1", "cpe:/a:rubyonrails:rails:3.0.18", "cpe:/a:rubyonrails:rails:2.3.16", "cpe:/a:rubyonrails:rails:2.3.1", "cpe:/a:rubyonrails:rails:2.3.12", "cpe:/a:rubyonrails:rails:3.0.19", "cpe:/a:rubyonrails:rails:3.0.6", "cpe:/a:rubyonrails:rails:2.3.14", "cpe:/a:rubyonrails:rails:2.3.2", "cpe:/a:rubyonrails:rails:2.3.4", "cpe:/a:rubyonrails:rails:2.3.10", "cpe:/a:rubyonrails:rails:3.0.3", "cpe:/a:rubyonrails:rails:2.3.0", "cpe:/a:rubyonrails:rails:3.0.12", "cpe:/a:rubyonrails:rails:2.3.13", "cpe:/a:rubyonrails:rails:2.3.9", "cpe:/a:rubyonrails:rails:3.0.10", "cpe:/a:rubyonrails:rails:3.0.2", "cpe:/a:rubyonrails:rails:3.0.16", "cpe:/a:rubyonrails:rails:3.0.11", "cpe:/a:rubyonrails:rails:3.0.4"], "id": "CVE-2013-0277", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0277", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:rubyonrails:rails:2.3.11:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.7:rc1:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:2.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:2.3.10:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:ruby_on_rails:3.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:2.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:2.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.8:rc1:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.16:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.13:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:2.3.13:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.9:rc3:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.8:rc3:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.9:rc4:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.0:rc:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.18:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.0:beta3:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.1:pre:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.0:beta4:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.6:rc2:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:2.3.12:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.8:rc2:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.14:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.12:rc1:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.9:rc1:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.6:rc1:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.5:rc1:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.0:beta2:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:2.3.15:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.17:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.13:rc1:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:2.3.14:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.0:beta:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.7:rc2:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.2:pre:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.10:rc1:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:2.3.16:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:2.3.9:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.8:rc4:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.9:rc5:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.20:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.4:rc1:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.9:rc2:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:2.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.19:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:2.3.4:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.12:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.8:*:*:*:*:*:*:*"]}], "github": [{"lastseen": "2022-05-13T12:33:38", "description": "ActiveRecord in Ruby on Rails before 2.3.17, 3.1.x before 3.1.11, and 3.2.x before 3.2.12 allows remote attackers to bypass the attr_protected protection mechanism and modify protected model attributes via a crafted request.", "cvss3": {}, "published": "2017-10-24T18:33:37", "type": "github", "title": "Moderate severity vulnerability that affects activerecord", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0276"], "modified": "2021-09-13T12:44:07", "id": "GHSA-GR44-7GRC-37VQ", "href": "https://github.com/advisories/GHSA-gr44-7grc-37vq", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-05-13T12:33:38", "description": "ActiveRecord in Ruby on Rails before 2.3.17 and 3.x before 3.1.0 allows remote attackers to cause a denial of service or execute arbitrary code via crafted serialized attributes that cause the +serialize+ helper to deserialize arbitrary YAML.", "cvss3": {}, "published": "2017-10-24T18:33:37", "type": "github", "title": "Critical severity vulnerability that affects activerecord", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0277"], "modified": "2021-12-02T22:36:52", "id": "GHSA-FHJ9-CJJH-27VM", "href": "https://github.com/advisories/GHSA-fhj9-cjjh-27vm", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "osv": [{"lastseen": "2022-05-18T05:35:22", "description": "ActiveRecord in Ruby on Rails before 2.3.17, 3.1.x before 3.1.11, and 3.2.x before 3.2.12 allows remote attackers to bypass the attr_protected protection mechanism and modify protected model attributes via a crafted request.", "cvss3": {}, "published": "2017-10-24T18:33:37", "type": "osv", "title": "Moderate severity vulnerability that affects activerecord", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0276"], "modified": "2022-05-18T04:19:13", "id": "OSV:GHSA-GR44-7GRC-37VQ", "href": "https://osv.dev/vulnerability/GHSA-gr44-7grc-37vq", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-05-18T05:36:29", "description": "ActiveRecord in Ruby on Rails before 2.3.17 and 3.x before 3.1.0 allows remote attackers to cause a denial of service or execute arbitrary code via crafted serialized attributes that cause the +serialize+ helper to deserialize arbitrary YAML.", "cvss3": {}, "published": "2017-10-24T18:33:37", "type": "osv", "title": "Critical severity vulnerability that affects activerecord", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0277"], "modified": "2022-05-18T04:17:47", "id": "OSV:GHSA-FHJ9-CJJH-27VM", "href": "https://osv.dev/vulnerability/GHSA-fhj9-cjjh-27vm", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "suse": [{"lastseen": "2016-09-04T12:13:40", "description": "The Ruby on Rails stack has been updated to 2.3.17 to fix\n various security issues and bugs.\n\n The rails gems have been updated to fix:\n\n * Unsafe Query Generation Risk in Ruby on Rails\n (CVE-2013-0155)\n * Multiple vulnerabilities in parameter parsing in\n Action Pack (CVE-2013-0156)\n * activerecord: SQL Injection (CVE-2012-5664)\n * rails: Vulnerability in JSON Parser in Ruby on Rails\n 3.0 and 2.3 (CVE-2013-0333)\n * activerecord: Circumvention of attr_protected\n (CVE-2013-0276)\n * activerecord: Serialized Attributes YAML\n Vulnerability with Rails 2.3 and 3.0 (CVE-2013-0277)\n", "cvss3": {}, "published": "2013-03-19T18:04:46", "type": "suse", "title": "Security update for Ruby On Rails (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2013-0276", "CVE-2013-0156", "CVE-2013-0277", "CVE-2013-0155", "CVE-2013-0333", "CVE-2012-5664"], "modified": "2013-03-19T18:04:46", "id": "SUSE-SU-2013:0486-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00035.html", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T11:49:16", "description": "The Ruby on Rails stack has been updated to 2.3.17 to fix\n various security issues and bugs.\n\n The rails gems were updated to fix:\n\n * Unsafe Query Generation Risk in Ruby on Rails\n (CVE-2013-0155)\n * Multiple vulnerabilities in parameter parsing in\n Action Pack (CVE-2013-0156)\n * SQL Injection Vulnerability in Active Record\n (CVE-2012-5664)\n * rails: Vulnerability in JSON Parser in Ruby on Rails\n 3.0 and 2.3 (CVE-2013-0333)\n * activerecord: Circumvention of attr_protected\n (CVE-2013-0276)\n * activerecord: Serialized Attributes YAML\n Vulnerability with Rails 2.3 and 3.0 (CVE-2013-0277)\n", "cvss3": {}, "published": "2013-04-03T20:06:19", "type": "suse", "title": "Security update for Ruby on Rails (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2013-0276", "CVE-2013-0156", "CVE-2013-0277", "CVE-2013-0155", "CVE-2013-0333", "CVE-2012-5664"], "modified": "2013-04-03T20:06:19", "id": "SUSE-SU-2013:0606-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00000.html", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "rubygems": [{"lastseen": "2022-03-17T15:51:30", "description": "ActiveRecord in Ruby on Rails before 2.3.17, 3.1.x before 3.1.11, and 3.2.x before 3.2.12 allows remote attackers to bypass the attr_protected protection mechanism and modify protected model attributes via a crafted request.", "cvss3": {}, "published": "2013-02-11T00:00:00", "type": "rubygems", "title": "CVE-2013-0276 rubygem-activerecord/rubygem-activemodel: circumvention of attr_protected", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["2013-0276", "CVE-2013-0276"], "modified": "2013-02-11T00:00:00", "id": "RUBY:ACTIVERECORD-2013-0276-90072", "href": "https://rubysec.com/advisories/2013-0276/", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-03-17T15:51:30", "description": "ActiveRecord in Ruby on Rails before 2.3.17 and 3.x before 3.1.0 allows remote attackers to cause a denial of service or execute arbitrary code via crafted serialized attributes that cause the +serialize+ helper to deserialize arbitrary YAML.", "cvss3": {}, "published": "2013-02-11T00:00:00", "type": "rubygems", "title": "CVE-2013-0277 rubygem-activerecord: Serialized Attributes YAML Vulnerability with Rails 2.3 and 3.0", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["2013-0277", "CVE-2013-0277"], "modified": "2013-02-11T00:00:00", "id": "RUBY:ACTIVERECORD-2013-0277-90073", "href": "https://rubysec.com/advisories/2013-0277/", "cvss": {"score": 0.0, "vector": "NONE"}}], "redhat": [{"lastseen": "2021-10-19T20:36:52", "description": "Red Hat Subscription Asset Manager acts as a proxy for handling\nsubscription information and software updates on client machines.\n\nThe latest packages for Subscription Asset Manager include a number of security\nfixes:\n\nWhen a Subscription Asset Manager instance is created, its configuration\nscript automatically creates an RPM of the internal subscription service \nCA certificate. However, this RPM incorrectly created the CA certificate\nwith file permissions of 0666. This allowed other users on a client system\nto modify the CA certificate used to trust the remote subscription server.\nAll administrators are advised to update and deploy the subscription\nservice certificate on all systems which use Subscription Asset Manager\nas their subscription service. This procedure is described in:\nhttps://access.redhat.com/knowledge/docs/en-US/Red_Hat_Subscription_Asset_Manager/1.2/html/Installation_Guide/sect-Installation_Guide-Administration-Upgrading_Subscription_Asset_Manager.html\n(CVE-2012-6116)\n\nManifest signature checking was not implemented for early versions of \nSubscription Asset Manager. This meant that a malicious user could edit\na manifest file, insert arbitrary data, and successfully upload the edited\nmanifest file into the Subscription Asset Manager server. (CVE-2012-6119)\n\nRuby's documentation generator had a flaw in the way it generated HTML\ndocumentation. When a Ruby application exposed its documentation\non a network (such as a web page), an attacker could use a specially-\ncrafted URL to open an arbitrary web script or to execute HTML code\nwithin the application's user session. (CVE-2013-0256)\n\nA timing attack flaw was found in the way rubygem-rack and\nruby193-rubygem-rack processed HMAC digests in cookies. This flaw could aid\nan attacker using forged digital signatures to bypass authentication\nchecks. (CVE-2013-0263)\n\nA flaw in rubygem-json allowed remote attacks by creating different types\nof malicious objects. For example, it could initiate a denial of service\n(DoS) attack through resource consumption by using a JSON document to\ncreate arbitrary Ruby symbols, which were never garbage collected. It\ncould also be exploited to create internal objects which could allow a SQL\ninjection attack. (CVE-2013-0269)\n\nA flaw in ActiveRecord in Ruby on Rails allowed remote attackers to\ncircumvent attribute protections and to insert their own crafted requests\nto change protected attribute values. (CVE-2013-0276)\n\nHTML markup was not properly escaped when filling in the username field in\nthe Notifications form of the Subscription Asset Manager UI. This meant\nthat HTML code used in the value was then applied in the UI page when the\nentry was viewed. This could have allowed malicious HTML code to be\nentered. The field value is now validated and any HTML tags are escaped.\n(CVE-2013-1823)\n\nThese updated packages also include bug fixes and enhancements:\n\n* Previously, no SELinux policy for the subscription service was included\nwith the Subscription Asset Manager packages. The candlepin-selinux package\nis now included with SELinux policies for the subscription server. \n(BZ#906901)\n\n* When attempting to use the subscription service's CA certificate to\nvalidate a manifest during import, the comparison failed. The upstream\nsubscription service which generated the manifest is a different service\nthan the local subscription service; thus, they have different CA\ncertificates. This caused importing a manifest to fail with the error\n'archive failed signature'. This has been fixed so that the proper\ncertificate is used for verification. (BZ#918778)\n\nAll users of Subscription Asset Manager are recommended to update to the\nlatest packages.\n", "cvss3": {}, "published": "2013-03-26T00:00:00", "type": "redhat", "title": "(RHSA-2013:0686) Moderate: Subscription Asset Manager 1.2.1 update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-6116", "CVE-2012-6119", "CVE-2013-0256", "CVE-2013-0263", "CVE-2013-0269", "CVE-2013-0276", "CVE-2013-1823"], "modified": "2018-06-07T05:01:03", "id": "RHSA-2013:0686", "href": "https://access.redhat.com/errata/RHSA-2013:0686", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-19T20:40:45", "description": "OpenShift Enterprise is a cloud computing Platform-as-a-Service (PaaS)\nsolution from Red Hat, and is designed for on-premise or private cloud\ndeployments.\n\nInstalling the updated packages and restarting the OpenShift services are\nthe only requirements for this update. However, if you are updating your\nsystem to Red Hat Enterprise Linux 6.4 while applying OpenShift Enterprise\n1.1.1 updates, it is recommended that you restart your system.\n\nFor further information about this release, refer to the OpenShift\nEnterprise 1.1.1 Technical Notes, available shortly from\nhttps://access.redhat.com/knowledge/docs/\n\nThis update also fixes the following security issues:\n\nMultiple cross-site scripting (XSS) flaws were found in rubygem-actionpack.\nA remote attacker could use these flaws to conduct XSS attacks against\nusers of an application using rubygem-actionpack. (CVE-2012-3463,\nCVE-2012-3464, CVE-2012-3465)\n\nIt was found that certain methods did not sanitize file names before\npassing them to lower layer routines in Ruby. If a Ruby application created\nfiles with names based on untrusted input, it could result in the creation\nof files with different names than expected. (CVE-2012-4522)\n\nA denial of service flaw was found in the implementation of associative\narrays (hashes) in Ruby. An attacker able to supply a large number of\ninputs to a Ruby application (such as HTTP POST request parameters sent to\na web application) that are used as keys when inserting data into an array\ncould trigger multiple hash function collisions, making array operations\ntake an excessive amount of CPU time. To mitigate this issue, a new, more\ncollision resistant algorithm has been used to reduce the chance of an\nattacker successfully causing intentional collisions. (CVE-2012-5371)\n\nInput validation vulnerabilities were discovered in rubygem-activerecord.\nA remote attacker could possibly use these flaws to perform an SQL\ninjection attack against an application using rubygem-activerecord.\n(CVE-2012-2661, CVE-2012-2695, CVE-2013-0155)\n\nInput validation vulnerabilities were discovered in rubygem-actionpack. A\nremote attacker could possibly use these flaws to perform an SQL injection\nattack against an application using rubygem-actionpack and\nrubygem-activerecord. (CVE-2012-2660, CVE-2012-2694)\n\nA flaw was found in the HTTP digest authentication implementation in\nrubygem-actionpack. A remote attacker could use this flaw to cause a\ndenial of service of an application using rubygem-actionpack and digest\nauthentication. (CVE-2012-3424)\n\nA flaw was found in the handling of strings in Ruby safe level 4. A remote\nattacker can use Exception#to_s to destructively modify an untainted string\nso that it is tainted, the string can then be arbitrarily modified.\n(CVE-2012-4466)\n\nA flaw was found in the method for translating an exception message into a\nstring in the Ruby Exception class. A remote attacker could use this flaw\nto bypass safe level 4 restrictions, allowing untrusted (tainted) code to\nmodify arbitrary, trusted (untainted) strings, which safe level 4\nrestrictions would otherwise prevent. (CVE-2012-4464)\n\nIt was found that ruby_parser from rubygem-ruby_parser created a temporary\nfile in an insecure way. A local attacker could use this flaw to perform a\nsymbolic link attack, overwriting arbitrary files accessible to the\napplication using ruby_parser. (CVE-2013-0162)\n\nThe CVE-2013-0162 issue was discovered by Michael Scherer of the Red Hat\nRegional IT team.\n\nUsers are advised to upgrade to Red Hat OpenShift Enterprise 1.1.1.\n", "cvss3": {}, "published": "2013-02-28T00:00:00", "type": "redhat", "title": "(RHSA-2013:0582) Moderate: Red Hat OpenShift Enterprise 1.1.1 update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-2660", "CVE-2012-2661", "CVE-2012-2694", "CVE-2012-2695", "CVE-2012-3424", "CVE-2012-3463", "CVE-2012-3464", "CVE-2012-3465", "CVE-2012-4464", "CVE-2012-4466", "CVE-2012-4522", "CVE-2012-5371", "CVE-2013-0155", "CVE-2013-0162", "CVE-2013-0276"], "modified": "2018-06-09T10:17:10", "id": "RHSA-2013:0582", "href": "https://access.redhat.com/errata/RHSA-2013:0582", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "gentoo": [{"lastseen": "2022-01-17T19:07:19", "description": "### Background\n\nRuby on Rails is a web-application and persistence framework.\n\n### Description\n\nMultiple vulnerabilities have been discovered in Ruby on Rails. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA remote attacker could execute arbitrary code or cause a Denial of Service condition. Furthermore, a remote attacker may be able to execute arbitrary SQL commands, change parameter names for form inputs and make changes to arbitrary records in the system, bypass intended access restrictions, render arbitrary views, inject arbitrary web script or HTML, or conduct cross-site request forgery (CSRF) attacks. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Ruby on Rails 2.x users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-ruby/rails-2.3.18\"\n \n\nNOTE: All applications using Ruby on Rails should also be configured to use the latest version available by running \u201crake rails:update\u201d inside the application directory. \n\nNOTE: This is a legacy GLSA and stable updates for Ruby on Rails, including the unaffected version listed above, are no longer available from Gentoo. It may be possible to upgrade to the 3.2, 4.0, or 4.1 branches, however these packages are not currently stable.", "cvss3": {}, "published": "2014-12-14T00:00:00", "type": "gentoo", "title": "Ruby on Rails: Multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3933", "CVE-2011-0446", "CVE-2011-0447", "CVE-2011-0448", "CVE-2011-0449", "CVE-2011-2929", "CVE-2011-2930", "CVE-2011-2931", "CVE-2011-2932", "CVE-2011-3186", "CVE-2013-0155", "CVE-2013-0156", "CVE-2013-0276", "CVE-2013-0277", "CVE-2013-0333", "CVE-2013-1854", "CVE-2013-1855", "CVE-2013-1856", "CVE-2013-1857"], "modified": "2014-12-14T00:00:00", "id": "GLSA-201412-28", "href": "https://security.gentoo.org/glsa/201412-28", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}]}
