Test Kennung:	1.3.6.1.4.1.25623.1.0.52407
Kategorie:	FreeBSD Local Security Checks
Titel:	FreeBSD Ports: ruby
Zusammenfassung:	The remote host is missing an update to the system; as announced in the referenced advisory.
Beschreibung:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following package is affected: ruby CVE-2004-0755 The FileStore capability in CGI::Session for Ruby before 1.8.1, and possibly PStore, creates files with insecure permissions, which can allow local users to steal session information and hijack sessions. Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 2.1 CVSS Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2004-0755 Debian Security Information: DSA-537 (Google Search) http://www.debian.org/security/2004/dsa-537 http://www.gentoo.org/security/en/glsa/glsa-200409-08.xml http://www.mandriva.com/security/advisories?name=MDKSA-2004:128 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11128 http://secunia.com/advisories/12290/ XForce ISS Database: ruby-filestore-pstore-insecure-permission(16996) https://exchange.xforce.ibmcloud.com/vulnerabilities/16996
Copyright	Copyright (C) 2008 E-Soft Inc.

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.