Gentoo Local Security Checks : Gentoo Security Advisory GLSA 200711-17 (rails)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.59237

Categoría: Gentoo Local Security Checks

Título: Gentoo Security Advisory GLSA 200711-17 (rails)

Resumen: The remote host is missing updates announced in;advisory GLSA 200711-17.

Descripción: Summary:
The remote host is missing updates announced in
advisory GLSA 200711-17.

Vulnerability Insight:
Several vulnerabilities were found in Ruby on Rails allowing for file
disclosure and theft of user credentials.

Solution:
All Ruby on Rails users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose '>=dev-ruby/rails-1.2.5'

CVSS Score:
6.8

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2007-3227
BugTraq ID: 24161
http://www.securityfocus.com/bid/24161
http://security.gentoo.org/glsa/glsa-200711-17.xml
http://osvdb.org/36378
http://secunia.com/advisories/25699
http://secunia.com/advisories/27657
http://secunia.com/advisories/27756
SuSE Security Announcement: SUSE-SR:2007:024 (Google Search)
http://www.novell.com/linux/security/advisories/2007_24_sr.html
http://www.vupen.com/english/advisories/2007/2216
Common Vulnerability Exposure (CVE) ID: CVE-2007-5379
http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html
BugTraq ID: 26096
http://www.securityfocus.com/bid/26096
Cert/CC Advisory: TA07-352A
http://www.us-cert.gov/cas/techalerts/TA07-352A.html
http://osvdb.org/40717
http://secunia.com/advisories/28136
http://www.vupen.com/english/advisories/2007/3508
http://www.vupen.com/english/advisories/2007/4238
Common Vulnerability Exposure (CVE) ID: CVE-2007-5380
http://secunia.com/advisories/27965
SuSE Security Announcement: SUSE-SR:2007:025 (Google Search)
http://www.novell.com/linux/security/advisories/2007_25_sr.html

Copyright Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.59237
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 200711-17 (rails)
Resumen:	The remote host is missing updates announced in;advisory GLSA 200711-17.
Descripción:	Summary: The remote host is missing updates announced in advisory GLSA 200711-17. Vulnerability Insight: Several vulnerabilities were found in Ruby on Rails allowing for file disclosure and theft of user credentials. Solution: All Ruby on Rails users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=dev-ruby/rails-1.2.5' CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2007-3227 BugTraq ID: 24161 http://www.securityfocus.com/bid/24161 http://security.gentoo.org/glsa/glsa-200711-17.xml http://osvdb.org/36378 http://secunia.com/advisories/25699 http://secunia.com/advisories/27657 http://secunia.com/advisories/27756 SuSE Security Announcement: SUSE-SR:2007:024 (Google Search) http://www.novell.com/linux/security/advisories/2007_24_sr.html http://www.vupen.com/english/advisories/2007/2216 Common Vulnerability Exposure (CVE) ID: CVE-2007-5379 http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html BugTraq ID: 26096 http://www.securityfocus.com/bid/26096 Cert/CC Advisory: TA07-352A http://www.us-cert.gov/cas/techalerts/TA07-352A.html http://osvdb.org/40717 http://secunia.com/advisories/28136 http://www.vupen.com/english/advisories/2007/3508 http://www.vupen.com/english/advisories/2007/4238 Common Vulnerability Exposure (CVE) ID: CVE-2007-5380 http://secunia.com/advisories/27965 SuSE Security Announcement: SUSE-SR:2007:025 (Google Search) http://www.novell.com/linux/security/advisories/2007_25_sr.html
Copyright	Copyright (C) 2008 E-Soft Inc.