ID de Prueba:	1.3.6.1.4.1.25623.1.1.12.2025.7366.1
Categoría:	Ubuntu Local Security Checks
Título:	Ubuntu: Security Advisory (USN-7366-1)
Resumen:	The remote host is missing an update for the 'ruby-rack' package(s) announced via the USN-7366-1 advisory.
Descripción:	Summary: The remote host is missing an update for the 'ruby-rack' package(s) announced via the USN-7366-1 advisory. Vulnerability Insight: Nhat Thai Do discovered that Rack incorrectly handled certain usernames. A remote attacker could possibly use this issue to perform CRLF injection. (CVE-2025-25184) Pham Quang Minh discovered that Rack incorrectly handled certain headers. A remote attacker could possibly use this issue to perform log injection. (CVE-2025-27111) Pham Quang Minh discovered that Rack did not properly handle relative file paths. A remote attacker could potentially exploit this to include local files that should have been inaccessible. (CVE-2025-27610) Affected Software/OS: 'ruby-rack' package(s) on Ubuntu 14.04, Ubuntu 16.04, Ubuntu 18.04, Ubuntu 20.04, Ubuntu 22.04, Ubuntu 24.04, Ubuntu 24.10. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2025-25184 Common Vulnerability Exposure (CVE) ID: CVE-2025-27111 Common Vulnerability Exposure (CVE) ID: CVE-2025-27610
Copyright	Copyright (C) 2025 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.