Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | |||
Test Kennung: | 1.3.6.1.4.1.25623.1.0.51176 |
Kategorie: | Red Hat Local Security Checks |
Titel: | RedHat Security Advisory RHSA-2004:441 |
Zusammenfassung: | NOSUMMARY |
Beschreibung: | Description: The remote host is missing updates announced in advisory RHSA-2004:441. Ruby is an interpreted scripting language for object-oriented programming. Andres Salomon reported an insecure file permissions flaw in the CGI session management of Ruby. FileStore created world readable files that could allow a malicious local user the ability to read CGI session data. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-0755 to this issue. Users are advised to upgrade to this erratum package, which contains a backported patch to CGI::Session FileStore. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2004-441.html Risk factor : Medium CVSS Score: 2.1 |
Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2004-0755 Debian Security Information: DSA-537 (Google Search) http://www.debian.org/security/2004/dsa-537 http://www.gentoo.org/security/en/glsa/glsa-200409-08.xml http://www.mandriva.com/security/advisories?name=MDKSA-2004:128 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11128 http://secunia.com/advisories/12290/ XForce ISS Database: ruby-filestore-pstore-insecure-permission(16996) https://exchange.xforce.ibmcloud.com/vulnerabilities/16996 |
Copyright | Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com |
Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |