Test Kennung:	1.3.6.1.4.1.25623.1.0.807384
Kategorie:	Denial of Service
Titel:	Ruby on Rails Active Support Denial of Service Vulnerability - Linux
Zusammenfassung:	Ruby on Rails is prone to a denial of service (DoS) vulnerability.
Beschreibung:	Summary: Ruby on Rails is prone to a denial of service (DoS) vulnerability. Vulnerability Insight: The flaw is due to Specially crafted XML documents can cause applications to raise a SystemStackError and potentially cause a denial of service attack. Vulnerability Impact: Successful exploitation will allow a remote attacker to cause denial of service attack. Affected Software/OS: Ruby on Rails before 4.1.11 and Ruby on Rails 4.2.x before 4.2.2 on Linux. Solution: Upgrade to Ruby on Rails 4.1.11, 4.2.2 or later. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2015-3227 BugTraq ID: 75234 http://www.securityfocus.com/bid/75234 Debian Security Information: DSA-3464 (Google Search) http://www.debian.org/security/2016/dsa-3464 http://openwall.com/lists/oss-security/2015/06/16/16 https://groups.google.com/forum/message/raw?msg=rubyonrails-security/bahr2JLnxvk/x4EocXnHPp8J http://www.securitytracker.com/id/1033755 SuSE Security Announcement: openSUSE-SU-2015:1279 (Google Search) http://lists.opensuse.org/opensuse-updates/2015-07/msg00050.html
Copyright	Copyright (C) 2016 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.