what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 4 of 4 RSS Feed


Status Candidate


CVE-2013-0162 rubygem-ruby_parser: incorrect temporary file usage

Related Files

Red Hat Security Advisory 2013-0582-01
Posted Feb 28, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0582-01 - OpenShift Enterprise is a cloud computing Platform-as-a-Service solution from Red Hat, and is designed for on-premise or private cloud deployments. Installing the updated packages and restarting the OpenShift services are the only requirements for this update. However, if you are updating your system to Red Hat Enterprise Linux 6.4 while applying OpenShift Enterprise 1.1.1 updates, it is recommended that you restart your system.

tags | advisory
systems | linux, redhat
advisories | CVE-2012-2660, CVE-2012-2661, CVE-2012-2694, CVE-2012-2695, CVE-2012-3424, CVE-2012-3463, CVE-2012-3464, CVE-2012-3465, CVE-2012-4464, CVE-2012-4466, CVE-2012-4522, CVE-2012-5371, CVE-2013-0155, CVE-2013-0162
SHA-256 | e0e1bc67708c3a5e17e015a956f1679d743300e35ddbcad23b6ada0623037f7a
Ruby Parser 2.0.4 Insecure File Creation
Posted Feb 22, 2013
Authored by Michael Scherer

Ruby Parser version 2.0.4 insecurely creates files in /tmp that can allow for a denial of service condition.

tags | advisory, denial of service, ruby
advisories | CVE-2013-0162
SHA-256 | 094657d654b5045e05adb6d836d052776e6708bb9e26629a4ff9504e67047580
Red Hat Security Advisory 2013-0544-01
Posted Feb 21, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0544-01 - Red Hat Subscription Asset Manager acts as a proxy for handling subscription information and software updates on client machines. It was discovered that Katello did not properly check user permissions when handling certain requests. An authenticated remote attacker could use this flaw to download consumer certificates or change settings of other users' systems if they knew the target system's UUID. A vulnerability in rubygem-ldap_fluff allowed a remote attacker to bypass authentication and log into Subscription Asset Manager when a Microsoft Active Directory server was used as the back-end authentication server.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2012-5561, CVE-2012-5603, CVE-2012-5604, CVE-2012-6109, CVE-2012-6496, CVE-2013-0162, CVE-2013-0183, CVE-2013-0184
SHA-256 | 40ed8cc02a824cba926dc987492cb7cfa65beb82b844986c7ceface61e3927c2
Red Hat Security Advisory 2013-0548-01
Posted Feb 21, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0548-01 - Red Hat CloudForms is an on-premise hybrid cloud Infrastructure-as-a-Service product that lets you create and manage private and public clouds. It provides self-service computing resources to users in a managed, governed, and secure way. Three flaws were found in rubygem-rack. A remote attacker could use these flaws to perform a denial of service attack against applications using rubygem-rack. It was found that documentation created by rubygem-rdoc was vulnerable to a cross-site scripting attack. If such documentation was accessible over a network, and a remote attacker could trick a user into visiting a specially-crafted URL, it would lead to arbitrary web script execution in the context of the user's session. As rubygem-rdoc is used for creating documentation for Ruby source files, it is not a common scenario to make such documentation accessible over the network.

tags | advisory, remote, web, denial of service, arbitrary, xss, ruby
systems | linux, redhat
advisories | CVE-2012-6109, CVE-2013-0162, CVE-2013-0183, CVE-2013-0184, CVE-2013-0256
SHA-256 | 7eeecf4bd61add69a8fdb62e0fc678b6962eaa82560b226a399c33ad350a2198
Page 1 of 1

File Archive:

February 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    11 Files
  • 2
    Feb 2nd
    9 Files
  • 3
    Feb 3rd
    5 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    0 Files
  • 6
    Feb 6th
    9 Files
  • 7
    Feb 7th
    33 Files
  • 8
    Feb 8th
    34 Files
  • 9
    Feb 9th
    0 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    0 Files
  • 13
    Feb 13th
    0 Files
  • 14
    Feb 14th
    0 Files
  • 15
    Feb 15th
    0 Files
  • 16
    Feb 16th
    0 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    0 Files
  • 20
    Feb 20th
    0 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By