Sårbarhed Detalje Syn
Legend :
critical
high
medium
low
other
| id | 43091 |
|---|
| Risiko | other |
|---|
| Familie | Fedora Local Security Checks |
|---|
| Kategori | infos |
|---|
| Navn | Fedora 10 2009-12966: rubygem-actionpack |
|---|
| Sammenfatning | Check for the version of the rubygem-actionpack package |
|---|
| Beskrivelse | Synopsis :
The remote host is missing the patch for the advisory FEDORA-2009-12966 (rubygem-actionpack)
Description :
Eases web-request routing, handling, and response as a half-way front,
half-way page controller. Implemented with specific emphasis on enabling easy
unit/integration testing that doesn't require a browser.
-
Update Information:
Two security issues are found on activepack shipped on Fedora 10. One bug is
that there is a weakness in the strip_tags function in ruby on rails (bug
542786, CVE-2009-4214). Another one is a possibility to circumvent protection
against cross-site request forgery (CSRF) attacks (bug 544329). This new rpm
will fix these issues.
Solution :
Get the newest Fedora Updates
Risk factor :
Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N)
|
|---|
| CVE |
CVE-2008-5189,CVE-2009-3009,CVE-2009-4214 |
| Bugtraq |
NOBID |
| Copyright |
(C) 2009 Tenable Network Security, Inc. |
|
|