Sha256: c1f4c2d48549ed683c01e4158d7e27cf2497b3973c7f8ae383c77a2dbafd8771

Contents?: true

Size: 1.08 KB

Versions: 19

Compression:

Stored size: 1.08 KB

Contents

	module Dawn
		module Kb
			# Automatically created with rake on 2014-01-07
			class CVE_2006_6852
				include DependencyCheck

				def initialize
          message = "Eval injection vulnerability in tDiary 2.0.3 and 2.1.4.20061127 allows remote authenticated users to execute arbitrary Ruby code via unspecified vectors, possibly related to incorrect input validation by (1) conf.rhtml and (2) i.conf.rhtml. NOTE: some of these details are obtained from third party information."
          super({
            :name=>"CVE-2006-6852",
            :cvss=>"AV:N/AC:M/Au:S/C:P/I:P/A:P",
            :release_date => Date.new(2006, 12, 31),
            :cwe=>"",
            :owasp=>"A9", 
            :applies=>["rails", "sinatra", "padrino"],
            :kind=>Dawn::KnowledgeBase::DEPENDENCY_CHECK,
            :message=>message,
            :mitigation=>"Please upgrade tdiary version to the latest version.",
            :aux_links=>["http://www.tdiary.org/20061210.html"]
          })

          self.safe_dependencies = [{:name=>"tdiary", :version=>['2.0.4', '2.1.5']}]

				end
			end
		end
	end

Version data entries

19 entries across 19 versions & 1 rubygems

Version Path
dawnscanner-1.6.9 lib/dawn/kb/cve_2006_6852.rb
dawnscanner-1.6.8 lib/dawn/kb/cve_2006_6852.rb
dawnscanner-1.6.7 lib/dawn/kb/cve_2006_6852.rb
dawnscanner-1.6.6 lib/dawn/kb/cve_2006_6852.rb
dawnscanner-1.6.5 lib/dawn/kb/cve_2006_6852.rb
dawnscanner-1.6.4 lib/dawn/kb/cve_2006_6852.rb
dawnscanner-1.6.3 lib/dawn/kb/cve_2006_6852.rb
dawnscanner-1.6.2 lib/dawn/kb/cve_2006_6852.rb
dawnscanner-1.6.1 lib/dawn/kb/cve_2006_6852.rb
dawnscanner-1.6.0 lib/dawn/kb/cve_2006_6852.rb
dawnscanner-1.5.2 lib/dawn/kb/cve_2006_6852.rb
dawnscanner-1.5.1 lib/dawn/kb/cve_2006_6852.rb
dawnscanner-1.5.0 lib/dawn/kb/cve_2006_6852.rb
dawnscanner-1.4.2 lib/dawn/kb/cve_2006_6852.rb
dawnscanner-1.4.1 lib/dawn/kb/cve_2006_6852.rb
dawnscanner-1.4.0 lib/dawn/kb/cve_2006_6852.rb
dawnscanner-1.3.5 lib/dawn/kb/cve_2006_6852.rb
dawnscanner-1.3.1 lib/dawn/kb/cve_2006_6852.rb
dawnscanner-1.3.0 lib/dawn/kb/cve_2006_6852.rb