Sha256: c89209f5a699d521ec7a222fc9375d2c44b42e09b0c8785197218d964f292a0f

Contents?: true

Size: 408 Bytes

Versions: 6

Compression:

Stored size: 408 Bytes

Contents

---
gem: gnms
osvdb: 108594
url: http://osvdb.org/show/osvdb/108594
title: gnms Gem for Ruby /lib/cmd_parse.rb ip Variable Shell Metacharacter Handling Remote Command Injection
date: 2014-06-30
description: gnms Gem for Ruby contains a flaw in /lib/cmd_parse.rb that is triggered when handling shell metacharacters passed via the 'ip' variable. This may allow a remote attacker to inject arbitrary commands.

Version data entries

6 entries across 6 versions & 2 rubygems

Version Path
bundler-audit-0.7.0.1 data/ruby-advisory-db/gems/gnms/OSVDB-108594.yml
bundler-budit-0.6.2 data/ruby-advisory-db/gems/gnms/OSVDB-108594.yml
bundler-budit-0.6.1 data/ruby-advisory-db/gems/gnms/OSVDB-108594.yml
bundler-audit-0.6.1 data/ruby-advisory-db/gems/gnms/OSVDB-108594.yml
bundler-audit-0.6.0 data/ruby-advisory-db/gems/gnms/OSVDB-108594.yml
bundler-audit-0.5.0 data/ruby-advisory-db/gems/gnms/OSVDB-108594.yml